General Information
One Eye Witness (the “Company”) strictly adheres to legal and regulatory provisions regarding the collection and processing of personal data.
We hereby bring to your attention information about the processing of your personal data, the rights relating to the protection of such data and provide you with the information under Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – GDPR).
Who We Are
One Eye Witness
Management address: Gedempt Hamerkanaal 98, 1021 KR Amsterdam, Netherlands
Email: info@one-eye-witness.com
How and What Data do we Collect and Process
Automatically collected data when visiting our website
Every time you visit the website (hereafter referred to as “the site”), technical information about the visit that is available to the Administrator is automatically recorded. This is done by automatically logging into log files the following information (or some of it):
- IP address of the device used to visit the site
- type and version of the used Internet browser
- the date and time of the site visit, and the time zone of the device
- the names and addresses of the files you read from the site
- the names and addresses of the pages you visit on the site
- access status code / HTTP status code
- size of the served files/resources
The collection and processing of these general data and information does not make any conclusions about individuals, do not create profiles of individuals, do not merge the individual data with other data sources for the purpose of identifying individuals, no other activities are carried out for the identification of natural persons.
The collection and processing of these data is intended to ensure the unobstructed connection and use of the site, ensuring comfortable use, improving the functionality of our site as well as system security and stability, and other administrative purposes. Collecting these data serves to increase the level of data protection in our company and to allow a retrospective review in case of unlawful attacks against the site system.
The legal basis for this data processing is based on Article 6 (1) of the GDPR. The aforementioned objectives represent a legitimate interest within the meaning of the GDPR.
These data are usually stored for several hours and after that they are deleted.
Under the provisions of GDPR, you have the right to object to this processing.
The source of these data are the technical means of establishing an Internet protocol connection – a web server, a browser, the device you use, and the like.
These available data will not be transmitted to another recipient or used for purposes other than those described above.
Automatically collected data from the web hosting provider when visiting our website
The hosting provider for the site is OVH B.V. which processes and stores traffic information similar to the above, for similar purposes and for similar time frame. More can be read in their Data Processing Agreement, available at the time of writing at the following web address – https://storage.gra.cloud.ovh.net/v1/AUTH_325716a587c64897acbef9a4a4726e38/contracts/3263a9a-OVH_Data_Protection_Agreement-NL-4.1.pdf The latest copy of their DPA should be available also at their privacy policy page – https://www.ovhcloud.com/nl/terms-and-conditions/privacy-policy/
Data collected when contacting us through the website
When you are making a registration though our website we may collect personal data such as:
- name
- email address
- phone number
- location country
- business address
- business bank account number
The legal basis for processing these personal data is the fulfilling of the contractual obligations about your order and our legitimate interest to manage the website and our business relations.
The legal basis for processing these personal data is the fulfilling of the contractual obligations about your order or product enquiry.
Data obtained when communicating with us
You have the possibility to contact us directly at the specified e-mail address(es) or telephone numbers, as you can provide us with your e-mail address or phone number and other information to help with your inquiry.
The legal basis for this data processing when contacting us is based on Article 6 (1) of the GDPR. When you contact us through the contact form, you provide us with a voluntary agreement within the meaning of this provision.
Data deletion takes place immediately after processing the query you have made. These data will not be shared with third parties or used for any purpose other than those for which consent has been given.
Data obtained when following us/contacting us on social media
When following or contacting us via our social media presence we only process the obtained data to answer your enquiry (if any). Unless otherwise stated in this privacy policy, the legal basis for processing of these personal data is our legitimate interest to be able to provide the functionality of the social media channel or the responsibility to fulfil an obligation to answer your product/order enquiry.
The provider of the social media is also processing your personal information when you use our social media page. For additional information refer to see the privacy policy of the respective social media provider.
