I. General information and definitions
1) Indusigns – the administrator of the website that provides resources and information to visitors to the website or profile on social media: Indusigns, Paxtonstraat 3F, 8013RP te Zwolle (Netherlands), KVK: 59719818, BTW: NL853617466B01, info@indusigns .nl.
2) personal data – any information (e.g. last name, first name, telephone number, email address or home address) about an identified or identifiable natural person who is a visitor to the website/social media, an Indusigns customer or a supplier.
3) Supplier – a natural person, a legal entity or an unincorporated person, but capable of acquiring rights and entering into obligations on its own behalf, which provides certain services to Indusigns or supplies goods to Indusigns; The term supplier also includes natural persons who are employees and/or representatives of the supplier and who act on the supplier’s instructions and on behalf of the supplier within the framework of the contracts concluded and already concluded between Indusigns and the supplier,
4) Visitor – a person who visits and browses the content of the Indusigns website and/or social media,
5) Customer – a natural person, a legal entity or a person without legal personality, but capable of acquiring rights and entering into obligations on his own behalf, entering into a contract for the sale of goods with Indusigns,
6) Instant Messenger – remote communication applications used by Indusigns to contact customers, operating within or in conjunction with Indusigns social media accounts: Messenger (https://www.facebook.com/indusigns /) and Instagram (https://www.instagram.com/indusigns.nl/)
7) Social Media – the general term for the online social media platforms (websites) on which Indusigns maintains profiles and through which it provides the services to customers listed in Section 3 of the General Terms and Conditions. These include Facebook (https://www.facebook.com/indusigns/), Instagram (https://www.instagram.com/indusigns.nl/) and Pinterest (https://nl.pinterest.com/indusigns/ ).
8) Offer – description and images of the services offered and goods sold by Indusigns in the course of its business activities and used to promote them; any announcements, advertisements, price lists placed on the website or in social media are not to be viewed as an offer within the meaning of the Civil Code, but as an invitation to submit offers (orders) by the customer,
9) Person – the natural person to whom the personal data processed by Indusigns relates, in particular a visitor, supplier or customer or their employees or representatives,
10) Website – the Internet platform maintained at www.indusigns.nl through which Indusigns offers services to visitors within the framework of a contract for the provision of electronic services,
11) Goods – the Indusigns products presented on the website and social media,
12) Service – a service provided by Indusigns by electronic means for the benefit of Visitors, which consists in the transmission of data using public data transmission systems at the individual request without the simultaneous physical presence of the parties to which the contract for the provision of services by electronic means arises to carry out the resulting tasks, including, among others: the provision of offers via the website and social media, the management of correspondence via electronic addresses.
If the term “processing” or
When “distribute” is referred to, it means all activities and operations carried out with personal data (e.g. storing or analyzing it for the purpose of providing services), unless otherwise stated.
2. The overall objective of Indusigns, as controller of the personal data of visitors, customers and suppliers, is to ensure that privacy is protected at a level at least equivalent to the standards of current legislation, in particular with regard to:
1) Protection of personal data – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (data protection Basic Regulation) (hereinafter: “GDPR”),
2) Provision of services by electronic means – the law of July 18, 2002 on the provision of services by electronic means,
3) Protection of consumer rights – Law of May 30, 2014 on consumer rights.
3. In view of this and in order to ensure that the persons whose data are processed by Indusigns have access to information about data protection, Indusigns has developed and adopted this data protection document. This document contains in particular the following information:
1) Processing of personal data, including its collection and storage by Indusigns,
2) Manner in which personal data and other data related to the use of the website, visiting social media, communicating via instant messaging or email, as well as the conclusion and performance of contracts with Indusigns for the provision electronic services, contracts for the sale of goods or other contracts concluded by Indusigns with customers or suppliers,
3) transfer of personal data to other bodies,
4) Access, modification and deletion of personal data,
5) security of processing personal data and information,
6) Retention period for personal data.
