SU DESIGN & ACCESSORIES B.V. (“SU Design”), a private limited company established under Dutch law, is responsible for processing personal data as described in this privacy statement.
Contact information SU Design
SU DESIGN & ACCESSORIES B.V.
De Cuserstraat 94, 1081 CN Amsterdam
Tel: +90 212 511 22 82
Which personal data do we process?
We process the following types or categories of personal data:
- postal code;
- place of residence;
- e-mail address;
- telephone number;
- credit card information;
- website traffic information such as IP address browser type and time zone;
- data about your internet;
The personal data has been provided to us on initiative of the data subject or has been obtained in the context of the provisions of our services.
For which purposes do we process data?
We process the abovementioned personal data exclusively for the following purposes:
- to perform an agreement (e.g. in order to supply products, services or provide the information you selected, accounting purposes, processing payments, invoicing, audits, verification of credit and other payment cards. In addition, we might use your details to communicate with you and maintain our relationship; we may on occasion contact you by e-mail or post for administrative or operational purposes, for example in case of a service message);
- to personalize and improve your customer experience: e.g. to provide you personalized offers and/or adjust the information offered to you or carry out market research based on your previous purchases and/or use of our services.
- to keep you informed of our latest news and the products and services (we may choose to inform about interesting news and similar products and services of SU Design. The legal ground for this is the legitimate interest of SU Design to develop marketing activities. You always have the opportunity to object to these messages;
- to analyze, maintain, improve and secure our services and website (based on information about your interests and use of our products and services and any evaluations completed by you, we try to improve our products and services. We may also assess the success of our marketing, retargeting marketing and advertising campaigns. We screen our orders for potential risk or fraud. The legal ground for this processing is the legitimate interest of SU Design to understand how customers use its services in order to improve and optimize them);
- to meet legal obligations and to meet our legitimate interests (e.g. for collection, fraud screening, safety, security and legal purposes, such as dealing with disputes and meeting applicable laws and regulations);
How do we secure your personal data?
SU Design takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your data is not properly secured or that there are indications of misuse, please contact our customer service or contact SU Design via firstname.lastname@example.org In the event of a security breach, we will report it to the appropriate authorities, as required by law. In addition, we will contact those concerned within the legally established deadlines.
We keep an up-to-date local secured back-up of the personal data of our customers.
What is the storage period of your personal data?
How can you view, modify or delete data?
You have the right to view, correct or delete your personal data. In addition, you have the right to withdraw your possible consent to the data processing or to object to the processing of your personal data by SU and you have the right to data transfer. This means that you can submit a request to us to send the personal data we hold about you in a computer file to you or to another organization named by you.
You can send a request to email@example.com for inspection, correction, deletion and retrieving of your personal data or a request to withdraw your consent or objection to the processing of your personal data.
To ensure that the request for inspection has been made by you, we may ask you to enclose a copy of your proof of identity with the request. In this copy, make your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and personal ID number marked out. This is to protect your privacy. We will respond to your request as soon as possible, within four weeks.
You always have the right to file a complaint with the Dutch Data Protection Authority (de Autoriteit Persoonsgegevens) in charge of protecting personal information.
Which cookies do we use?
To enhance the user’s experience with our website and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your device. We may store functional cookies, statistical cookies, preference cookies and marketing cookies. For more information about cookies and how we use them, please read our Cookie Statement.
Do we share personal data with third parties?
We do not sell your data to third parties and we only provide them if there is a legal ground to do so, for instance if it is necessary for the execution of an agreement with you or to comply with a legal obligation or in case of our legitimate interests. The latter only after we have weighed these interests against your legitimate interests.
A data processing agreement will be concluded with the third party that processes your personal data on behalf of and at the instruction of SU Design, as a result of which that third party will also be obliged to comply with the GDPR. SU Design remains responsible for these processing operations.
Do we use third party services on our website?
Besides the third parties listed in our cookie statement FILL IN LINK, we use the following third party services:
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Mailchimp is an online marketing platform operated by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States. Mailchimp enables us to, among other things, send and manage email campaigns across channels, serve advertisements, and create websites and landing Pages. Mailchimp provides us other related services as well, such as real-time data analytics and insights to help us track and personalize our marketing activities.
Our website may contain buttons and/or links to promote or share web pages on social (media) networks or websites of third parties, such as Twitter, Instagram, and Facebook. We do not supervise and are not responsible for the processing of your personal data by and through such third parties. The use of these media is therefore at your own risk. Before you use the services of third parties, it is advisable to first read the privacy statement of those third parties.
Do we transfer personal data outside the EEA?
We may transfer your personal data to countries outside the EEA, but only if the country in question has been deemed by the European Commission to provide an adequate level of protection for personal data or by ensuring that the appropriate safeguards have been put in place or in case an exception applies.
Changes to this privacy statement
Please note that because of the changing nature of privacy laws and regulations, digital technologies, and our business, we may modify this Privacy Statement from time to time. Please review this privacy statement periodically to become aware of any changes that may have occurred (we will update the effective date at the top of the page to help you know when changes have been made).
All rights to data, applications, and other content on this website remain the sole property of SU DESIGN & ACCESSORIES B.V. (“SU Design”) unless they belong to third persons and/or entities pursuant to agreements concluded with them, and any and all intellectual rights, trademarks, patents, and industrial design and other intellectual rights on, in and in relation to such content are the exclusive and sole property of SU Design and may not under any circumstances and by any means whatsoever be used, marketed, sold, or used in connection with such transactions without prior consent of SU Design in writing.
We collect cookies and other similar technologies on our website (collectively “cookies”). A cookie is a small file that is created by your browser and stored on the harddisk of your device. When you visit our website for the first time, a cookie statement will appear. You can indicate which cookies you allow us to store in your browser. We have conducted agreements with third parties that might store cookies when you visit our website. However, we do not control what they do with these cookies. We advise you to also read their privacy and cookie statements on this behalf.
Functional and technical cookies
User-centric security cookies
To detect authentication abuses for a limited persistent duration, like repeated failed login attempts. Used to secure the session and prevent session hijacking.
Multimedia content player session cookies (flash cookies)
Used for the duration of a session to store technical data needed to play back video or audio content (e.g. image quality, network link speed, and buffering parameters).
Load balancing session cookies
Used to distribute requests to the server to ensure the accessibility of the website.
User interface customization persistent cookies
Used to store a user’s preference regarding a service across web pages.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
Google Analytics uses methods that allow your use of the website to be analyzed, e.g. through the use of so-called cookies, which are text files that are saved on your computer. In general, the information collected about your use of this website is transferred to and stored on one of Google’s servers in the United States.
Google Tag Manager
This site uses Google Tag Manager. Google Tag Manager cookies enable us to measure the traffic and user behaviour, gain insight in the effect of online advertisement and social channels, use remarketing and target group marketing and test and improve our site.
We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) on our website. This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation.
You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy.
We use Criteo to collect a limited amount of data relating to your browsing, such as the products you have viewed, put in your shopping cart and purchased. This navigation data is linked to a unique identifier, namely an identification cookie or any other similar technology (such as mobile advertising identifiers and non-cookie technologies) depending on your navigation environment.
We notify Criteo, either directly or through an advertiser exchange, that an advertising space is available to offer you personalized advertising. The Criteo technology then may decide to purchase that advertising space.
The advertising you see from our partners when using our technology is based on our recommendation algorithms.