Our Data Protection Commitment
At Hot Finds Netherlands, we prioritize data protection and handle your personal data with the utmost care. We collect, process, and use your information strictly following the principles outlined here and in full compliance with EU data protection legislation.
Understanding Your Data: Collection and Management
Personal data’ encompasses any information that can identify you as an individual, such as your name, phone number, address, and email.
Our servers gather ‘User Data’ to enhance and secure our website. This includes details like your IP address, visited pages, visit duration, browser and OS types, referring sites, and the time taken to place an order.
Beyond User Data, we only collect personal details you choose to provide, such as payment information during purchases, or your name and email if you sign up for our newsletter.
All data we collect, including Registration, Order, and User Data, are stored in strict accordance with data protection laws and treated with the highest confidentiality.
Cookies
Our Online Store employs cookies to enhance website functionality and user experience. Cookies are small text files that help recognize your computer on subsequent visits, enabling the site to remember your preferences and user details, so you don’t have to re-enter them.
We primarily use ‘session cookies,’ which are temporary and disappear after you close your browser. However, some ‘permanent cookies’ remain on your device to recognize it on future visits.
You have the option to disable cookies in your browser settings, but be aware that this might affect the functionality and features of our website. The processing of personal data through cookies is based on either your consent or our legitimate interest in providing an optimized website experience.
Ensuring Your Data Security
When you transmit payment information to our servers, we protect your data using SSL (Secure Socket Layer) security technology coupled with 256-bit encryption. You can verify the security of your connection by observing the URL in your browser’s address bar; a secure connection is indicated by the change from “http” to “https” at the beginning of the address line.
Additionally, all our payment processing service providers are PCI-DSS (Payment Card Industry Data Security Standard) certified, adhering to the highest e-commerce security standards. This certification ensures the most rigorous protection measures are in place for your payment data. For more details on PCI standards, visit www.pcisecuritystandards.org.
Supplemental
Consent Revocation: If you’ve consented to specific data processing activities, you have the freedom to withdraw your consent at any time moving forward, without affecting the legality of processing carried out prior to your revocation.
Under data protection laws, you may have rights to:
- Information: You’re entitled to confirm whether your personal data is being processed and, if so, to obtain detailed information about such processing.
- Correction: If your personal data is inaccurate, you have the right to have it corrected. You can also have incomplete data completed, considering the processing’s purposes.
- Deletion: Also known as the ‘right to be forgotten,’ you may request the deletion of your personal data under certain conditions.
- Restriction: You may ask for the processing of your personal data to be restricted, leading to its use only for specific purposes.
- Data Portability: You might be entitled to receive your personal data in a standard format and transfer it to another entity without hindrance.
These rights are subject to limitations under national laws. For instance, the right to information may be constrained to protect others’ rights, and the right to deletion may be limited by regulatory requirements.
It’s important to understand these rights and how they apply to you, ensuring you have control over your personal information.
The Right to Opt-Out
According to Article 21 of the General Data Protection Regulation (GDPR), you hold the right to opt out of certain data processing activities. Specifically, you can object at any time to the processing of your personal data when it’s based on:
- Article 6(1)(e): Processing necessary for the performance of a task carried out in the public interest
- Article 6(1)(f): Processing necessary for the purposes of legitimate interests pursued by us or a third party
Upon opting out, we will cease processing your personal data unless we can prove compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.
Additionally, when your data is processed for direct marketing purposes, you have the unequivocal right to opt out at any time. This includes any profiling connected to direct marketing. Exercising this right ensures your personal data is not used for such purposes.