Privacy Policy | Co-Flo Enterprise

PRIVACY POLICY OF THE CO-FLO ENTERPRISE WEBSITE

1. INTRODUCTION

At Co-Flo Enterprise, privacy is a priority. The purpose of this document is to set out how Co-Flo Enterprise, (“us,” “our,” or “we”) collect, use, store, or otherwise process personal information about clients and other individuals (collectively "you") who access or use our website, including co.flo.nl, or services that link to this Privacy Policy (the “Services”). By using our Services, you understand that we will collect and use your personal information as described in this Privacy Policy

This Privacy Policy explains why and how we will use the personal information that we have obtained from you or others, with whom we share it and the rights you have in connection with the information we use. Please read the following carefully.

Co-Flo Enterprise will process your data in accordance with the General Data Protection Regulation (GDPR).

2. PERSONAL INFORMATION WE COLLECT ABOUT YOU

We receive personal information about you that you give to us, which we collect from your visits to our website, social media pages and that we obtain from other sources. We only collect personal information which we need and that is relevant for the purposes for which we intend to use it.

2.1 WEBSITE RESOURCES

Downloading Whitepaper

Categories of Data Subjects: Client, Customer, Website Visitor

Typical Data Categories: Name, Email Address, Company, Country

Legal Basis: Consent

Administering a Demo

Categories of Data Subjects: Client, Customer, Website Visitor

Typical Data Categories: Name, Email Address, Phone Number, Organisation Name, Department

Legal Basis: Performance of a contract

3. WHO WE SHARE YOUR PERSONAL DATA WITH

We only disclose your personal information outside the Organisation in limited circumstances. If we do, and where relevant, we will put in place a contract that requires recipients to protect your personal information, unless we are legally required to share that information. Any contractors or recipients that work for or with us will be obliged to follow our instructions and will be required to enforce the same data privacy and protection mechanisms. We do not sell your personal information to third parties.

When we use third-party service providers, we only disclose to them any personal information that is necessary for them to provide their services and only where we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions as a Data Controller.

The Organisation will not share personal data with any other entity or organisation without prior consent from the data subject or another appropriate legal basis. At some point in time we may request your permission to share personal data with another related organisation.

4. TRANSFERS OF YOUR PERSONAL INFORMATION OUTSIDE OF EUROPE

Typically, we do not transfer your personal information outside of Europe. However, we may rely on adequacy decisions by the European Commission for data transfers to countries outside the EEA such as to the UK.

If at any time we transfer your personal information to, or store it in, countries located outside of the EEA (for example, if our hosting services provider changes) that are not subject to an adequacy decision, we will amend this statement and notify you of the changes. We will also ensure that appropriate safeguards are in place for that transfer and storage, as required by applicable law. This is because some countries outside of the EEA do not have adequate data protection laws equivalent to those in the EEA.

We ensure that appropriate safeguards are in place when transferring and storing your data outside of the region as required by applicable law. This includes adopting EU 2021 Standard Contractual Clauses (SCCs) or implementing an International Data Transfer Agreement (IDTA) where applicable.

By submitting or agreeing to the submission of personal data on your behalf, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

5 . SECURITY AND LINKS TO OTHER WEBSITES

We take the security of your personal information seriously and use a variety of measures based on good industry practice to keep it secure. Nonetheless, transmissions over the internet and to our website, and our social media pages may not be completely secure, so please exercise caution. When accessing links to other websites, their privacy policies, not ours, will apply to your personal information.

We employ security measures to protect the personal information you provide to us, to prevent access by unauthorised persons and unlawful processing, accidental loss, destruction and damage in accordance with applicable data privacy and protection legislation.

Although, we will do everything possible to protect your personal information, we cannot guarantee the security of any personal information during its transmission to us online. You accept the inherent security implications of using the internet and will not hold us responsible for any breach of security unless we are at fault.

Our website and social media pages may contain links to other websites run by other organisations which we do not control. This statement does not apply to those other websites, so we encourage you to read their privacy statements. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.

6. THE PERIODS FOR WHICH WE RETAIN YOUR PERSONAL INFORMATION

We will retain personal information we collect from you where we have a justifiable business need to do so or for as long as we determine it is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes). We may delete or de-identify your information sooner if we receive a verifiable erasure request, subject to exemptions under applicable law.

We may destroy or otherwise dispose of any of personal data we collect from you unless we receive, no later than ten days after the end of any agreement with you (whether under terms of service or otherwise) or a trial period (where no contract is entered into immediately following the trial period), a written request for the delivery to you of the then most recent back-up of any of your personal data we hold. We shall use reasonable commercial endeavours to deliver the back-up to you within 30 days of our receipt of such a written request.

7. DATA PROCESSING WITH YOUR CONSENT

Where we use consent as our legal basis for processing your data, or process special categories of your data on the basis of your explicit consent, you have the right to withdraw your consent at any time. For further information on when we rely upon consent please see Section 2 “Personal Information We Collect About You”.

There are two ways that you can easily withdraw your consent, you can:

• Contact our Data Protection Officer directly by post, email and telephone and using the contact details on section 11 of this statement.

We will maintain a record of your withdrawal of consent to comply with our legal obligations.

8. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

This section explains the rights you have in respect of your personal data and we have processes to enable you to exercise these rights.

Right of Access

If you want to know if we are processing personal data relating to you and to have access to any such personal data, you can contact us using the details below. In order to furnish you with a copy of your personal data that we hold we will need to verify your identify. This is known as a Data Subject Access Request.

Right to be Informed

You have the right to be informed about the collection and use of your personal data. The Party provides this in a form of privacy information and/or privacy policys at the point of collection.

Right To Rectification

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the data and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

If you believe that we hold inaccurate personal data about you, please contact us using the details below. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate, we will make the necessary changes.

Right To Erasure

You also have the right to request erasure of your personal data or to restrict processing (where applicable).

However, this right does not apply where we have to comply with a legal obligation or where we need personal data for the establishment, exercise or defence of legal claims. In addition, if you opt out of marketing communications or have previously opted out of marketing communications, we have to keep a record of such opt out to ensure that we don’t contact you again in the future.

Right To Restriction

You have a right to request that processing of personal data is restricted in certain circumstances. However, we shall still continue to process the personal data for storage purposes, for the establishment, exercise or defence of legal claims.

Right To Object

Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation.

Right To Portability

You have the right to have the data we hold about you transferred to a third-party organisation, and you can ask that we provide it in a machine-readable format.

Right To Complain to The Supervisory Authority

You have the right to lodge a complaint with The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and more details can be found on their website www.autoriteitpersoonsgegevens.nl

10. CHANGES TO THIS PRIVACY STATEMENT

We reserve the right to change this statement from time to time at our sole discretion. If we make any changes, we will post those changes here and update the “Last Updated” date at the bottom of this statement. However, if we make material changes to this statement, we will notify you by means of a prominent notice on the website prior to the change becoming effective.

11. CONTACT DETAILS

For Data Subject Rights

To exercise your data subject rights, contact us at dpo@co-flo.nl If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.

For Further Information

Should you require additional information then you can contact our Data Protection Officer at the following email address: dpo@co-flo.nl

You may also contact our external Data Protection Officer at dpo@co-flo.nl, PrivacyEngine, by writing in:

Data Protection Officer (dpo@co-flo.nl)

Co-Flo Enterprise BV,

Industrieplein 1,

7553 LL Hengelo,

The Netherlands