Damp-e Privacy Policy
About our privacy policy
Damp-e cares deeply about your privacy. We only process data that we need for (improving) our services and handle the information we have collected about you and your use of our services with care. We never make your data available for commercial purposes to third parties.
This privacy policy applies to the use of the website and the services provided by Damp-e. The starting date for the validity of these terms is 12/10/2023, publishing a new version invalidates all previous versions. This privacy policy describes what information about you is collected by us, what this data is used for, and with whom and under what conditions this data may be shared with third parties. We also explain to you how we store your data, how we protect your data against misuse, and what rights you have regarding the personal data you provide us.
If you have any questions about our privacy policy, please contact our privacy contact person. You will find the contact details at the end of our privacy policy.
About data processing
Below you can read how we process your data, where we save it (or have it saved), which security techniques we use, and who the data is transparent to.
Webshop software
Magento
Our webshop was developed using Magento software. Personal data that you make available to us for our services is shared with this party. Magento has access to your data to offer us (technical) support; they will never use your data for any other purpose. Based on the agreement we have with them, Magento is obliged to take appropriate security measures. These security measures consist of the application of SSL encryption, a strong password policy, and secure data storage. Magento reserves the right to share collected data within its own group and affiliated partners to further improve its services. Magento takes into account the applicable legal retention periods for (personal) data.
Magento hosting
Our webshop was developed using Magento software; we have chosen Vimexx for our web hosting. Personal data that you make available to us for our services is shared with this party. Vimexx has access to your data to offer us (technical) support; they will never use your data for any other purpose. Based on the agreement we have with them, Vimexx is obliged to take appropriate security measures. These security measures consist of the application of SSL encryption and a strong password policy. Regular backups are made to prevent data loss.
Web hosting
Vimexx
We purchase web hosting and email services from Vimexx. Vimexx processes personal data on our behalf and does not use your data for its own purposes. However, this party can collect metadata about the use of the services. These are not personal data. Vimexx has taken appropriate technical and organizational measures to prevent loss and unauthorized use of your personal data. Vimexx is obliged to maintain confidentiality based on the agreement.
MailChimp
We send our email newsletters with MailChimp. MailChimp will never use your name and email address for its own purposes. At the bottom of every email sent automatically through our website, you will see the 'unsubscribe' link. You will no longer receive our newsletter. MailChimp stores your personal data securely. MailChimp uses cookies and other internet technologies that make it clear whether emails are opened and read. MailChimp reserves the right to use your data to further improve the service and, in that context, share information with third parties.
Vimexx
We use the services of Vimexx for our regular business email traffic. This party has taken appropriate technical and organizational measures to prevent misuse, loss, and corruption of your and our data as much as possible. Vimexx does not have access to our mailbox, and we treat all our email traffic confidentially.
Payment Service Providers
For processing payments in our webshop, we collaborate with various payment service providers. Depending on the chosen payment method, we share your name, address, residence details, and payment details such as your bank account or credit card number with the respective payment service provider. These details are used exclusively for the execution of the agreement. If necessary for the service, the payment service provider can share this data with third parties. Below you will find an overview of our payment service providers and their privacy guarantees:
- Pay.nl: We share your data with Pay.nl for processing your payments. Pay.nl takes appropriate measures to protect your data and may share this data with third parties to improve their services.
- Mollie: For payments via Mollie, your data is shared. Mollie protects your data and may share it with third parties to improve their services.
- Klarna: For payments via Klarna, your data and, if applicable, financial data is shared. Klarna takes measures to protect your data and may share it with credit rating agencies and other third parties.
- MultiSafepay: For payments via MultiSafepay, your data is shared. MultiSafepay ensures the protection of your data and may share it with third parties to improve their services.
- PayPal: For payments via PayPal, your data is shared. PayPal ensures the protection of your data and may, if necessary, share it with third parties to improve their services.
- Curo Payments: For payments via Curo Payments, your data is shared. Curo Payments takes appropriate measures to protect your data and may, if necessary, share it with third parties to improve their services.
We guarantee that all our payment service providers handle your data confidentially and use it exclusively for the execution of the agreement. The data is not stored longer than legally allowed.
Reviews
WebwinkelKeur
We collect reviews through the WebwinkelKeur platform. When you leave a review via WebwinkelKeur, you are required to provide a name and email address. WebwinkelKeur shares this information with us so that we can link the review to your order. In some cases, WebwinkelKeur may contact you to provide an explanation of your review. When we invite you to leave a review, we share your name and email address with WebwinkelKeur. They only use this data for the purpose of inviting you to leave a review. WebwinkelKeur has taken appropriate technical and organizational measures to protect your personal data. WebwinkelKeur reserves the right to engage third parties for the provision of services, for which we have given permission to WebwinkelKeur. All the above-mentioned safeguards regarding the protection of your personal data also apply to the parts of the service for which WebwinkelKeur engages third parties.
