The processing of personal data that you provide on this website will be done by Simfony BV, in accordance with the provisions of Dutch Law for the Protection of Individuals with regard to the Processing of Personal Data, the notification of the processing of such data being registered in the Register of personal data processors and following the rules set by Regulation 2016/679 of the European Parliament and the Council, more commonly known as “GDPR” (General Data Protection Regulation).
What personal data do we collect from people who visit our website and/or customers?
When ordering a product and/or service, or registering on our website, as appropriate, we will collect from you the following personal data:
This information is needed to help you with your experience and to fulfill legal and contractual obligations. Furthermore, we will collect your IP address when browsing our website, which will be used to geo-locate your position, with approximation.
Furthermore, usage and log information will be collected automatically when you use our services and/or products. This includes information about the devices’ activity, log information, data traffic, duration of activity, diagnostic and crash logs, performance logs and reports. While this information is not considered personal data, it will be collected as part of our services.
Credit card information, if supplied, is collected by a third-party gateway provider and we do not have access to this information.
When do we collect information?
We collect information from you when you register on our site, place an order or enter information on our website, depending of your interaction with our website. Furthermore, information will be collected when you use our services and/or products, regarding usage and log information, as described above.
How do we use your information?
The information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features, is used in the following ways:
Your name, mailing address and phone number will be stored for the duration of our contractual relationships, and afterwards only in order to fulfill legal obligations regarding fiscal regulations, for the period of time required in such legislation. If you subscribed to our newsletter, your e-mail address will be stored for an undetermined period of time, in order to deliver to you news and information about Simfony products and services, through our newsletter service. Should you decide you do not wish to receive this sort of information, your e-mail address will also be deleted, upon unsubscribing. However, you will have to keep a record of your un-subscription request.
What is the basis for processing personal data?
We collect, use and share your personal data for the following purposes:
How do we protect your information?
Your personal information is stored on the servers of Amazon Web Services (AWS) based in Frankfurt, Germany. Their services are ISO 270001, ISO 27017 and ISO 27018 certified, meaning AWS has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information, including personal data. Furthermore, the servers are hosted in highly secure data centers that utilize state-of-the art electronic surveillance and multi-factor access control systems. Data centers are also staffed 24×7 by trained security guards, and access is authorized strictly on a least privileged basis. Regarding the information you provide to us, it is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
Furthermore, our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on the servers we have access to. In addition, all credit card information you supply is encrypted via Secure Socket Layer (SSL) technology.
Traffic information, however, can pass through channels that are outside the European Union.
Rights of the users
According to the GDPR, individuals have the following rights in respect of the processing of their personal data:
1. Right of access to personal data:
If you are concerned with the processing of your personal data, you have the right to request, through a written, signed and dated request, information from Simfony regarding the following aspects: if the data concerning you is processed, the type of data that is processed, the purpose of the processing, the recipients of the data, the automatic processing mechanisms used by Simfony or the rights you have.
Simfony will provide the requested details within 30 days of receipt of the request from you.
2. Right to rectify your personal data:
Anyone concerned has the right to obtain from Simfony, on request and free of charge, where appropriate, rectification of their personal data.
You can also change your personal information by logging in to your account.
Simfony will inform you about the measures taken within 30 days from the receipt of such a request from you.
3. Right to erase their personal data, also known as “right to be forgotten”:
You have the right to request at any time the deletion of your personal data, in case they are no longer necessary for the scope they were provided in the first place, or your data has been processed illegally.
Simfony will inform you about the measures taken within 30 days from the receipt of the request from you.
4. The right to restriction of processing your personal data:
You have the right to request and obtain the restriction of processing your personal data if:
the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of it
you have objected to the processing of your personal data, while we verify our legitimate reasons for such a processing override those of yourself
You also have the right to object to your personal data being processed, on grounds relating to your particular situation, if that data is processed by us whilst invoking a legitimate interest.
5. Right to portability of your personal data:
You have the right to request that the personal data concerning you, which you have provided to us, be transferred in a structured, commonly used and machine-readable format to another data controller.
6. Right to object to an automated individual decision-making process:
Simfony does not use an automated individual decision-making process, but should that be the case, you have the right to not be subject to a decision based solely on automated processing.
7. The right to lodge a complaint:
You have to right to address a complaint regarding the way Simfony is processing your personal data.
We do not sell, trade, or otherwise transfer to outside parties your personal data, unless you agree to this transfer. This does not include website and server hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its’ release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
We do not include or offer third-party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We have not enabled Google AdSense on our site, but we may do so in the future.
According to the standards of good practice in the industry, we agree to the following:
Visitors can surf our website anonymously.
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
Our website allows third-party behavioral tracking for the purpose of analyzing the activity that users have on our website.
Underage Online Privacy Protection
We do not specifically market to persons under the age of 18 years old.
Data Breach Procedures
Should any data breach occur, and in order to be in line with the General Data Protection Regulation, we will notify you via e-mail within 72 hours after having become aware of such a data breach.
We collect your e-mail address in order to process your orders and customer service requests and, if you opt in, to send you updates about the products and services that we offer, through our newsletters.
We also agree to the following:
If at any time you would like to unsubscribe from receiving future emails , you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.