Unifortes B.V. (‘[Unifortes]’, ‘we’ or ‘us’) attaches a great deal of importance to the privacy of users (‘User’, ‘you’ or ‘your’) who visit [https://unifortes.com/] and [https://foam-dispenser.com] (‘the Websites’). We have prepared this Privacy Statement to inform you about how we use your personal data. Personal data is any information that we can use to directly or indirectly identify you. We believe that it is important that you understand how we treat your personal data and that you are aware of your rights.
We may amend this Privacy Statement. Amendment notifications will be placed on this Website page. This Privacy Statement was last updated on [04-05-2020].
We are the controller of your personal data under the General Data Protection Regulation (‘GDPR’) for the use of your personal data described in this Privacy Statement. We are based in [Strijen]. Our office address and postal address is [Handelstraat 2, 3291 CB]. You can also contact us by e-mail at [email@example.com].
Your personal data that we collect and process specifically depends on your use of the Website and the way in which you contact us. Unifortes collects the following personal data:
(a) Information about your visits to and use of the Website, as explained in the ‘Usage Data & Cookie Statement’ section;
(b) Your e-mail address and other necessary contact details for sending Unifortes newsletters, as explained in the ‘Newsletters’ section;
(c) Your e-mail address and/or other essential contact details that you give us when you contact us and which allow us to communicate with you, as explained in the ‘Contact Details’ section.
Re a) Usage Data & Cookie Statement
Unifortes collects information about how the Website is accessed and used (‘Usage Data’) using cookies and/or similar technologies. This Usage Data contains information such as your computer’s anonymised IP address, which page you used to link to the Website, when and for how long you visit the Website, which pages you visit on the Website, unique identification numbers such as your unique visitor ID and other diagnostic data.
Re b) Newsletters
We collect and process your e-mail address and other essential contact details when you subscribe to our newsletter. These contact details are used to send you newsletters based on your consent (Article 6(1)(a) of the GDPR). You can unsubscribe from these newsletters at any time via the link at the bottom of the newsletters.
Re c) Contact Details
When you contact us, we collect and process your e-mail address and/or other essential contact details (name, telephone number, employer and job at the employer) that you give us. These contact details are used based on our legitimate interest to respond to your question or request (Article 6(1)(f) GDPR).
Apart from the purposes laid down in this Privacy Statement, and only to the extent that it is explicitly permitted by law or if such an obligation is legally imposed on the [Unifortes] we may use your personal data for other purposes under the conditions laid down in the GDPR and relevant legislation. In any event, the [Unifortes] will observe the transparency principle and the other principles for the lawful processing of your personal data.
No automated decision-making
[Unifortes] does not take automated decisions about Users. These are decisions made by computer programs or systems, without any human involvement (from a [Unifortes] member of staff, for instance).
It is not the intention that our website and/or service collects data about website visitors who are younger than 16 years, unless they have the consent of a parent or guardian. However, it is not possible for us to check whether a visitor is older than 16. We therefore advise parents to monitor their children’s online activities, so as to prevent their personal data being collected without parental consent. If you are convinced that we have collected personal information about a minor without this consent, please contact us and we will delete this information.
Your personal data is shared with departments and other companies within the [Unifortes] to the extent that this is necessary for internal administrative purposes within the company and to better serve the other purposes laid down in this Privacy Statement.
We also share your personal data with the following organisations insofar as these organisations require this data to be able to provide their services:
(a) hosting companies (TransIP, Antagonist);
(b) direct marketing service providers (Mailchimp, Direct Mail);
(c) website analysis service providers (Google);
(d) law enforcement agencies if we are required by law to do so.
If our company is the subject of a sale, merger or other transaction, we may also share your personal data with the organisation that acquires it.
We do not keep your personal data for longer than is necessary for the purposes for which we process it. The retention period may vary according to the purposes:
- a) Usage Data in Google Analytics is stored for [26 months];
- b) Information on your newsletter subscription is kept until you inform us that you no longer wish to receive the newsletter that you have subscribed to or – if we decide not to send the newsletter anymore – [one year];
- c) Your e-mail address and/or other essential contact details that you give us when you contact us are kept for [seven years at most after the last contact].
