JVB DIGITAL DOES EVERYTHING TO GUARANTEE YOUR PRIVACY

The following privacy policy dated May 2018 applies to all website visits, transactions and agreements with JVBDigital.nl | Zappiti-store.nl

JVB Digital takes the privacy of personal data very seriously and carefully handles personal data. By using our sites you agree to our privacy and cookie policy including a processor agreement. Every agreement between JVB Digital and you as a customer is exclusively governed by Dutch law.  

We respect privacy and your rights to control personal data. Our guidelines are simple. We are clear about the data we collect and why we collect it. We protect data as well as we can. We do not sell data to third parties and will not do so in the future. This Privacy Statement (the "Declaration") explains what personal information we collect from you, be it directly or indirectly, and how we use it. Personal data are all data that can be used to identify you or that we can link to you. The Declaration also covers the choices you can make regarding the information we collect and how you can manage these decisions. This statement applies to all JVB Digital websites (JVBDigital.com/JVBDigital.nl/OPPOstore.nl/Zappiti-store.nl).

We only process personal data for the purpose for which it was provided and in accordance with the General Data Protection Regulation (AVG) and the Telecommunications Act

Read this Statement carefully so that you know how JVB Digital can collect, use and share the personal information you provide. The words "we", "we", "us", "our" and "JVB DIgital" all refer to JVB Digital.

The types of personal data that we collect

Information you provide us

We collect information that you voluntarily provide us with, such as name, telephone number and e-mail address; for example if you want to know more about products when you contact our customer service. This can be the following information:

  • First and last name
  • E-mail address
  • telephone number
  • Website
  • Company Name
  • Street and house number
  • Postal code, city and country
  • Chamber of Commerce number
  • VAT number

Data that we collect automatically

We automatically collect information about you, such as data that we collect through cookies and similar technology when used, accessed or interacted with our websites. For example, we may collect information about the type of device you use to access our websites, the operating system and its version, your IP address, your general geographic location as indicated by your IP address, your browser type, the web pages you click on. view our websites, and whether and how you communicate with content that is available on our websites.

Interactions of customers with JVB Digital

In order to make the information contained in this Declaration understandable, we explain various moments at which JVB Digital may collect personal data from customers. The interactions of customers with JVB Digital are divided into the following segments:

Buy products

If you buy from us, we ask you to provide information so that we can process the purchase.

We collect: name, telephone number, e-mail address, delivery / shipping address and payment method.

Why: We use this information to process the transaction, track your purchase, assist with any issues with delivery, return shipments, and address other issues related to the purchase of the products. The processing of your personal data for this purpose is necessary for the implementation of the agreement we have with you. Note: we do not store payment or credit card details. We only use the information about the payment method in connection with your purchase.

Customer service

We use the information to answer customer questions, diagnose problems with products, repair products, and provide other customer service and support services.This processing is necessary for the execution of the agreement that we have with you and also serves our legitimate interest.

Business activities

We use data to develop aggregated analytics and business intelligence that enable us to run and protect our business, make informed decisions and report on our business performance. This processing is necessary to serve our legitimate interest.

Communication, marketing and advertising

We use the information we collect to realize and personalize our communication with you. For example, we may contact you via e-mail or other electronic means of communication to inform you about new products or services, to keep you informed of a support issue or to invite you to participate in a survey. This processing is necessary to serve our legitimate interest.

How we can share Personal Information

We do not sell personal data from our customers. 
We only disclose information in the manner described in this Declaration. We can share data with the following third parties.

External suppliers

JVB Digital uses various external suppliers to perform services such as website management and hosting, online purchase and shipment of products, credit card processing and e-mail communication. We share personal information only when necessary, such as to complete a transaction or provide Products or Services that you have requested or authorized, and only with vendors or agents acting on our behalf for the purposes described in this Statement. In that case, your personal data will be shared with these agents or contractors, but only for the performance of services on behalf of and on behalf of JVB Digital and in accordance with this Declaration. It is our legitimate interest to share data with these parties for these purposes.

The legal grounds for the use of Personal Data

There are several legal grounds on which we base ourselves to use your personal data, namely:

  •        Execution of an agreement

The use of your personal data may be necessary to implement the agreement that you have with us. For example, to complete the purchase of your products, to register and maintain your account, to help with delivery issues, to handle returns or to respond to your requests.

  •        Justified interests

We may use your personal data for our legitimate interests. For example, we rely on our legitimate interest to analyze and improve our products and the content of our websites, to inform you about software updates or information about products and whether to use your personal data for administrative, fraud detection purposes. or legal purposes. When we process your personal data based on our legitimate interest and there is no deregistration mechanism available to you, you can exercise your right to object by sending an e-mail to customerservice@jvbdigital.nl/ customerservice@jvbdigital.com

Storage period

We do not store your data longer than necessary for the purpose for which it was received. If you unsubscribe from our e-mails, your personal data will be removed from the system by the end of the relevant month at the latest.