4. Indusigns receives personal data from visitors as well as from customers and suppliers:
1) when these people and companies browse and use the content of the website or social media for information
a) that these persons/companies provide directly to Indusigns, including the information they provide when placing orders on the Website, visiting and using social media (including, but not limited to, tagging content posted by Indusigns were posted as “liked” or commenting on this content), when exchanging correspondence via email and instant messenger,
b) received and collected by Indusigns during the use of the services made available through the website or social media, in particular with regard to: the manner in which the services are used, the internet protocol used, the IP address , data on the operation of the device used to use the Services as well as failures, the activity of IT systems, device settings, browser type and language, date and time of requests sent and referring URLs, cookies,
2) when communicating with Indusigns via email or instant messaging,
3) when negotiating and concluding contracts with customers and suppliers
II. Type, scope and purpose of processing personal data
1. Indusigns processes, i.e. collects, stores and analyzes, among other things, personal data for the following purposes:
1) Conclusion and fulfillment of concluded contracts (Art. 6 Para. 1 lit. b) GDPR), including contracts for the provision of electronic services, contracts for the sale of goods and contracts with suppliers. This applies in particular to contacting visitors, customers and suppliers in connection with the initiation, conclusion and implementation of contracts, including the provision of information and the processing of inquiries, complaints as well as the assertion and defense of claims arising from the contracts,
2) Fulfillment of Indusigns’ legal obligations, in particular with regard to the processing of data for tax and accounting purposes (Art. 6 Para. 1 lit. c) GDPR), and ensuring responsibility for the protection of personal data, i.e. to provide evidence of can that:
a) personal data are processed lawfully, fairly and in a manner transparent to the data subject,
b) the purpose of the processing is clearly determined,
c) the data processed are adequate and relevant and used only for the purposes of the processing, d) the personal data are accurate and updated where appropriate,
e) the processing of personal data is carried out in a way that ensures their security,
f) the storage of data is limited to the minimum strictly necessary for the purposes for which they are processed,
3) Consent (Art. 6 Para. 1 lit. a) GDPR), insofar as obtaining consent is required under applicable law for data processing activities based on cookies and for the direct marketing of the services provided by Indusigns,
4) Pursuing the legitimate interests of Indusigns (Art. 6 Para. 1 lit. f) GDPR), such as:
a) carrying out direct marketing for the services offered by Indusigns, including contacting visitors, customers and suppliers for the purposes of permitted marketing activities by email or telephone,
– to ensure the security of the services provided by Indusigns under the contracts concluded for the provision of electronic services, including enforcing compliance with the internal rules of the website and social media, as well as preventing abuse and ensuring the security of data traffic on the website,
– optimize the content and operation of the website, carry out statistical analysis, obtain information about the reach and interaction rates of the website
c) Conducting satisfaction surveys among visitors, customers and suppliers, e.g. B. regarding satisfaction with the results of the services provided or goods sold on the basis of the concluded contract,
3. Indusigns can carry out profiling, i.e. automated processing of personal data from visitors, customers and suppliers with the aim of drawing conclusions about their characteristics. Profiling is used when it is necessary for the provision of certain services, as well as to improve the quality of the services offered and for marketing purposes. However, Indusigns does not make automated decisions based on profiling that could give rise to legal consequences or similarly significantly affect the rights and obligations of data subjects.
III. Disclosure and transmission of data to third parties and third countries
1) may entrust the data of individuals to third parties who are involved in the provision of services or who support the fulfillment of Indusigns’ obligations under contracts concluded with or for the benefit of these individuals (or entities represented by them),
2) can pass on data to third parties:
– if this is permitted by generally applicable law for the purposes and principles of that law, or
– with the consent of the people.
This applies in particular to:
1) Banks, payment institutions, auditing companies that process claims for services provided and from concluded contracts (data trusteeship),
2) Internet service providers, server rooms, IT companies, telecommunications companies, to the extent that these entities are involved in the provision of services to individuals (entrustment of personal data),
3) Third parties, e.g. specialized providers of data storage services, analysis services so that these providers can provide services to Indusigns, marketing, consulting or auditing companies that support Indusigns in the conduct of its business activities and in the provision of electronic services, as well as in the provision of websites – and application development services and branding and marketing (provision of personal data).
3. If personal data is stored in places such as: B. a bank that is involved in the process of executing payments under concluded contracts or from the obligations of individuals to Indusigns (if provided), these entities become – by virtue of current legislation – the owners of the personal data of the People who process their data on their own behalf and for their own purposes. Other entities to which Indusigns entrusts personal data may also become data controllers of the personal data of individuals, processing such data on their own behalf and for their own purposes, if this is a direct consequence of the applicable legislation.
4. When personal data is disclosed (solely on the basis of the consent of the person or the company represented by the person, or if generally applicable law permits it), the companies to which the data are shared will be independent of Indusigns as the owner of the personal data. Indusigns points out that in such a case it has no influence on the data protection policies of those affected and is not responsible for them.
5. Indusigns may provide anonymized data, i.e. data that has been transformed in such a way that individual information cannot be identified or assigned to a specific or identifiable natural person to or from whom the data was provided, to third parties in the form of statistical data .
6. Indusigns does not transfer personal data outside the European Economic Area or to international organizations. However, if the Visitor uses content published by Indusigns on social media or communicates with Indusigns via instant messaging, the Visitor simultaneously uses the services provided by the administrators of these social media or the manufacturers of remote communication software . These services are provided by other companies on the basis of separate terms and conditions, privacy policies and on the basis of a separate agreement for the provision of electronic services (a separate legal relationship) to which Indusigns is not a party. In this case, your data may be processed by companies based outside the European Union. In this case, Indusigns recommends that you consult the relevant regulations, instructions and privacy policies regarding the provision of the above services by companies other than Indusigns.
