PRIVACY STATEMENT OF APRIL IN PARIS B.V.
April in Paris B.V. (“AIP“, “we“, “us“) acts as data controller under the General Data Protection Regulation (“GDPR”) and relevant GDPR implementation Acts and the provisions of other applicable laws, regulations and rules.
We endeavour to meet and surpass your expectations in all domains, including that of your privacy. We do this by ensuring that we provide quality service and at the same time, protect all your personal data entrusted to us.
Therefore, we would like you to have a clear view of how we are using personal data and the ways in which you can access your personal data and protect your privacy. We do so by way of this this privacy statement (the “Privacy Statement”).
This Privacy Statement explains:
- what personal data information we have and / or collect, and why we collect it;
- how we use that personal data;
- your options and choices with respect to access, update or deleting your personal data.
We encourage you to read this this Privacy Statement very carefully. From time to time, we may need to change this Privacy Statement. The most recent version of this this Privacy Statement is available on our website at [●] (the “Website”). If we deem the changes to be significant, we may also inform you via email of any updates to this Privacy Statement. You may also write to us at the (email) address below if you have any queries about this Privacy Statement.
Whose personal data do we collect?
Clients and other Contracting Parties
We retain essential information about our clients and other contracting parties, as required by law, and to fulfil our contractual obligations with them.
Marketing, Communications, Website visitors and Ecommerce clients
We provide you with regular information, including news, event invitations, updates, or tailored communications, which we think, may interest you. For this reason, we process your personal data in our client relation management systems. You may at any time unsubscribe yourself from our mailing list, by clicking the “Unsubscribe” button at the bottom of each newsletter email. We do not share, license or sell your email address.
With respect to other communications, we collect your personal data because you are or have been a client, a visitor to our Website or other valued contact. At all times, we try to send only the most pertinent communications and personalize our communications to the extent possible. Furthermore, we use the information provided by you to better understand the recipients of our communications and to improve our communications.
How do we collect your personal data?
We may collect information about you:
- directly from you, such as the information you have provided to us at the time of opting-in for any of our communications, such as the mailing lists or when you interact with us directly (by email, telephone or letter);
- when you enter into an agreement with us; and
- when we collect personal data from other sources, such as the Trade Register of the Chamber of Commerce, LinkedIn or business’ corporate websites
What are our legal bases for collecting your personal data?
There are six legal bases for lawfully collecting and processing your personal data:
- your consent – which is self-evident;
- contractual obligations – that we may have to each other;
- our legitimate interest – e.g. managing and administering the relationship with our clients and other contracting parties, which may include marketing activities;
- legal compliance – if we are required by law to process specific personal data, such as for identification purposes;
- vital interest – if it is in your vital interest that we store some personal information – for example, food allergy information; and
- public interest – if required by a public authority or in public interest.
In general we shall collect and process personal data based on your consent, contractual obligations, our legitimate interest and in order to comply with legal obligations.
What personal data do we collect from you?
- basic information (such as your name, gender, title, position, the company you work for, your relationship to our organization);
- contact details (email, address, telephone numbers);
- link to your LinkedIn page;
- your contact person at AIP;
- data necessary for processing invoices;
- personal data provided to us in the course of rendering services which may include special categories of data (such as passport number, citizen service number);
- data relating to your areas of interest;
- marketing lists in which you are included based on your areas of interest;
- opt-in / opt-out for marketing materials;
- opt-in / opt-out for other communications;
- whether you have opened the communications and or clicked on any links included in the communications;
- metrics of your visit on our Website;
- any other relevant personal data relating to you that you provide to us; and
For what purposes do we collect this personal data from you?
We collect your personal data to:
- correctly address your in any communication;
- process and to respond to requests, enquiries or complaints received from you;
- manage and administer our relationship with you;
- comply with regulatory and policy requirements;
- provide services requested by you;
- identify services you may be interested in;
- communicate with you about our services;
- provide and improve our Website by generating statistics regarding the use of the Website;
- monitor and analyse our business processes and systems;
- handle your job application or subscription to any of our recruitment services or events;
- business development activities; and
- customize our communications.
With whom do we share your personal data?
Our Partners in the EU
In the context of the purposes as listed above, we may share your personal data with third parties, such as researchers that help us analyse our communications. However, we ensure that there are contractual obligations on all third parties with respect to the handling and protection of your personal data.
Our Partners outside the EU
As a general rule, we do not share your personal data as set out above with other parties located in countries outside the European Union, which countries may offer a lower level of data protection than in the Netherlands. In such cases, if entities based in non-EU countries are to handle your personal data, we shall ensure that sufficient measures are always taken to ensure adequate protection of your personal data.
We reserve the right to disclose your personal data to a party who may purchase any or all of our assets. However, we ensure that there are contractual obligations on such third party with respect to the handling and protection of your personal data.
Law Enforcement Agencies
We reserve the right to disclose your personal data to any law enforcement agency requesting it in connection with the commission of any offence, once we are reasonably satisfied as to the circumstances surrounding the request. We also reserve the right to access and disclose your personal data in order to comply with applicable laws and lawful government requests, to operate our systems properly or to protect our users and ourselves.
How long do we store your personal data?
We will store your personal data no longer than necessary to achieve the purpose stated in this Privacy Statement. Your personal data will be retained in accordance with our retention policy which is available upon request. The retention period for each category of personal data is based on regulatory and policy requirements and the purpose for which the information is collected and used.
How do we protect your personal data?
We have taken appropriate technical and organisational measures to protect personal data against loss or against any form of unlawful processing. The latest version of our data protection policy is available upon request. A copy of the information security policy is available upon request.
What are your rights and how you can exercise them?
The GDPR foresees in certain rights for data subjects. You, as a data subject, have the right to:
- information about and access to your personal data;
- rectify or correct your personal data;
- request erasure of your personal data (‘right to be forgotten’);
- restrict or object to the processing of your personal data;
- receive your personal data in a structured, commonly used and machine readable format and to (have) transmit(ted) your personal data to another organization;
- object against profiling; and
- withdraw your consent for the future to the extent that the processing of your personal data takes place on the basis of your consent.
Should you wish to exercise any of your rights, you may contact our Privacy Officer. The contact details for the Privacy Officer are provided at the bottom of this Privacy Statement.
Finally, you have the right to lodge a complaint with the Dutch Data Protection Authority.
If you have any questions, comments or complaints in relation to this Privacy Statement or the processing of your personal data by us, please feel free to contact your regular contact with AIP or our Privacy Officer at:
April in Paris B.V.
Attn.: Privacy Officer