We keep the data in our accounting and CRM system for at least 7 years, in order to comply with all our legal obligations. This information will be removed by us within 1 year after the expiry of this obligation.

The above deadline applies, provided that there are further legal obligations for us to keep the data longer and / or to keep it available.

Processing agreement

The following items are qualified as processing contracts.

  1. Processing manager offers data for the purchase of products.
  2. The controller has - for the execution of that service - various data, including personal data of various parties involved within the meaning of the General Regulation on Personal Data ( AVG ).

3. Processing manager wants the storage, processing and security of this 
have personal data processed by Verwerker (JVB Digital) (the Assignment ). 
Processor is prepared to accept this Assignment.

Article 1 - Processing of processing

  1. In the execution of the Assignment, the Processor will handle the personal data in a careful manner and only process the personal data on the instructions of the Processing Officer, in accordance with its written instructions and in accordance with this Agreement and the provisions in the Wbp. If an instruction by the Processing Officer does not comply with the applicable legislation and regulations, including the AVG, the Client will immediately inform the Processing Officer of this.
  2. The personal data processed by Verwerker in the context of the activities as referred to in the previous paragraph and the categories of data subjects from whom they originated. The processor will not process the personal data for any other purpose than as established by the Processing Officer. The processor has no control over the purpose and the means for processing the personal data.
  3. The processor further guarantees that persons acting under his authority will only process the personal data in a lawful manner and in accordance with this Agreement and the GDPR.
  4. At the request of the Processing Officer, the Processor will inform the Processing Officer as soon as possible about the genome (security) measures to comply with the obligations under the AVG, this Agreement and the other written instructions of the Processing Officer.

Article 2 - Guarantee of processing responsibility

The party responsible for processing guarantees that the basic principles of the processing of the personal data of data subjects, as referred to in this Agreement, are not unlawful and that no violation is made of the rights of others. The processing manager indemnifies Verwerker against all claims relating to this.

Article 3 - Transfer of personal data

  1. Personal data are processed within the European Union. The transfer of personal data to countries outside the European Union is only permitted to countries that offer an adequate level of protection in accordance with the AVG for the processing of personal data.
  2. At the request of the Processing Officer, the processor will report within which country (s) the personal data processed by the Processer on behalf of the Processing Officer are processed.

Article 4 - Security measures

  1. The Processor will make every effort to take sufficient technical and organizational measures with regard to the processing of personal data, against loss or against any form of unlawful processing (such as unauthorized access, impairment, alteration or provision of personal data).
  2. In any case, the processor takes the following measures:

encryption (encryption) of digital files containing personal data.

security of network connections via Secure Socket Layer (SSL) technology or comparable technology that provides at least the same security level.

  1. The processor does not guarantee that the security is effective under all circumstances. If an explicitly defined security is missing in the Processor Agreement, Verwerker will endeavor to have the security comply with a level that, in view of the state of the art, the sensitivity of the personal data and the costs associated with securing the security, is not unreasonable. is.

Article 5 - Reporting obligation

  1. The reprocessor is at all times responsible for reporting a security breach and / or data breach (which is understood to mean: a breach of security that inadvertently or unlawfully leads to the destruction, loss, modification or unauthorized provision of or the unauthorized access to transmitted, stored or otherwise processed data) to the supervisor and / or parties involved. In order to enable the Processing Officer to comply with this statutory duty, the Processor will notify the Processing Officer of the vulnerability and / or the data breach within a period of 72 hours.
  2. A report should only be made for events with a major impact, and only if the event has actually occurred.
  3. The duty to report in any case includes reporting the fact that there has been a leak. In addition, the obligation to report includes:

- the nature of the personal data breach, where possible with reference to the categories of data subjects and personal data registers concerned and, approximately, the number of data subjects and personal data registers concerned;

- the name and contact details of the data protection officer or any other contact point where more information can be obtained;

- the likely impact of the personal data breach;

- the measures proposed or taken by the Processor to address the personal data breach, including, where appropriate, the mitigation measures to mitigate any adverse effects.

Article 6 - Duration and termination

  1. This Agreement commences at the time that a purchase is made at JVB Digital. Parties enter into this Agreement for an indefinite period of time.
  2. Termination is possible towards the end of the month with a notice period of 3 months.
  3. If this Agreement ends or is dissolved, the Parties must continue to comply with the provisions of this Agreement with regard to confidentiality, liability, indemnification and all other provisions that by their nature are intended to continue after termination or dissolution of this Agreement.
  4. If this Agreement ends or is dissolved, the Processing Officer will give the User the opportunity to move all data, including personal data, that are present at the Worker to another location on the basis of this Agreement for 30 days. After this period, Verwerker will remove or destroy all data, including personal data, that are present with it pursuant to this Agreement (including any copies thereof).