IV. Access to and modification of personal data
1. Any person whose personal data is processed by Indusigns has the right – to the extent provided for by current legislation –
1) obtain access to the personal data processed, including a copy of the personal data,
2) Get information about:
a) the purposes of processing the personal data,
b) the categories of personal data processed,
c) information about the recipients or categories of recipients to whom the personal data will be disclosed,
d) the duration of the processing of personal data,
e) the use of automated decision-making (including profiling),
3) to correct the personal data concerning you if the data is inaccurate,
4) to complete incomplete personal data (taking into account the purposes of processing),
5) that the personal data concerning you will be deleted if:
a) they are no longer necessary for the purposes for which they are processed by Indusigns,
b) the data subject withdraws his or her consent to the processing and the consent was the only legal basis for the processing or an effective objection to the processing has been lodged,
c) the processing is unlawful,
6) restrict the processing of personal data if:
a) the accuracy of the data is contested – in this case the data subject may request the restriction of processing for a certain period of time to enable Indusigns to verify the accuracy of the data,
b) the data is processed unlawfully but the data subject does not want the data to be deleted,
c) the data is no longer required by Indusigns, but the person concerned needs it to defend or assert claims,
d) an objection to the processing has been lodged – until it has been decided whether the legitimate interests of Indusigns outweigh the interests of the person given as the reason for the objection
7) to oppose the processing if the data is processed for the following reasons:
a) performing a task that is in the public interest or in the exercise of official authority entrusted to Indusigns,
b) which arise from the legitimate interests of Indusigns, unless these interests are overridden by the interests or fundamental rights and freedoms of the data subject,
c) direct marketing requirements, including profiling,
8) to receive the data in a structured format, including for the purpose of transmission to another controller, and to request that Indusigns transmit the data to another controller, to the extent that this is technically possible; This also applies if the processing is based on consent or a concluded contract and is carried out using automated procedures,
10) lodge a complaint with the authority that monitors compliance with data protection regulations, i.e. the President of the Office for Personal Data Protection.
V. Data and information security
Indusigns is committed to ensuring that all data collected and processed is protected by appropriate technical measures and security procedures to protect it from unauthorized access, alteration, disclosure and destruction. In particular:
1) The website logs unauthorized access attempts so that in the event of a suspected intrusion, it can be quickly checked whether a security breach has occurred,
2) Indusigns uses SSL encryption and firewalls when providing services electronically,
3) The data on the website servers is subject to periodic archiving (so-called backup),
4) Indusigns uses and controls its own methods of collecting, storing and processing information, including physical security measures (such as encryption of device disks, issuing passwords for access to devices or applications involved in data processing). to prevent unauthorized access to data processed, including data processed in connection with Indusigns’ use of email or instant messaging services to communicate with individuals. However, Indusigns stipulates that any person using instant messaging or email is obliged to familiarize themselves with the data security rules and information used by the providers of the said means of communication and to comply with the provisions resulting therefrom,
5) Access to personal data is only granted to those employees and contractual partners of Indusigns for whom the processing of this data is necessary for the purposes of Indusigns or in connection with the provision of services. Indusigns affiliates, trusted business partners and third party service providers manage data in accordance with security and privacy requirements and will face appropriate legal consequences if these obligations are not met.
VI. Retention period for personal data
1. Personal data will be retained by Indusigns for as long as necessary to achieve the purposes of the processing, in particular for the duration of the contracts on which the processing is based and thereafter for the following purposes:
1) to assert or defend claims in connection with the fulfillment of the contract,
2) to fulfill legal obligations, in particular tax and accounting regulations,
– until the statute of limitations for claims or tax debts, the deadlines for which arise from generally applicable law.
2. Indusigns stores personal data for marketing purposes until the data subject objects to such processing. In the case of the newsletter service – Indusigns stores and processes the data for dispatch until the person who registered unsubscribes (opt-out).
3. In order to ensure accountability, i.e. to demonstrate compliance with the provisions on the processing of personal data, Indusigns will keep the data of the individuals for the period during which it is obliged to keep the data or the documents containing them in order to ensure compliance with the document legal provisions and enable the authorities to monitor compliance.
VII. Changes to data protection regulations
VIII. Data protection officer
In the absence of a legal obligation, Indusigns has not appointed a data protection officer. Accordingly, you should contact Indusigns directly as the data controller for any questions relating to the processing of personal data. Contact details are listed in Section IX of this document.
IX. Contact details
1. The registered office of Indusigns is at Paxtonstraat 3F, 8013RP te Zwolle (NL)
This data protection declaration comes into force on August 1st, 2023.