Mientje Fröbel processor contract

This processing agreement and the sub-processor page (https://www.mientjefrobel.nl/c-4450965/subverwerkers/) referred to at various times in this document are an addition to the main agreement between the consumer and Mientje Fröbel.

When using our services you must agree to our terms and conditions, processing agreement and the provisions on the subprocessor page. The subprocessor page is a page with an overview of all subprocessors necessary for the entire order process.

In order to process the order(s) placed, we use personal data that you provide to us. This processing agreement sets out how we handle the personal data you provide to us. 

Article 1 - What are personal data

Article 2 - Who has what role

Article 3 - When is this processing contract valid? 

Article 4 - Why and how we process personal data 

Article 5.1 - register

Article 5.2 - provision of information

Article 6.1 - Customer reviews - the invitation

Article 6.2 - Customer reviews - the assessment

Article 7 - Mediation in disputes

Article 8 - Sharing data with third parties

Article 9 - Security measures 

Article 10 - Control by you 

Article 11 - Data breaches

Article 12 - Liability

     

Article 1 - What are personal data

By personal data we mean all information about a natural person that is or could be identified with that information. This may include, for example, a name, telephone number, identification number, IP address or physical characteristics.

 

Article 2 - Who has what role

Every natural person whose personal data are processed is 'data subject'.

Mientje Fröbel is the 'controller'. We determine why and which personal data must be processed and how this is done. We are also the 'processor'. We process personal data on behalf of the webshop.

A party that processes personal data on behalf of Mientje Fröbel on the basis of the main agreement is 'subprocessor'. These subprocessors are shown on the subprocessors page (https://www.mientjefrobel.nl/c-4450965/subverwerkers/).

 

Article 3 - When is this processing agreement valid?

This processing agreement is a supplement to the sales contract and general terms and conditions between the party concerned and Mientje Fröbel. If the main contract between the data subject and the processor (including the applicable general terms and conditions) already contains provisions with regard to the protection and processing of personal data and/or data security, its applicability will lapse and the provisions of this processor contract will replace them.

This processing agreement commences at the time of (digital) sub-drawing and applies as long as personal data are processed on the basis of the purpose of the main agreement. This agreement is part of the main agreement that is agreed upon when entering into a purchase agreement with Mientje Fröbel. In the event that the main agreement comes to an end, data will be deleted unless there is an applicable retention period for data. Such a retention period may, for example, arise from administrative obligations even after the agreement with this web shop has ended, this is always based on the legitimate interests of consumer protection. At the request of the data subject, data can be made anonymous.

We are entitled to change or supplement this processing agreement and the content of the subprocessor page. These changes will be published on the website in a timely manner.

Changes that are necessary in connection with (legal) rules, policies, regulations, technology, etc. can be made by us at any time. Such changes are necessary in order to provide the best possible service.

 

Article 4 - Why and how we process personal data

The personal data we receive from you are processed for the purpose of processing and delivering the order placed, sending order status updates and for after-sales (reviews), this is always based on the legitimate interests of consumer protection. In this context, we can distinguish five main processes:

 

Order processing
Creation of address labels
Shipping order
Status updates by email
Review request by e-mail
Other correspondence by e-mail necessary for the processing of an order. 

 

Article 5.1 - register

 

Personal data that we store in this register:
company name (optional)
consumer/contact name
address details
phone number
email address
   details of an alternative delivery address (optional) e.g. when sending directly
   from a gift

- We process these personal data in order to be able to carry out the main transaction with you.

- We consider the risk of processing these personal details low.

      

Correspondence is sent via e-mail (https://www.mientjefrobel.nl/c-4450965/subverwerkers/). Invoices are sent via the management platform of the webshop.
- In principle, we store this data indefinitely. We consider this necessary from an administrative point of view. At the request of the person concerned, we can anonymise the personal data from the register.

Article 5.2 - provision of information

- When a subscription for the newsletter has been made, the e-mail address will be used to send this newsletter.

- To send the newsletter, we process the following personal data: your name and e-mail address.

- We process these personal data in order to be able to carry out the main delivery with you.

- We consider the risk of processing these personal data low.

- Correspondence will be sent via e-mail (https://www.mientjefrobel.nl/c-4450965/subverwerkers/).

We keep this data as long as you are subscribed to the newsletter. You can unsubscribe from our newsletter in the e-mail you receive.

Article 6.1 - Customer reviews - the invitation

- In order to inform consumers about the quality of Mientje Fröbel we invite customers to leave a review about Mientje Fröbel. Our sub-processor (https://www.mientjefrobel.nl/c-4450965/subverwerkers/) will then send an e-mail on behalf of Mientje Fröbel to our customers and publish the review. Sending this email will automatically be our own email address.
- To send the invitation, we process the following personal data: name and e-mail address of the consumer and order number. Optionally, the consumer's phone number and ordered products can also be processed, e.g. for sending a mobile invitation and/or collecting product reviews.

- We consider the risk of processing these personal data average.

Invitations are sent via e-mail (https://www.mientjefrobel.nl/c-4450965/subverwerkers/).
These data are kept for three years by our subprocessor. They consider this to be necessary in order to provide statistics and to prevent abuse and to protect our webshop.