Newsletter data
To send you a the newsletter with the new releases and similar information, we require an e-mail address and recipient name from you and eventually additional information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. You can unsubscribe from the newsletter at any time following the link available in each email message. For sending the newsletter, we are using a service provider, Mailchimp. The way they process this data is explained in their Data Processing Addendum – https://mailchimp.com/legal/data-processing-addendum/
Invoicing and Delivery data
To issue you an invoice, credit note and to maintain the appropriate records for your account in that regard, we are using a cloud service for inventory and accounts management, located at https://www.salesbinder.com.
Automated decision making and profiling
We will not use the data we hold about you to make automated decisions or profiling.
Information Sharing and Disclosure
We may share your personal data in other cases like adhering to a tax audit or court appeal or in other case that is legally justified (like, for example, responding to a legal process, government request, prevent a fraud or protect the rights or safety of an individual). In such case, before sharing any personal data, we will duly investigate the lawful basis of doing or not doing so.
We share your personal data, along with your business data, with the shipping providers if you requested from us to arrange the freight of the goods to you.
We share your personal and/or business email and name with our newsletter provider.
International Transfer of Personal Data
A transmission and transfer of your data outside of the European Union and European Economic Area does not take place, unless otherwise indicated in the data processing agreements with our service providers (newsletter providers, shipping providers, accounting providers, etc.).
Transfer of your data to international organisations does not take place.
Data Retention
We process your personal information only for as long as necessary to perform our contractual obligations or answer your enquiry and as further described in this Privacy Policy.
We always minimize the amount of data we will retain only to the required minimum and keep it for the required minimum of time. Once this time period has expired, these data will be disposed of or deleted in a safe and secure manner.
As required by the tax legislation we are obliged to keep the records (like invoice, delivery order, payment check, etc.) for your order for a period of 5 (five) years.
Security of Data Processing
For the overall security of your personal data, either in electronic or physical (paper) form, we add the reasonable amount of security measures like limited access, encryption, strong passwords, two-factor authentication, physical security, verified hardware and software. We also limit the actual information that we have to process to the bare minimum required by law or to fulfil our obligations.
Personal data transferred in email communications minimised whenever possible and such communication (and therefore processing) may not happen at all. After the information in that email is processed (to reply the email or fulfill the order) it is disposed. The email server is also operated and maintained by the company mentioned above.
Paper documents (if any) will be stored in a secured storage with no access by external people and accessed only by the authorised company personnel per the according procedures.
Your Data Protection Rights
You have rights outlined in the data protection legislation that we need to make you aware of.
The right of access—You have the right to request from us a copy of the personal information we hold about you.
The right to rectification—You have the right to request that we correct any information we hold about you that you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
The right to restrict—You have the right to ask us to restrict the processing of your information in certain circumstances.
The right to erasure—You have the right to request that we erase your personal information in certain circumstances.
The right to object—You can object to our processing of some of your information based on our legitimate interests.
The right to data portability—You have the right to request that we transfer the data you have given to us to another organization, or directly to you.
The right to complain—You have the right to complain about the way we process your personal data to a data protection authority. The list of the data protection authorities in the European countries is available at that page of the European Data Protection Board—https://edpb.europa.eu/about-edpb/board/members_en
Links to Other Sites and Privacy Policies of Other Organizations
This Privacy Policy does not cover how your personal data is processed by other parties that we do not own or control, or the websites you have followed through the links from this page. We encourage you to read the privacy notices on the other websites you visit or use.
Changes to the Privacy Policy
We keep this Privacy Policy under regular review and place any updates on this web page. We reserve the right to change our security and data privacy measures, provided that this is required based on legal and/or technical developments. In these cases, we will also adapt our information regarding the data privacy accordingly. Therefore, please observe the current version of our Privacy Policy.
Cookies
Cookies are small files that contain text data that help websites make the user’s experience more efficient. Under applicable law, the website operator has the right to store cookies on your device if they are absolutely necessary for the operation of the website. We do not use any other types of cookies.
This website does not store any personal information in the cookies it uses.
Below you can see a list of cookies used:
- To remember your user session when logged in or the state of your shopping cart we use a cookie
- To remember that the Cookie Notice has been accepted, the site uses a cookie.
Last updated date: October 2024