This statement covers the obligatory rules for data processing on this website.
Stichting Producties De Nieuwe Kerk and Hermitage Amsterdam, using the email address firstname.lastname@example.org, henceforth to be called the Controller, declares the following;
Controller will comply with the demands of the Dutch Algemene Verordening Gegevensbescherming (AVG, GDPR) and will handle customer data with care. Personal details from customers and visitors of our website will be handled with the utmost care.
What Personal Data do we process and for which purposes
Personal data may be left on the website of Controller by e-mail or telephone, for the following reasons:
- Logging into our ticket system
- Leaving a contact request
- Leaving a message
- Registering/Applying for the newsletter
- Ordering a product or service from us
We may use these data to:
- Handle your payment
- Finish your order
- Improve our service
- Contact you, if required to delivering our service
- Inform you regarding changes in our goods and services
- Deliver goods and services to you
Controller will not use your personal data for any other purposes than the purpose for which you have provided your personal data. When applying/registering for the newsletter, your personal data will be added to our communication database, which means you may also receive other mail than newsletters from us, for example, invitations to events we organize.
Nature of the personal data
The personal data we keep are contact details: your name, your [email] address, your phone number and your bank account number. We explicitly do not collect sensitive data.
Automated decision making
Controller does not make decisions based on automated systems regarding cases that might (seriously) affect persons; this refers to decisions made by computer programs or systems, without a person (for example an employee of controller) affecting the decision.
Personal data and third parties
Controller may share your personal data with several third parties when such is deemed necessary to comply with previous agreements, or when required by law. Companies that process your personal data at our request will have signed an agreement to ensure the same level of safety and privacy regarding your personal data. Controller will, in any case, remain responsible for this processing. Controller may also share your personal data with other third parties, but only with your explicit consent.
How long we store Personal Data
Controller stores personal data only as long as is strictly necessary to achieve the goal for which the data were collected. We use the following durations for the relevant categories of personal data: Contact details: 3 years after last contact; Financial details: 7 years after last delivery, as required by Dutch fiscal law.
Inspection and changes
You have the right to ask controller for inspection of the personal data we stored at any time. You also have the right to adapt or delete this data. To do this, send an email to the address mentioned above.
Links to other pages
Our web pages contain several links to other websites. Controller may not be held accountable for the privacy and cookies regulations applied by these third parties
Do you have a complaint about the way we handled your data? If so, please contact us at the aforementioned email address [email@example.com]. If you are still unsatisfied, please contact the Dutch Autoriteit Persoonsgegevens through https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons. They will then decide whether an investigation is required.