Shipping and Logistics
When you place an order with us, we take responsibility for delivering your package to you. For the execution of deliveries, we collaborate with various carriers. Depending on the chosen carrier, we share your name, address, and residence details to make the delivery possible. This data is used exclusively for the execution of the agreement. If the respective carrier decides to engage subcontractors, your data will also be shared with these parties.
Carriers we collaborate with:
- PostNL: We share your data with PostNL for the delivery of your order.
- DHL: For deliveries via DHL, your data is also shared.
- GLS: When choosing GLS as a carrier, your data is shared with them.
- UPS: For deliveries carried out via UPS, we share your data with them.
- DPD: For deliveries via DPD, your data is also shared to facilitate the delivery.
We ensure that all our carriers handle your data confidentially and use it exclusively for the execution of the agreement.
Invoicing and Accounting
Brickx
For our administration and accounting, we use the services of Brickx. We share your name, address, and residence details, as well as details regarding your order. This data is used for the administration of sales invoices. Your personal data is sent and stored securely. Brickx is bound by confidentiality and will treat your data confidentially. Brickx does not use your personal data for purposes other than those described above.
Purpose of Data Processing
General Purpose of Processing
We only use your data for the purpose of our services. This means that the purpose of the processing is always directly related to the assignment you provide. We do not use your data for (targeted) marketing. If you share data with us and we use this data to contact you at a later time - other than at your request - we will ask for explicit consent. Your data is not shared with third parties, other than to meet accounting and other administrative obligations. These third parties are all bound by confidentiality based on the agreement between them and us or an oath or legal obligation.
Automatically Collected Data
Data that is automatically collected by our website is processed with the aim of further improving our services. This data (e.g., your IP address, web browser, and operating system) is not personal data.
Cooperation in Fiscal and Criminal Investigations
In certain cases, Damp-e may be legally obliged to share your data in connection with fiscal or criminal investigations by the government. In such a case, we are forced to share your data, but we will resist this to the extent that the law allows us.
Retention Periods
We keep your data as long as you are our client. This means that we keep your customer profile until you indicate that you no longer wish to use our services. If you inform us of this, we will also interpret this as a forget request. This also means that we will not keep your data for longer than two years from the last point of contact or transaction, unless there is a legal justification for doing so. Based on applicable administrative obligations, we need to keep invoices with your (personal) data, so we will keep this data for as long as the applicable term runs. However, employees no longer have access to your client profile and documents that we have produced based on your assignment.
Your Rights
Based on the applicable Dutch and European legislation, you, as the data subject, have certain rights regarding the personal data processed by or on our behalf. We explain below what these rights are and how you can invoke these rights. In principle, to prevent abuse, we send copies and copies of your data only to your already known email address. If you wish to receive the data at another email address or, for example, by post, we will ask you to identify yourself. We keep a record of completed requests; in the case of a forget request, we administer anonymized data. You will receive all copies and copies of data in the machine-readable data format that we use within our systems. You always have the right to file a complaint with the Dutch Data Protection Authority if you suspect that we are using your personal data in the wrong way.
Right of Access
You always have the right to inspect the data that we (have) process and that relate to your person or can be traced back to it. You can make a request to that effect to our contact person for privacy matters. You will receive a response to your request within 30 days. If your request is granted, we will send you a copy of all data with an overview of the processors who have this data, stating the category under which we have stored this data.
Right of Rectification
You always have the right to have the data that we (have) process and that relate to your person or can be traced back to it adjusted. You can make a request to that effect to our contact person for privacy matters. You will receive a response to your request within 30 days. If your request is granted, we will send you a confirmation at the email address known to us that the data has been adjusted.
Right to Restrict Processing
You always have the right to restrict the data that we (have) process that relate to your person or can be traced back to it. You can make a request to that effect to our contact person for privacy matters. You will receive a response to your request within 30 days. If your request is granted, we will send you a confirmation at the email address known to us that the data will no longer be processed until you lift the restriction.
Right to Data Portability
You always have the right to have the data that we (have) process and that relate to your person or can be traced back to it, executed by another party. You can make a request to that effect to our contact person for privacy matters. You will receive a response to your request within 30 days. If your request is granted, we will send you copies or copies of all data about you that we have processed or that have been processed on our behalf by other processors or third parties at the email address known to us. In all likelihood, we can no longer continue the service in such a case because the secure linking of data files can no longer be guaranteed.
Right to Object and Other Rights
In certain cases, you have the right to object to the processing of your personal data by or on behalf of Damp-e. If you object, we will immediately stop the data processing pending the settlement of your objection. If your objection is justified, we will provide you with copies and/or copies of data that we (have) process and then permanently stop processing. You also have the right not to be subjected to automated individual decision-making or profiling. We do not process your data in such a way that this right applies. If you believe that this is the case, please contact our contact person for privacy matters.
Changes to the Privacy Policy
We reserve the right to change our privacy policy at any time. However, you will always find the most recent version on this page. If the new privacy policy affects the way we process already collected data related to you, we will notify you by email.