Services Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their personal data is being used online. Personal data is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personal data in accordance with our website.

The processing of personal data that you provide on this website will be done by Simfony BV,  in accordance with the provisions of Dutch Law for the Protection of Individuals with regard to the Processing of Personal Data, the notification of the processing of such data being registered in the Register of personal data processors and following the rules set by Regulation 2016/679 of the European Parliament and the Council, more commonly known as “GDPR” (General Data Protection Regulation).

Taking into account the
nature, scope, context and purposes of processing as well as the risks for the
rights and freedoms of natural persons, Simfony shall implement appropiate
technical and orginasational measures to ensure and to be able to demonstrate
that processing is performed in accordance with the GDPR regulation.

What personal data do we collect from people who visit our website and/or customers?

When ordering a product and/or service, or registering on our website, as appropriate, we will collect from you the following personal data:

  • full name
  • e-mail address
  • mailing address
  • invoicing address
  • phone number

This information is needed to help you with your experience and to fulfill legal and contractual obligations. Furthermore, we will collect your IP address when browsing our website, which will be used to geo-locate your position, with approximation.

Furthermore, usage and log information will be collected automatically when you use our services and/or products. This includes information about the devices’ activity, log information, data traffic, duration of activity, diagnostic and crash logs, performance logs and reports. While this information is not considered personal data, it will be collected as part of our services.

Credit card information, if supplied, is collected by a third-party gateway provider and we do not have access to this information.

When do we collect information?

We collect information from you when you register on our site, place an order or enter information on our website, depending of your interaction with our website. Furthermore, information will be collected when you use our services and/or products, regarding usage and log information, as described above.

How do we use your information?

The information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features, is used in the following ways:

  • to provide you with the products and/or services you requested
  • to process your order, as part of our contractual relationship with you
  • to personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
  • for safety and security reasons, in order to investigate suspicious activity or violations of our terms and conditions
  • to improve our website in order to better serve you
  • to allow us to better service you in responding to your customer service requests
  • to measure the effectiveness and distribution of our products and services
  • to quickly process your transactions
  • to send periodic e-mails regarding your order or other products and services that our company offers

Your name, mailing address and phone number will be stored for the duration of our contractual relationships, and afterwards only in order to fulfill legal obligations regarding fiscal regulations, for the period of time required in such legislation. If you subscribed to our newsletter, your e-mail address will be stored for an undetermined period of time, in order to deliver to you news and information about Simfony products and services, through our newsletter service. Should you decide you do not wish to receive this sort of information, your e-mail address will also be deleted, upon unsubscribing. However, you will have to keep a record of your un-subscription request.

What is the basis for processing personal data?

We collect, use and share your personal data for the following purposes:

  • consistent with your consent, where case may be, which you can revoke at any time
  • in order to fulfill contractual relationships with you
  • as necessary to comply with legal obligations
  • as necessary for our legitimate interests, including our interest in providing a quality, reliable and safe service to our users, unless those interests are overridden by your interests or fundamental rights and freedoms that require the protection of your personal data

How do we protect your information?

Your personal information is stored on the servers of Amazon Web Services (AWS) based in Frankfurt, Germany. Their services are ISO 270001, ISO 27017 and ISO 27018 certified, meaning AWS has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information, including personal data. Furthermore, the servers are hosted in highly secure data centers that utilize state-of-the art electronic surveillance and multi-factor access control systems. Data centers are also staffed 24×7 by trained security guards, and access is authorized strictly on a least privileged basis. Regarding the information you provide to us, it is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.

Furthermore, our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We use regular Malware Scanning.

We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on the servers we have access to. In addition, all credit card information you supply is encrypted via Secure Socket Layer (SSL) technology.

Traffic information, however, can pass through channels that are outside the European Union.

Rights of the users,
Right of data Subjects

According to the GDPR, individuals have the following rights in respect of the processing of their personal data:

  • 1 the right of access to their personal data
  • 2 the right to rectify their personal data
  • 3 the right to erase their personal data, “right to be forgotten”
  • 4 the right to restriction of processing of their personal data
  • 5 the right to portability of their personal data
  • 6 the right to object to an automated individual decision-making process
  • 7 the right to lodge a complaint with a supervisory authority
  • 8 processing of special categories of personal
    data
  • 9 point of contact 

1. Right of access to personal data:

If you are concerned with the processing of your personal data, you have the right to request, through a written, signed and dated request, information from Simfony regarding the following aspects: if the data concerning you is processed, the type of data that is processed, the purpose of the processing, the recipients of the data, the automatic processing mechanisms used by Simfony or the rights you have.

Simfony will provide the requested details within 30 days of receipt of the request from you.

