Privacybeleid
- Home
- Privacybeleid
“Wij hebben ons privacybeleid in het Engels opgesteld, zodat het voor iedereen eenvoudig te begrijpen is.”
We are pleased that you have expressed interest in our company. The protection of data is a top priority for the management at GSM Diemen. Using the internet pages of GSM Diemen is possible without providing any personal information. However, if a user wishes to access specific enterprise services through our website, the processing of personal data may be necessary. In cases where such processing is required and there is no legal basis, we typically seek consent from the individual involved.
The processing of personal data, including the name, address, email address, or telephone number of an individual, will always comply with the General Data Protection Regulation (GDPR) and adhere to country-specific data protection regulations applicable to GSM Diemen. Through this data protection declaration, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Additionally, this declaration informs data subjects of their entitled rights.
As the data controller, GSM Diemen has implemented various technical and organizational measures to ensure the comprehensive protection of personal data processed through this website. However, it is important to note that internet-based data transmissions may, in principle, have security gaps, and absolute protection cannot be guaranteed. Therefore, every data subject is free to choose alternative means, such as by telephone, to transfer personal data to us.
1. Definitions
The data protection declaration of GSM Diemen is crafted based on the terms employed by the European legislator for the enactment of the General Data Protection Regulation (GDPR). Our objective is to make our data protection declaration clear and comprehensible for the general public, as well as our customers and business partners. To achieve this, we would like to provide an explanation of the terminology used.
In this data protection declaration, we utilize, among other terms, the following:
a) Personal data
Personal data refers to any information pertaining to an identified or identifiable natural person (“data subject”). An identifiable natural person is someone who can be directly or indirectly recognized, especially through an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
c) Processing
Processing refers to any operation or set of operations performed on personal data or sets of personal data, whether or not automated. These operations include collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Restriction of processing
The restriction of processing involves marking stored personal data with the goal of limiting their processing in the future.
e) Profiling
Profiling refers to any automated processing of personal data that involves the use of such data to assess specific personal aspects related to a natural person. This may include analyzing or predicting aspects concerning the individual’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseuonymisation
Pseudonymisation is a data processing technique under GDPR that involves modifying personal data so that it can’t be directly linked to an individual without additional information. This additional information is kept separately and subject to security measures to prevent re-identification. Pseudonymisation allows for data analysis while safeguarding individuals’ privacy.
g) Controller or controller responsible for the processing
The controller, or controller responsible for processing, is an individual or entity, whether a natural person, legal entity, public authority, or agency. This entity, either independently or in collaboration with others, is responsible for deciding the purposes and methods of processing personal data. In cases where Union or Member State law dictates the purposes and methods of processing, the controller may be designated by Union or Member State law or through specific criteria outlined in such laws.
h) Processor
A processor is an entity, whether an individual or organization, that handles personal data on behalf of and as instructed by the controller. They operate under a data processing agreement and must comply with the terms to ensure lawful and secure data processing.
i) Recipient
A recipient is an individual or entity, including natural or legal persons, public authorities, agencies, or other bodies, to whom personal data is disclosed, whether or not they are a third party. However, public authorities receiving personal data in the context of a specific inquiry, in line with Union or Member State law, are not considered recipients. The processing of such data by these authorities must adhere to applicable data protection rules, aligning with the purposes of the processing.
j) Third party
A third party is anyone, other than the data subject, controller, processor, or those authorized by them, who processes personal data. They may be individuals, organizations, or authorities not directly involved in the immediate processing responsibilities.
k) Consent
The data subject’s consent is a clear, voluntary, specific, and well-informed expression of their wishes, indicating agreement to the processing of their personal data. This agreement can be conveyed through a statement or a distinct affirmative action.
2. Name and Address of the controller
The controller, under GDPR and other EU data protection laws, is the entity, whether a person or organization, responsible for deciding how and why personal data is processed.
GSM Diemen
- Arent Krijtsstraat 15, 1111 AG Diemen, Netherlands
- +31 6 33 150 150
- Gsmdiemen@gmail.com
3. Cookies
The GSM Diemen’s website utilizes cookies, which are text files stored in a computer system through an Internet browser.
Numerous websites and servers employ cookies, often containing a unique identifier known as a cookie ID. This ID is a distinctive character string enabling Internet pages and servers to associate with the specific browser in which the cookie is saved. This differentiation helps websites and servers recognize an individual’s browser, distinguishing it from others with different cookies. The unique cookie ID facilitates the identification of a specific Internet browser.
By utilizing cookies, GSM Diemen can offer users of its website more user-friendly services that would be challenging to provide without the cookie setting.
Cookies are employed to optimize information and offers on our website for the user. As mentioned earlier, cookies enable us to recognize website users, enhancing their experience. This recognition simplifies website usage, eliminating the need for users to enter access data each time they visit, as the website stores this information in a cookie on the user’s computer system. An illustrative example is a shopping cart cookie in an online store, where the website remembers items placed in the virtual shopping cart by the customer.
Users can block the setting of cookies on our website by adjusting their internet browser settings. Deleting already set cookies is also possible through the browser or other software programs. However, disabling cookies may affect the full functionality of our website, limiting some features.
4. Collection of general data and information
When a user or automated system accesses the GSM Diemen website, general data and information are automatically collected and stored in server log files. This includes details such as (1) browser types and versions, (2) operating system information, (3) the referring website, (4) sub-pages, (5) date and time of access, (6) IP address, (7) Internet service provider, and (8) other data relevant in the event of IT system attacks.
GSM Diemen uses general data and information collected from website visits for specific purposes, including delivering content, optimizing the website and ads, maintaining IT system viability, and providing information for law enforcement in case of cyber-attacks. The analysis is done anonymously to enhance data protection. Server log file data is kept separate from personal data provided by users.
5. Contact possibility via the website
The GSM Diemen website provides information for quick electronic contact with the company, including a general email address. When a data subject contacts the controller via email or a contact form, the voluntarily provided personal data are automatically stored. This data is stored for the purpose of processing and communicating with the data subject, and there is no sharing of this information with third parties.
6. Routine erasure and blocking of personal data
The data controller will process and store the personal data of the data subject only for the duration necessary to fulfill the intended purpose or as permitted by applicable European or other relevant legislation. If the purpose of storage no longer applies or the specified storage period expires, the personal data are routinely blocked or erased in accordance with legal requirements.
7. Rights of the data subject
a) Right of confirmation
Every data subject has the right, as granted by European legislation, to confirm whether their personal data is being processed by the controller. If a data subject wishes to exercise this right, they can contact any employee of the controller at any time.
b) Right of access
European legislation grants every data subject the right to obtain, free of charge, information about their stored personal data and a copy of that information from the controller. Additional details, as outlined in relevant directives and regulations, are also accessible to the data subject.