Privacy Policy

 

Highleytall is committed to protecting your personal data. We will of course respect your privacy in this and ensure that all your personal data is treated confidentially. In this privacy policy we want to provide clear and transparent information about how we handle your personal data.

We make every effort to ensure your privacy and therefore handle personal data with care. Highleytall is compliant in all matters of applicable laws and regulations, including the General Data Protection Regulation. This means that at the very least we:

-          Will process your personal data in accordance with the purpose for which it was provided, these purposes and the type of personal data are described in this privacy policy;

-          Will limit the processing of your personal data to the minimum amount of data required for the purposes for which they are processed.

-          Will request your express consent if we need it for the processing of your personal data;

-          Have taken appropriate technical and organizational measures to ensure the security of your personal data;

-          Will not pass on personal data to other parties, unless this is necessary for carrying out the purposes for which they were provided;

-          Will know your rights regarding your personal data, will point them out to you and will respect them.

At Highleytall we are responsible for processing of your personal data. If, after reading our Privacy Policy, or in a more general sense, you have questions about this or wish to contact us, please do so using the contact details at the bottom of this page.

 

Processing of Customer personal data

 

Customer personal data is processed by Highleytall for the following purpose(s):

-          Administrative and statistical purposes;

-          Communication relating to the order;

-          Effecting the order;

The basis for this personal data is:

-          The agreed order.

Highleytall may request the above personal data from you for the following purposes:

-          Name;

-          Surname prefis;

-          Surname;

-          (Business) phone number;

-          (Business) Email address;

-          Bank account number and/or method of payment;

-          Login details (user name and password).

Your personal data will be stored by Highleytall for the above mentioned processing for the period:

-          During the term of the agreement and in  administration for a maximum of 7 years.

 

Processing of personal data of newsletter subscribers

 

Personal data of newsletter subscribers are processed by Highleytall for the following purpose(s):

-          Informing the person by means of a newsletter.

The basis for this personal data is:

-          The newsletter registration form;

Highleytall may request the above personal data from you for the following purposes:

-          Name;

-          Surname prefis;

-          Surname;

-          Email address.

Your personal data will be stored by Highleytall for the above mentioned processing for the period:

-          During the period that you are registered.

 

Processing of data from website users / Cookies

 

Data from website users are processed by Highleytall for the following purpose(s):

-          To improve the functionality, content and find-ability of the website.

The following types of cookies are used for this:

-          Functional cookies, intended for proper functioning of the website, such as storing products in the shopping cart

-          Analytical cookies, the website can be further optimised with this data

-          Tracking cookies, visitor surfing behaviour is recorded with this data from which targeted offers can ultimately be made.

Highleytall can process the following data from you for the above purposes:

-          IP address;

-          Click behaviour;

-          Navigation behaviour.

Highleytall collects this data through anonymous cookies. The data is collected and processed anonymously and cannot be linked to your personal data.

 

Provision to third parties within the EU

 

We may provide the information you give to us to third parties if this is necessary for the execution of the above described purposes.

For example, we use a third party for:

-          Managing (financial) administration;

-          Managing the news letters;

-          Managing and tracking (return) shipments.

-          Managing order payments

We never pass on personal data to other parties with whom we have not entered into a processor agreement. We of course make the necessary arrangements with these parties (processors), to ensure the security of your personal data. Furthermore, we will not pass on the information provided by you to other parties, unless this is legally required and permitted. We may also share personal data with third parties if you provide us written consent to do so.

 

Provision to third parties outside the EU

 

We only provide personal data to parties located outside the EU if we have a clear agreement with the party in question that states that the information provided may only be used for the purpose for which the customer provided the data.

We use a third party outside the EU for:

-          Managing newsletters (Mailchimp).

-          Retention of data (Dropbox)

 

Minors

 

Our website and services (such as newsletters) are not aimed at under-age children (younger than 16 years). For this reason, we do not accept orders or newsletter registrations from persons under the age of 16. If you are not yet 16, please ask your parent, caregiver or legal representative to order or register for you under their own name.

If we become aware of the fact that we have collected personal data from a minor, we will delete it as soon as possible, unless we are legally obliged to keep such data. Please contact us if you think we have accidentally or unintentionally collected information from a minor.

 

Retention period

 

Highleytall stores personal data as long as necessary for the purpose for which they were provided or required by law.

Orders: This is 7 years on the basis of the  financial administration statutory retention period.

Newsletter: until consent has been withdrawn.

 

Security

 

We have taken appropriate technical and organizational measures to protect personal data against unlawful processing, for example we have taken the following measures;

-          All persons who can take note of personal data on behalf of Highleytall are bound to secrecy thereof, except to the extent that they are obliged by law or regulation to issue notifications.

-          We use a user name and password policy on all our systems;

-          We pseudonymise and ensure the encryption of personal data (SSL encryption) if there is reason to do so;

-          We make back-ups of personal data in order to be able to recover these in case of physical or technical incidents;

-          All physical files with personal data are stored in a closed office space and are shredded before they are discarded;

-          We regularly test and evaluate our measures;

-          Our employees have been informed about the importance of the protection of personal data.

 

Rights with regard to your data

 

You have the right to inspect, rectify or delete the personal data we have received from you. You can also contest the processing of your personal data (or a part thereof) by us or by one of our processors. Additionally you have the right to have the data provided by you transferred by us to yourself or on behalf of you directly to another party. We may ask you to identify yourself before we can respond to the aforementioned requests.

Highleytall will inform you in writing within four weeks of the request which data will be processed, for what purposes this data will be processed, where this data comes from, to whom it will be provided and for what purposes this will happen. You also have the right, by means of a request addressed to Highleytall to correct, supplement or delete the relevant personal data. You can make this request if the data is factually incorrect, incomplete or irrelevant for the purposes of the processing or processed in violation of the law.

Should we process your personal data on the basis of consent provided by you, you always have the right to withdraw this consent.

 

Contact

 

Should you have comments or questions about the processing of your personal data, or if you want to view all the data collected about you, we ask you to get in touch with us directly using the contact details below.

If we are unable to resolve this together, you have the right to file a complaint with the Dutch Data Protection Authority. This is the supervisory authority in the field of privacy protection.

Highleytall can amend this privacy policy in the interim if developments occur in, for example, technology, legislation, processing or provision of services.

 

Highleytall.com

De Marowijne 27a

1689 AR Zwaag

info@highleytall.com

Chamber of Commerce: 37164199