Privacy policy PlantoSys Nederland b.v.
1. About our privacy policy
PlantoSys Nederland b.v. (hereinafter referred to as: PlantoSys) cares about your privacy. For that reason, we only process data we require for the service we provide and to improve that service, and we carefully handle the information that we collect about you and how you use our services. We never pass on your data to third parties for commercial purposes. This privacy policy applies to the use of the website and the services of PlantoSys provided through the website.
The effective date for the validity of these conditions is 20th November 2032. When a new version is published, the validity of all previous versions shall lapse. This privacy policy describes which data we collect about you, what these data are used for and with whom and under which conditions these data may possibly be shared with third parties. We also explain to you how we store your data and how we protect your data against misuse and what rights you have with regard to the personal data you give to us.
If you have any questions about our privacy policy, please get in touch with our contact person for all matters relating to privacy; you will find the contact details at the end of our privacy policy.
2. About the data processing
The following describes how we process your data, where we store these data (or have them stored), which security technologies we use and who can view the data.
2.1. Website software
Our website has been developed using Simplex Interactive software. Personal data that you give to us for our services, are shared with this party. Simplex Interactive has access to your data to enable it to provide us with (technical) support; Simplex Interactive will never use your data for any other purpose. Based on the contract that we have entered into with them, Simplex Interactive is obliged to take appropriate security measures. Simplex Interactive collects technical information related to your use of the software; no personal data are collected and/or retained.
2.2. SSL and TLS encryption
In order to protect the transfer of confidential content, such as orders or requests that you submit to us as the website operator, SSL or TLS encryption is used on this website. An encrypted connection is recognisable because the address in the address bar of the browser starts with "https: //" instead of "http://", with the padlock icon in front of that. When the SSL or TLS encryption is activated, data that you send to us cannot be viewed by third parties.
2.3. Web hosting
We use the web hosting and email services of Veldmaat ICT. Veldmaat ICT processes personal data on our behalf and never uses your data for its own purposes. This party may, however, collect meta data about the use of the services. These are not personal data. Veldmaat ICT has taken appropriate technical and organisational measures to prevent the loss and unauthorised use of your personal data. Under the agreement, Veldmaat ICT is obliged to maintain confidentiality.
2.4. Email and mailing lists
When you subscribe to our newsletter through our website, we require your email address and information with which we can verify that you are the owner of the email address you have provided, and you must confirm whether you agree to receiving the newsletter. No other data is collected or is only collected when provided voluntarily. We process these data exclusively for the purpose of providing the requested information and these data are not passed on to third parties.
The information that you provide when subscribing to the newsletter is only processed with your consent (article 6, paragraph 1, under A of the General Data Protection Regulation (GDPR)). The consent given for the retention of the data, the email address and the use thereof in order to send the newsletter, can be withdrawn at any time, for example, using the "Unsubscribe" link in the newsletter. However, this does not affect the lawfulness of the data processing that has taken place up to that point.
We retain any data that you provide when you subscribe to the newsletter until you unsubscribe, and these data are then deleted. This does not apply to data that we retain for other purposes (such as email addresses used to log in).
2.4.1. Email software
We send our email newsletter through Sharpspring. Sharpspring will never use your name and email address for its own purposes. An ‘unsubscribe’ link is included at the bottom of every email that is sent automatically through Sharpspring. If you click this link, you will no longer receive our newsletter. Your personal data are stored securely by Sharpspring. Sharpspring uses cookies and other internet technologies which show whether emails have been opened and read. Sharpspring reserves the right to use your data to further improve its services and, in this context, to share information with third parties.
2.4.2. Microsoft Exchange
For our regular business email traffic, we use Microsoft’s services. This party has taken appropriate technical and organisational measures to prevent (as far as possible) misuse, loss and corruption of your data and our data. Microsoft has no access to our mailbox and we treat all of our email traffic confidentially.
2.5. Shipping and logistics
If you place an order with us, it is our job to arrange for your order to be shipped to you. We utilise the services of Mainfreight, FedEx, GLS, DHL or PostNL to carry out the deliveries. To this end, we have to share your name, address and place of residence to Mainfreight, FedEx, GLS, DHL or PostNL. Mainfreight, FedEx, GLS, DHL or PostNL use these data solely for the purpose of executing the agreement. Should Mainfreight, FedEx, GLS, DHL or PostNL engage the services of subcontractors, Mainfreight, FedEx, GLS, DHL or PostNL will also pass on your data to these parties.