If we transfer your personal data to a country outside the European Economic Area, for instance to a service provider, we put appropriate safeguards in place to ensure an adequate level of protection. You can ask for a copy of the appropriate safeguards by sending a request to [firstname.lastname@example.org].
We send your personal data to [Google LLC] in the United States to be able to use Google Analytics. Google, including Google Inc. and all its US subsidiaries, falls under the EU-US Privacy Shield. This means that there is an appropriate level of protection for the processing of personal data. More information on this is available at https://www.privacyshield.gov/.
We use Mailchimp to send newsletters. The information collected, such as your email address, is also transferred to [The Rocket Science Group LLC] and stored by Mailchimp on servers in the United States. Mailchimp undertakes to comply with the EU-US Privacy Shield principle and the Swiss-US Privacy Shield principle. This means that there is an appropriate level of protection for the processing of personal data. For more information about Mailchimp’s privacy statement, visit https://mailchimp.com/legal/privacy/.
We have taken appropriate technical and organisational measures to protect your personal data. Our systems and programs are well protected to prevent unauthorised persons, from both in and outside our organisation, from gaining access to your personal data. Access to your personal data is limited to persons who have to be able to access it for their work. [Unifortes] has taken the following measures to protect your personal data:
- security software, such as a virus scanner and firewall.
- TLS (previously SSL). Most of our websites offer a secure internet connection, so that the personal data that is sent is protected. The ‘https’ and the padlock in the address bar are evidence of this.
If you are under the impression that your data is not properly protected or there are signs of misuse, please contact us.
The website contains hyperlinks to websites that are not [Unifortes] websites, which may be of interest to Users. The [Unifortes] has no control over these websites and does not monitor the privacy, accuracy, quality or integrity of these websites. We refer you to the privacy statement and 6 policies of each website that you visit. Links to third-party websites are provided solely for your convenience and any use or disclosure of data on these sites is entirely at your own risk.
You have the right to ask us for access to your personal data or to correct or supplement it. Under certain circumstances you can also ask us to delete your personal data, to limit its processing or to exercise your right to data portability.
Objections You may also object to:
- the processing of your personal data on the grounds of a legitimate interest (Article 6(1)(f) GDPR) for reasons that concern you specifically;
• the use of your personal data for direct marketing, for instance for our newsletter. If you object to the processing of your personal data for direct marketing, we will no longer use your personal data for that purpose.
Below is a more detailed description of the other rights:
|1||Right of access||You can ask us for access to your personal data and certain other information.|
|2||Right to rectification||You have the right to have your personal data corrected if it is incorrect or incomplete.|
|3||Right to erasure||This right is also known as ‘the right to be forgotten’. Under certain circumstances, you may ask us to erase or remove your personal data.|
|4||Right to restriction of processing||Under certain circumstances you have the right to block the further use of your personal data. If there are restrictions on processing, we may still store your personal data, but not use it.|
|5||Right to data portability||Under certain circumstances you have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format.|
We would like to point out that the aforementioned GDPR rights are not absolute. Circumstances may arise in which we will not (fully) comply with your request because there is a ground for exception to the GDPR or under Section 41 of the General Data Protection Regulation (Implementation) Act [Uitvoeringswet Algemene Verordening Gegevensbescherming]. Consider, for instance, a situation that 7 requires a limitation of your rights to protect the rights and freedoms of others, including the [Unifortes].
You can send a request to exercise your rights to [email@example.com] or by post to [Handelstraat 2, 3291 CB] for the attention of [Privacy legislation]. We may ask you for additional proof of your identity to make sure that you made the request. This is to protect your privacy.
You are always entitled to file a complaint with a data protection supervisory authority if you believe that we are not processing your personal data in accordance with the GDPR. In the Netherlands, the supervisory authority for data protection is:
Postal address: P.O. Box 93374, 2509 AJ The Hague