Data processing

Privacy Policy for Customers and Website

This statement covers the obligatory rules for data processing on this website.

Stichting Producties De Nieuwe Kerk and Hermitage Amsterdam, using the email address pressoffice@nieuwekerk.nl, henceforth to be called the Controller, declares the following;

Controller will comply with the demands of the Dutch Algemene Verordening Gegevensbescherming (AVG, GDPR) and will handle customer data with care. Personal details from customers and visitors of our website will be handled with the utmost care.

What Personal Data do we process and for which purposes

Personal data may be left on the website of Controller by e-mail or telephone, for the following reasons:

  • Logging into our ticket system
  • Leaving a contact request
  • Leaving a message
  • Registering/Applying for the newsletter
  • Ordering a product or service from us

We may use these data to:    

  • Handle your payment
  • Finish your order
  • Improve our service
  • Contact you, if required to delivering our service
  • Inform you regarding changes in our goods and services
  • Deliver goods and services to you

Controller will not use your personal data for any other purposes than the purpose for which you have provided your personal data. When applying/registering for the newsletter, your personal data will be added to our communication database, which means you may also receive other mail than newsletters from us, for example, invitations to events we organize.

Nature of the personal data
The personal data we keep are contact details: your name, your [email] address, your phone number and your bank account number. We explicitly do not collect sensitive data.

Automated decision making
Controller does not make decisions based on automated systems regarding cases that might (seriously) affect persons; this refers to  decisions made by computer programs or systems, without a person (for example an employee of controller) affecting the decision.

Personal data and third parties
Controller may share your personal data with several third parties when such is deemed necessary to comply with previous agreements, or when required by law. Companies that process your personal data at our request will have signed an agreement to ensure the same level of safety and privacy regarding your personal data. Controller will, in any case, remain responsible for this processing. Controller may also share your personal data with other third parties, but only with your explicit consent.

How long we store Personal Data
Controller stores personal data only as long as is strictly necessary to achieve the goal for which the data were collected. We use the following durations for the relevant categories of personal data: Contact details: 3 years after last contact; Financial details: 7 years after last delivery, as required by Dutch fiscal law.

Inspection and changes
You have the right to ask controller for inspection of the personal data we stored at any time. You also have the right to adapt or delete this data. To do this, send an email to the address mentioned above.

Cookies
Our website uses Javascript and Cookies. Cookies are small text files containing information about, for example, your internet behaviour. By using these cookies, we can measure how our site is used and how it can be improved. We use Google Analytics for that purpose. We also use cookies required for the proper functioning of our website, for example the log-in portal for customers.

Permission
Controller only uses cookies on its site if you have given your permission to do so. You also have the option to adapt your browser settings to not receive any cookies from our site or any others.

Links to other pages
Our web pages contain several links to other websites. Controller may not be held accountable for the privacy and cookies regulations applied by these third parties

Complaints:
Do you have a complaint about the way we handled your data? If so, please contact us at the aforementioned email address [pressoffice@hermitage.nl]. If you are still unsatisfied, please contact the Dutch Autoriteit Persoonsgegevens through https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons. They will then decide whether an investigation is required.