Article 7 - Confidentiality

  1. All personal data received by Verwerker on the basis of this Agreement is subject to a confidentiality obligation towards third parties. All persons employed or employed for the benefit of the Processor, as well as the Processor themselves, are obliged to maintain the confidentiality of the personal data.
  2. The processor will not provide, copy, or otherwise multiply or make public the personal data to third parties without the permission of the Processing Officer.
  3. If the Processor receives a request from a third party to provide access to the personal data on the basis of an alleged (legal) obligation, he will first inform the Processing Officer of this in writing, if legally permitted, before he provides that third party with access to the personal data, so that The processing manager can assess whether the request of the third party is well-founded.

Article 8 - Persons working under the authority of the Processor

The obligations of Processor arising from this Agreement also apply to those who process personal data under the authority of Processor, including but not limited to employees.

Article 9 - Liability

  1. Processer is liable for damage that the Processing Manager suffers if the Processor does not comply with the further instructions of the Processing Officer, this Agreement, the AVG or other applicable laws and regulations in the area of ​​privacy and protection of personal data.
  2. Processer indemnifies Processing Officer against claims from third parties insofar as these claims relate to the processing of personal data and all other activities performed or fulfilled by Processor under this Agreement for the Client.

Article 10 - Invalidity

If part of this Agreement is null and void or voidable, that will not affect the validity of the remainder of the Agreement. The void part is replaced by a provision that follows as much as possible the content of the void provision.

Article 11 - Enabling third parties or subcontractors

  1. Processors may use third parties in the context of this Processing Agreement, provided that they are notified in advance to the Processing Officer; Processing officer may object if the use of a specific reported third party is unacceptable to it. In such a case the Parties will consult with each other to come to a workable solution.
  2. The processor will in any case ensure that these third parties take on at least the same obligations in writing as agreed between the Verification Manager and the Processor.
  3. The processor guarantees correct compliance with the obligations arising from this Processing Agreement by these third parties and, in the event of errors by these third parties, is itself liable for all damages as if they had committed the fault (s) themselves.

Article 12 - Audit

  1. Processing Manager has the right to have audits carried out by an independent, expert third party who is bound to confidentiality in order to check compliance with the security requirements, compliance with the general rules regarding processing of personal data, misuse of personal data by employees of the Processer, compliance with all points from the Processor Agreement, and everything that is directly related to it.
  2. This audit may take place no more than once a year or otherwise with a concrete suspicion of abuse of personal data.
  3. The processor will cooperate with the audit and provide all relevant information reasonably relevant to the audit, including supporting data such as system logs, and employees as soon as possible.
  4. The findings resulting from the audit carried out will be assessed by the Processor and may be implemented by Processer at the discretion of the Processor and in the manner as the Processor itself determines.
  5. The costs of the audit are borne by the Processing Officer.

Article 13 - Processing of requests for data subjects

In the event that a data subject submits a request for the execution of his / her legal rights to the Processor, the Processor will forward the request to the Processing Officer, and the Processing Officer will further process the request. The processor may inform the data subject of this.

Article 14 - Final provision

  1. Only written changes to this Agreement are valid.
  2. This Agreement supersedes all prior agreements between Parties.

Article 15 - Applicable law

The Agreement and its implementation are governed by Dutch law.

Article 16 - Competent court

All disputes that may arise between the Parties in connection with the Agreement will be submitted to the competent court for the district in which the Processor is established.

Rights

You always have the right to withdraw your consent to the processing of your data, after which we will no longer process your data. Withdrawal of this consent does not affect the legality of our data declaration on the basis of your consent, which took place prior to this withdrawal.

You also have the right to access your personal data and the right to rectify your personal data. If you want to know which personal data we process from you, you can submit a written request for access.

If your details are incorrect, incomplete or irrelevant, you can request us in writing to change or supplement your data.

You also have the right to delete your personal data, a right to limit the processing and a right to object to the processing. You are also entitled to transfer or transfer your data. You can also submit a written request for this.

We will process your request within 4 weeks. By written means is also understood by e-mail. You can e-mail your request to us via customerservice@jvbdigital.nl/ customerservice@jvbdigital.com

Amendments

We reserve the right to change our privacy policy at any time. The changes take effect on the announced time of entry into force.

Company details

This is a website of JVB Digital,

JVB Digital can be reached as follows:

Postal address: PO Box 124, 830AC Leusden

Business address: Sizes 51, 3831PJ Leusden.

Registration number Commercial Register Chamber of Commerce: 32073851

Phone: 033-4655355

e-mail address: customerservice@JVBDigital.nl/ customerservice@jvbdigital.com