2.6. Invoicing and accounts
We use the services of SnelStart to handle our administrative records and accounts. We share your name, address and place of residence, plus details relating to your order. These data are used to manage sales invoices. Your personal data are protected before being sent and stored. SnelStart is obliged to maintain confidentiality and will treat your data confidentially. SnelStart does not use your personal data for purposes other than those described above.
2.7. Contact form
When you send questions to us using the contact form, the information you provide on the form, including the contact details, will be retained so that we can process your request and for any further communication. These data will not be shared without your consent.
We will only process the data you have provided on the contact form with your consent (article 6, paragraph 1, under a of the GDPR). You can withdraw this consent at any time; you do this by sending us a simple message by email. However, this does not affect the lawfulness of the data processing that has taken place up to that point
The data provided through the contact form remain in our possession until you ask us to delete these data, withdraw your consent in this regard, or if it is no longer necessary to retain these data (e.g. once your request has been processed). The compulsory legal provisions, specifically those concerning the retention periods, are not affected.
2.8. Special and/or sensitive personal data that we process
We do not process any special personal data, such as data about health, a criminal record, ethnic data or data concerning race.
Our website, products and/or services are not meant to collect data about website visitors under the age of 16 years. We cannot, however, check whether a visitor is under 16 years of age. We therefore advise parents or guardians to be involved in their children’s online activities, to ensure that no data are gathered about children without parental consent. If you believe that we have collected personal data about a minor child without the aforementioned parental consent, please contact us by email and we will delete this data.
3. Purpose of the data processing
3.1. General purpose of the processing
We only use your personal data for the services we provide. In other words, that the purpose of the data processing is always directly related to the assignment that you give. We do not use your data for (targeted) marketing. If you share data with us and we use these data – other than at your request – to contact you at a later date, we will ask for your explicit consent for this.
Your data shall not be shared with third parties, other than to fulfil accounting and other administrative obligations. These third parties are all obliged to maintain confidentiality under the agreement between them and us, or an oath, or legal obligation.
3.2. Data collected automatically
Data collected automatically by our website with the purpose of further improving our services. These data (for example, your IP address, web browser and operating system) are not personal data.
3.3. Cooperation in tax and criminal investigations
Where applicable, based on a legal obligation, PlantoSys may be required to share your data officially, in relation to a tax or criminal investigation. In this case, we are obliged to share your data, but we will oppose this within the limits of what is legally possible.
3.4. Retention periods
We will retain your data whilst you are our customer. This means that we will retain your customer profile until you inform us that you no longer wish to utilise our services. When you inform us of this, we will also consider this as a request to be forgotten.
Based on applicable administrative obligations, we have to retain invoices containing your (personal) data. We will therefore retain these data for the duration of the applicable period. However, employees no longer have access to your customer profile and documents that we have produced further to your assignment.
4. Your rights
Pursuant to the applicable Dutch and European legislation, as an involved party, you have certain rights with regard to the personal data processed by us or on our behalf. Below we explain which rights these are and how you can invoke these rights. In principle, to prevent misuse, we only send extracts or copies of your data to the email address that we already hold for you. If you wish to receive the data at a different email address or, for example, by post, we will ask you to prove your identity. We keep records of requests that we have dealt with; in the event of a request to be forgotten, we process anonymised data. You will receive all extracts and copies of data in the
machine readable data format that we use in our systems. You have the right to lodge a complaint at any time with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you suspect that we are misusing your personal data.
4.1. The right of access
You always have the right to access the data that we process or that is processed on our behalf pertaining to you, or that can be traced back to you. You can submit a request to that end to our contact person for all matters relating to privacy. You will receive a response to your request within 30 days. If your request is granted, we will send you a copy of all data to the email address that we hold for you, along with a list of the data processors in possession of these data, stating the category under which we have retained these data.
4.2. The right to rectification
You always have the right to request that the data that we process or that is processed on our behalf pertaining to you, or that can be traced back to you, is rectified. You can submit a request to that end to us. You will receive a response to your request within 30 days. If your request is granted, we will send a confirmation to the email address that we hold for you, stating that the data have been rectified.