Article 6.2 - Customer reviews - the assessment
- The reviews about our webshop are published on our member page and our webshop. If a remarkable or hurtful review is left behind, a moderation request can be submitted to the subprocessor. If Mientje Fröbel does this, the subprocessor will in most cases contact the person who left the review on our behalf to ensure the reliability of reviews.

- To publish and manage the reviews we process the following personal data: the review text, name, e-mail address, customer ID, order number and IP address of the consumer. Optionally, the consumer's phone number and the ordered products can also be processed. An order number is requested but is not mandatory.

- The consumer gives us permission to process and publish these personal data when issuing the review.

- We consider the risk of processing these personal data average.

- Correspondence will be sent via e-mail (https://www.mientjefrobel.nl/c-4450965/subverwerkers/).

- We retain this data indefinitely. We consider this necessary from the point of view of informing the consumer about the reliability of the webshop, this is always based on the legitimate interests of consumer protection. The

consumer is able to adjust or remove his/her own assessment. The assessment can also be removed by Stichting WebwinkelKeur at the request of the consumer.

or web store.

Article 7 - Mediation in disputes

- Mientje Fröbel has entered into an agreement for the mediation of disputes. Our sub-processor (https://www.mientjefrobel.nl/c-4450965/subverwerkers/) will contact both parties with the aim of reaching a joint solution to the dispute. If this is not possible, the consumer has the choice to report the dispute to an independent mediator. In that case, all available information from the web shop and customer will be shared with an independent mediator to reach a verdict. Before this information is shared with the independent arbitrator, the sub-processor will contact the online store and the consumer (https://www.mientjefrobel.nl/c-4450965/subverwerkers/).
- For dispute mediation we process the following personal data: name, address, telephone number and e-mail address of the contact person, the contents information about the nature of the dispute and the desired solution of the dispute.

- This personal data we process to the dispute mediation on behalf of the consumer to be able execute.

- We find the risk of the processing of these personal details on average.

- Correspondence including a possible judgment is sent via e-mail. https://www.mientjefrobel.nl/c-4450965/subverwerkers/.

- We store this data indefinitely. We consider this to be necessary in order to be able to give an opinion about the reliability of the webshop in the future, this is always based on the legitimate interests for the protection of the consumer. At the request of the person involved, we can anonymize the personal data.

Article 8 - Sharing data with third parties

The data you share with us is important and our sub-processors understand that too. We only share personal data with subprocessors that we mention on our website. All these subprocessors:

 

- have taken appropriate technical and organizational security measures

- and take the necessary steps to ensure proper data protection.

The level of data protection is related to a risk assessment.

      

We may not share data with any subprocessor that does not meet the above requirements without your express written consent. By only working with parties who meet these requirements, we ensure that your data is also processed correctly and securely by these subprocessors. (https://www.mientjefrobel.nl/c-4450965/subverwerkers/)

Article 9 - Security measures

We handle the personal data we process with care. This includes preventing unauthorised access/processing, loss, guaranteeing availability and monitoring the integrity of the data files. We have therefore made at least the following security arrangements:

- Network connections for our computer systems with which the data processing takes place are secured by means of an SSL encryption (128-bit);

- If a remote connection is established to a computer system with which data processing takes place, access is secured;

- access to the computer systems with which the data processing takes place is secured with a user name and password;

- we maintain a strong password policy. Each password has at least 8 characters, at least 1 letter, at least 1 number at least 1 symbol and may not have a previously used character string;

- all computer systems with which the data processing takes place have a reliable virus scanner that is always up-to-date;

- no personal data is stored on a private computer;

- a back-up is kept by default for a period of one year and is password protected.

- All our sub-processors and other third parties are obliged by us to maintain confidentiality. This will only be waived after your explicit written consent or if we are obliged by law to share the data;

 - old and unnecessary documents are destroyed in an accurate manner.

      

Article 10 - Control by you

If you have a reasonable suspicion that we do not handle personal data as stated in this agreement, you have the right to have an audit conducted.

If you wish to have an audit carried out, you must give at least 14 days' notice in writing. If the date does not fit our schedule, we will suggest an alternative date.

The auditor must be a member of the professional body of IT auditors NOREA or must meet the same quality standards that NOREA sets for its members.

The costs of the auditor and the costs of our staff will be borne by you.

We will assist in the exercise of requests or rights of those involved.

Article 11 - Data breaches

If a security incident does occur that has an impact on the rights and freedoms of individuals, we will report it to you as soon as possible. You, as the person responsible, must report this to the Personal Data Authority. In any case, we will report the following incidents to you as soon as possible:

- The website with login details has been hacked or has become accessible to third parties;

- The loss of a data carrier containing personal data;

- letters or e-mails containing personal details have been sent to an incorrect address;

- the ICT system containing personal data has been hacked.

Article 12 - Liability

Any liability on the part of Mientje Fröbel is limited to that stated in our General Terms and Conditions.

(translated with Deepl.com)

© 2015 - 2021 mientjefrobel | sitemap | rss | ecommerce software - powered by MyOnlineStore