2. Right to rectify your personal data:

Anyone concerned has the right to obtain from Simfony, on request and free of charge, where appropriate, rectification of their personal data.

You can also change your personal information by logging in to your account.

Simfony will inform you about the measures taken within 30 days from the receipt of such a request from you.

3. Right to erase their personal data, also known as “right to be forgotten”:

You have the right to request at any time the deletion of your personal data, in case they are no longer necessary for the scope they were provided in the first place, or your data has been processed illegally.

Simfony will inform you about the measures taken within 30 days from the receipt of the request from you.

4. The right to restriction of processing your personal data:

You have the right to request and obtain the restriction of processing your personal data if:

  • you contest the accuracy of the personal data, for a period a period of time that enables us to verify the accuracy of your personal data

the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of it

you have objected to the processing of your personal data, while we verify our legitimate reasons for such a processing override those of yourself

You also have the right to object to your personal data being processed, on grounds relating to your particular situation, if that data is processed by us whilst invoking a legitimate interest.

5. Right to portability of your personal data:

You have the right to request that the personal data concerning you, which you have provided to us, be transferred in a structured, commonly used and machine-readable format to another data controller.

6. Right to object to an automated individual decision-making process:

Simfony does not use an automated individual decision-making process, but should that be the case, you have the right to not be subject to a decision based solely on automated processing.

7. The right to lodge a complaint:

You have to right to address a complaint regarding the way Simfony is processing your personal data. Complaints can be made by making use of this link: : https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons

8. Processing of special
categories of personal data:

Simfony does not process any
special category of personal data.

 

9. Point of contact notification@simfony.com

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your personal data, unless you agree to this transfer. This does not include website and server hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its’ release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links

We do not include or offer third-party products or services on our website.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.

https://support.google.com/adwordspolicy/answer/1316548?hl=en

We have not enabled Google AdSense on our site, but we may do so in the future.

According to the standards of good practice in the industry, we agree to the following:

Visitors can surf our website anonymously.

Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes on our Privacy Policy Page.

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?

Our website allows third-party behavioral tracking for the purpose of analyzing the activity that users have on our website.

Underage Online Privacy Protection

We do not specifically market to persons under the age of 18 years old.

Data Breach Procedures

Should any data breach occur, and in order to be in line with the General Data Protection Regulation, we will notify you via e-mail within 72 hours after having become aware of such a data breach.

Mailing lists

We collect your e-mail address in order to process your orders and customer service requests and, if you opt in, to send you updates about the products and services that we offer, through our newsletters.

We also agree to the following:

  • not to use false or misleading subjects or e-mail addresses
  • identify the message as an advertisement in some reasonable way
  • include the physical address of our business or site headquarters
  • monitor third-party email marketing services for compliance, if one is used
  • honor opt-out/unsubscribe requests quickly
  • allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails , you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.

Privacy Statement – job application

When you respond to our vacancies, you do not want your data to be used for processes that you are not aware of or that they just end up on the street. That is why we do everything we can to keep your private data really private and we are happy to inform you about what happens to your data.

We store your personal data in a secure database. And that’s where they stay. We do not pass on your information to third parties for commercial purposes. Only third parties who help us find new colleagues sometimes need access to (some) your data. We make sure that these third parties handle your information with care and that they comply with all rules.

What would we like to know about you?

To make your application run as smoothly as possible, we first need the following information from you:

  • Contact details (name, address, date of birth, telephone number, email address, etc.) We will be happy to contact you personally about your application as soon as possible. You will also receive an email confirming your application.
  • Availability We would like to know how many hours per week you are available.
  • Extensive CV (including education and work experience)

We also use your data for the following:

  • Finding new colleagues

You can respond directly to our vacancies. You can also call, email, Facebook and chat with us. To make sure your story doesn’t have to be told twice, we’ll remember it. We also store which vacancies you have viewed and your data from previous applications. Even if you do not immediately become our new colleague. Because we may be looking for you in the future. We therefore keep your personal data for a maximum of 1 year after the application procedure has ended.

 

  • Application

We receive your personal data through your application. Name, address, date of birth and telephone number. Furthermore, by submitting your application you give us permission to conduct an online screening as part of the application procedure (including LinkedIn, etc.).

  • Improvement

To make our website even better, we use data from your visit to our site and your possible application. We also want to know how an application was processed. That is why we collect behavior from visitors and applicants. We do this by registering unique visits, with all activities that take place within them. Think of viewing vacancies, zooming in on something or clicking on links. Of course we always handle your data with care. Sometimes someone else performs these checks for us. This person therefore adheres to the privacy rules.