Xtreamcard Privacy Statement
The protection of your personal data is very important to xtreamcard. In this Privacy Statement, we intend to give clear and transparent information about how we treat your personal data.
We will do everything to safeguard your privacy and treat your personal data with care. In any case, xtreamcard will comply with the applicable laws and regulations, including the General Data Protection Regulation. This entails that we will at least:
Process your personal data in accordance with the purpose for which you submitted them. These purposes and types of personal data are described in this Privacy Statement;
Limit the processing of your personal data to those data that are strictly necessary for the purposes for which they are processed;
Ask your explicit permission if we need this to process your personal data.
Take appropriate technical and organizational measures to safeguard the protection of your personal data.
Refrain from passing personal data on to third parties, unless this is necessary for the performance of the purposes for which they were submitted;
Be aware of your rights regarding your personal data, inform you about them, and respect them.
xtreamcard is responsible for processing your personal data. In case you have any questions about our Privacy Statement after reading it, or you wish to contact us about it, please do not hesitate to do so using the contact details at the bottom of this document.
Purposes
xtreamcard processes the personal data of customers and suppliers for the following purposes:
To execute the Purchase Agreement, the delivery, and the payment;
Administrative purposes;
Verification purposes for the prevention of theft, fraud, money laundering, and terrorist financing, and for the security of xtreamcard systems;
To send newsletters to purchasers and other interested persons;
To gather website statistics;
To improve the website’s ease of use;
To optimize customer satisfaction and the ‘shopping experience’;
Market analysis and target audience analysis;
Targeted advertising and to make personalized offers.
Grounds
The personal data are processed on the following grounds:
Processing is necessary for the execution of the agreement, that is the Purchase agreement with the client;
Processing is necessary to promote xtreamcard’s justified interests, to wit sending newsletters to customers and to gather website statistics;
The data subject has given their consent. This is the case, for instance, when they sign up for newsletters;
The data subject has given their consent for placing Google Analytics’ (tracking) cookies referred to in the cookie bar.
Additionally, but only after obtaining your permission, we may use Google Analytics to collect information about sex, age, interests, web pages visited or to be visited, peripheral equipment used, software settings, and referrer URL.
Retaining period
Xtreamcard may process the following personal data for the aforementioned purposes: will retain your personal data for the aforementioned processing for the following periods:
For 5 years after closing the Purchase Agreement;
For 7 years after the execution of the Purchase agreement – for the sole purpose of financial administration;
For as long as legally required;
For as long as the interested person remains signed up for the newsletter;
For 6 months after the most recent Purchase Agreement with respect to the newsletter; or
For 5 months if it concerns information obtained through (tracking) cookies from Google Analytics.
Disclosure to third parties
The data you provided to us may be disclosed to third parties if this is necessary for the purposes described above.
For instance, we hire third parties for:
For closing and executing Purchase agreements;
The delivery of digital products;
Payment processing;
The (financial) administration;
Editing/delivery of the newsletter;
To detect and prevent fraudulent activity.
We will only disclose personal information to third parties with whom we have signed a processing agreement. Of course, the processing agreement contains the necessary arrangements to safeguard the security of your personal data. Other than this, we will not disclose the personal data you provided us with to third parties, unless this is legally required and allowed. An example of this is that the police ask us for (personal) data within the framework of an investigation. In such an event, we are required to cooperate and to surrender these data. We may also share personal data with third parties if you give us your written permission for this.
We use the personal information we collect in connection with providing you our services to detect and prevent fraudulent activity. We share this information with Sift, a third-party service provider to assist us with this effort. To learn more about Sift, please see their Service Privacy Notice.
We collect data with the help of Google Analytics’ (tracking) cookies and share them with third parties. More information about this is provided at policies.google.com/privacy.
Within the EU/EEA
We provide personal details to parties within the European Economic Area (EEA) or in countries, sectors, and/or regions of countries for which the European Commission has taken an adequacy decision. In such a decision, the European Commission determines if the country in question offers an appropriate level of data protection. An adequacy decision has also been taken with regard to the United States, but only insofar as the receiving party has committed themselves to compliance with the principles provided in this decision, also called the Privacy Shield.
All countries with an adequacy decision are listed on the website of the European Commission.
We collect data with the help of Google Analytics’ (tracking) cookies and transfer them to the United States.
Minors
We only process personal data of minors (persons under the age of 16) if a parent, guardian, or legal representative has given written permission for this.
Security
We have taken appropriate technical and organizational measures to protect your personal data against unlawful processing. These measures include the following:
All persons who have access to your personal data on behalf of xtreamcard may process the following personal data for the aforementioned purposes: are sworn toÂ
Secrecy
Our systems are protected by a user name and a complex password policy;Â
We make backups to be able to recover data in case of physical or technical incidents;
We regularly test and evaluate our systems and measures;
Our employees are informed about the importance of the protection of personal data.
Complaints
Should you have any complaints about the processing of your personal data, please contact us directly. If we are unable to reach a mutual agreement, that is, of course, most regrettable. You always have the right to file a complaint with the Data Protection Authority. This is the supervisory authority in the field of privacy protection.
Cookie Policy
What is a cookie? A âcookieâ on a website is a tiny, yet a useful string of information. It stores unique and relevant information on your computer which is helpful for the usability of the website. Your browser provides us with that unique identifier each time you use our web services. That way we keep track of what services you use, remember your personal preferences and information you leave with us, facilitate the purchase procedure, speed up the verification, and see what pages you visit. Cookies help us monitor if our web services perform correctly, aid our understanding of how you use our services, and thus enable us to improve your user experience.