- First of all
Vintage Diva is firmly committed to safeguarding your privacy. Therefore, we take the protection of your personal data very seriously.
- What is the GDPR?
The General Data Protection Regulation (GDPR) is a European regulation that prescribes which standards need to be observed by European companies when processing your personal data. Personal data means every data or information that relates to an individual who is or can be identified from that data. Processing is the term used for any operation or set of operations performed on personal data, such as collection and storage.
- Personal data we collect
We process personal data by monitoring the forms you use to actively share information with us (such as the form you fill out to request a user account) as well as your browsing habits on our website. For the latter, we use (tracking) cookies among other things.
If you create an account, we will process the following personal data: your personal gender and name, and the company’s name, address, e-mail, phone number and website. This personal data is also used when placing an order.
If you subscribe to our newsletter, the name and e-mail address of either you or your company will be processed.
Lastly, functionality cookies* are used to enhance your use of our website, like remembering the contents of your shopping bag and the most recent items you have viewed. Cookies like Google Analytics are used for analytic information such as the number of people who visited our website, in which country they are located, etc. We do not use marketing cookies.
* Cookies are small amounts of data sent from a website and stored on your computer by your web browser. Every time you visit a new page, your browser will send the content of the cookie back to the website. This way a website can recognize your web browser. When you visit a Vintage Diva website, Vintage Diva as well as third parties can place cookies on behalf of Vintage Diva.
- Basis for us processing this personal data
We process the personal data you provide to us while placing an order request so we can deliver the ordered items; we need this data so we can correctly ship your order and send you the invoice. This data is processed on the legal basis of fulfilling a (sales) contract. Subsequently, we can use this order information for making newsletter groups and creating marketing campaigns. This is based on a legitimate interest for marketing purposes. Your personal data can be accessed and changed by contacting us.
The functional cookies are placed on the legal basis of a legitimate interest. They are necessary for a proper functioning website. The analytical cookies are placed on the legal basis of consent given by you by visiting our website.
We can send you different types of e-mails regarding your user account or orders such as an invoice or a username and password to log in.
- Your rights as a data subject
* Right of access: You have the right to access your personal data. A lot of this information can be accessed through your personal page.
* Right to rectification: If you think that your data that we’re processing is inaccurate, you can change this in your personal page or by sending us a request per e-mail.
* Right to be forgotten: You have the right to have your personal data stored by us erased. However, some data still needs to be stored for our administration or to make sure that we don’t contact you again. At your request, we will also inform third parties that you’ve made this request. If you unsubscribe from our newsletter by using the option at the bottom of every newsletter (zie sectie 4), your data relating to sending of the newsletter will be removed. You can also remove some data on your personal page.
* Right to restriction of processing: If you think that we are processing your personal data unlawfully or incorrectly, you can put a stop to that part of the processing.
* Right to object: You can put a stop to the processing of your personal data.
* Right to data portability: as a result of new legislation, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format from us. We can also forward this information at your request.
* Right not to be subjected to profiling: Based on your order information, you can be sorted into groups so we can offer you relevant newsletters and advertisements. You have the right not to be sorted into these groups.
You can send your request to exercise one or more of the rights as mentioned above to firstname.lastname@example.org. You will receive confirmation after we have successfully received your request. We may require some additional information to be able to process your request. This way we can ensure that our customer’s personal data is well-protected and will only be provided to the specific person concerned. You can also remove your data by erasing it on your personal page.
All requests will be processed within one month after having been approved. We will not send a confirmation of this unless you have specifically asked us to do so. We take all requests seriously and each request is processed individually.
If you have any complaints about us, you will at all times have the right to file a complaint with our supervisory privacy authority, in this case that is the Dutch Data Protection Authority (Dutch DPA).
- Retention periods
We will store the personal data that we process as a result of an account being created or a subscription to our newsletter until you unsubscribe or have your account removed.
Other personal data will be stored for a period of time that is in accordance with obligations imposed by other laws and regulations. For example, our administration obligation.
- External processors
We use reliable external processors that in collaboration with us process your personal data on our behalf. For example, an internal administration system, a server, an e-mail program and a logistics company to deliver your order. We have made the appropriate arrangements with them regarding the processing of personal data by signing processing agreements.
We’ll take appropriate internal organizational measures regarding the protection of your personal data and engage in a dynamic policy. The technical security measures will also be checked and evaluated (by external parties) on a regular basis. Our website is secured with SSL/TLS, ensuring your information is sent encrypted. Furthermore, our employees are all bound by confidentiality from the moment they are employed.
- Do you have any questions?
Last modified on: 01-08-2018