Privacy statement Cstuz Sports B.V.
Cstuz B.V. is a luxury sports brand and retailer. This Privacy Statement applies to all personal data processed by Cstuz B.V. gathered from: visitors, customers and business partners, and service providers for the following websites and applications www.cstuz.com
INFORMATION WE COLLECT
We process personal information to deliver our service or to comply with (international) law.
The information we collect is collected and processed in strict accordance with the EU GDPR law (and other applicable laws) and only used for the purposed listed in this privacy statement.
If you have any questions about this privacy statement or if you would like to file a complaint with us, please send an email to email@example.com
WHAT PERSONAL DATA IS PROCESSED
We process certain information of you that either is collected automatically, or that you supply voluntarily. This information includes name, address, email address and telephone number. We also process your financial data to facilitate payment for our services. All of the information collected is processed strictly in accordance with this privacy statement. We process the following personal data:
Personal data, such as your first name and last name. Contact data, such as your e-mail address, telephone number and address. Login details, such as user name and password Purchase history, such as price, product and purchase date. Payment data, such as transaction history, outstanding claims, bank account number, creditcard data. Correspondence, such as communications with our customer service or marketing communications. Preferences, such as choice of language and e-mail preferences. Technical data, such as IP address, cookies, log files. Statistics on the use of the website, such as how many times certain pages are visited and which products are the most popular. Interests, such as what (kind of) products you look at the most and on which advertisements you click.
It may occur that you provide other data to us than the categories mentioned above, for instance with regard to communications of the customer service or when filing a complaint. In that case, we shall process these data to the extent necessary to deal with and handle your request or complaint.
WHY & GROUNDS
We process your personal data based on the following legal grounds, depending on how you interact with our website.
When you purchase Cstuz. products on our website we need to process your personal information to execute our agreement. For example we need payment and contactinformation to process the order. Comply with the law: We may process or keep information to comply with legal obligations. We also use your information to investigate suspected fraud, illegal activities, violations of our terms of service, or threats to the safety of our personnel or website.
We don’t share your information with third parties unless strictly required in order to honor our contract with you, to provide a service for which you have given specific and explicit consent (such as our newsletter), or to comply with local and international law.
As someone who uses our services, you have a couple of rights under the GDPR you should be aware of:
The right of erasure. The right of correction. The right of insight. The right to dataportability.
The right of access means that you have the right to see what information we all process about you. Do you feel that the information we have about you is incorrect? Then you can exercise your right to correction, this means that you have the right to change the data we have about you. You also have the right to removal, which means that we delete the data that we have from you. However, it may be that we still keep this data but then anonymous, this means that the data can no longer be traced back to you, but that we still keep it for example for statistics. We may in some cases also be legally unable to delete this data.
To transfer data between our websites, our applications and backends, communication is encrypted using the SSL (Secure Socket Layer) encryption. We protect the systems and processing by a series of technical and organizational measures. These include data encryption, pseudonymization and anonymization, logical and physical access restriction and control, firewalls and recovery systems, and integrity testing. Our employees are regularly trained in the sensitive handling of personal data and are obliged to observe data secrecy in accordance with legal requirements.
We do not knowingly gather or otherwise process personal data of minors under the age of 16. If we notice that one of our users/visitors is a minor we’ll immediately take steps to remove their information. If you believe we have processed or still hold information on minors, please send us an email at firstname.lastname@example.org and we’ll remove it A.S.A.P.
We will never retain the data longer than is legally allowed, this can be different for different types of data. For more information on dataretainment terms per data proces please please send us an email at email@example.com
CHANGES IN THE PRIVACY STATEMENT
The effective date at the bottom of this page indicates when this Privacy Statement was last revised. We will notify you before any material change takes effect so that you have time to review the changes. Any change is effective when we post the revised Privacy Statement. Your use of the Services following these changes means that you accept the revised Privacy Statement.
Last update: 22 november 2019