4.3. The right to restrict processing
You always have the right to restrict the data that we process or that is processed on our behalf pertaining to you, or that can be traced back to you. You can submit a request to that end to us. You will receive a response to your request within 30 days. If your request is granted, we will send a confirmation to the email address that we hold for you, stating that the data will no longer be processed until you lift the restriction.
4.4. The right to data portability
You always have the right to have the data that we process or that is processed on our behalf pertaining to you, or that can be traced back to you, to be processed by a different party. You can submit a request to that end to us. You will receive a response to your request within 30 days. If your request is granted, we will send, to the email address that we hold for you, extracts or copies of all data that we have processed about you, or that has been processed by other processers or third parties at our instruction. In all likelihood, in such a case, we will no longer be able to continue the service as we would no longer be able to guarantee the secure coupling of databases.
4.5. The right to object and other rights
In some cases, you have the right to object to the processing of your personal data by or on behalf of PlantoSys Nederland b.v.. If you object, we will immediately discontinue the data processing, pending the handling of your objection. If your objection is justified, we will provide you with extracts and/or copies of data that we process or that is processed on our behalf and will then discontinue processing on a permanent basis. In addition, you have the right not to be subjected to automated individual decision-making or profiling. We do not process your data in such a way that this right applies. If you are of the opinion that this is the case, please contact us.
4.6. The right to submit a complaint to the supervisory authority
If you suspect that your personal data are processed in a way that contravenes the Privacy Act, you can submit a privacy-related complaint to the supervisory authority. You can submit this complaint through this link: https://www.autoriteitpersoonsgegevens.nl/en
5. Cookies
In a number of cases, cookies are used on the website. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our website more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and in your internet browser.
In most cases, these are session cookies; these are deleted automatically after your visit. Other cookies are stored on your device, until you delete these. These cookies mean your device will be recognised the next time you visit.
You can set up your browser to notify you when you visit a website that uses cookies and you can choose to allow these in individual cases, that cookies are accepted for certain cases, or that cookies are deleted automatically when the browser is closed. If you do not wish to accept cookies, this can limit the functionalities of this website.
Cookies that are required to execute the electronic communications process, or for certain functions that you wish to use, are stored on the basis of article 6, paragraph 1, under f of the GDPR. The website administrator has a legitimate interest in the storage of cookies for a technically error-free and optimised delivery of services. If other cookies (such as cookies for analysing your browsing behaviour) are stored, these are dealt with separately in this Privacy Policy.
5.1. Consent with Cookiebot
Our website uses consent technology from Cookiebot to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in a manner consistent with data protection. The provider of this technology is Cybot A/S, Havnegade 42, 1058 Copenhagen, Denmark (hereinafter "Cookiebot").
When you visit our website, a connection will be established with Cookiebot's servers to obtain your consent and give you other explanations about the use of cookies. Cookiebot will then store a cookie in your browser to identify the consent you have given or its revocation. Data collected in this way will be stored until you request us to delete it, delete the Cookiebot cookie itself or the purpose for which the data was stored is no longer applicable. Mandatory legal storage obligations remain unaffected.
Cookiebot is used to obtain legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.
5.2. Google Analytics
This website uses Google Analytics, a web analysis service offered by Google Inc. ("Google"). Google Analytics uses cookies to help the website analyse how visitors use the site.
The anonymous information generated by the cookie about your use of the website is transferred to and stored by Google on servers in the United States. Google uses this information to monitor how this website is used, to produce reports about the website activity for the owner of this website and to offer other services relating to website activity and internet use.
Google may only supply this information to third parties if it is legally obliged to do so, or insofar as these third parties process the information on behalf of Google. Google will not combine your IP address with other data held by Google.
You can refuse the use of cookies by choosing the appropriate settings for this in your browser. However, we would like to remind you that, in that case, you may not be able to use the full functionality of this website. By using this website, you provide your consent for Google to process the information in the manner and for the purposes described above.
6. Changes to the privacy policy
We reserve the right to change our privacy policy at any time. However, you will always find the latest version of the privacy policy on this page. If the new privacy policy will impact the way in which we process data that we already hold about you, we will inform you of this by email.
7. Contact details
The controller of this website is:
PlantoSys Nederland b.v.
Aalsvoort 105
7241 MB Lochem, the Netherlands
