Privacy Policy

Section One – Introduction

OERUM  is a sole proprietorship registered under the laws of the Netherlands with its statutory seat in Amsterdam, the Netherlands, registered with the Dutch Chamber of Commerce under KvK number 76880745  (hereinafter referred to as: “OERUM ”). OERUM and all associated enterprises take the careful handling of your (“Data Subject”) personal data very seriously. It will, therefore, treat and protect personal data with the greatest possible care. In connection hereto, OERUM shall comply with the applicable laws and regulations at all times.

You must read this privacy statement (“Privacy Statement”) carefully. This Privacy Statement provides insight into the data that OERUM processes and for what purpose OERUM processes this data. Moreover, it explains what rights you have as a Data Subject with regard to the processing of personal data.

Section Two – Use

This Privacy Statement applies to the processing of personal data by or on behalf of OERUM.

OERUM processes personal data of Data Subject because Data Subject uses the services of OERUM (“Services”) and/or because Data Subject has provided these data to OERUM and/or because of a (purchase) agreement (“Agreement”) concluded between Data Subject and OERUM.

The Services include the following: visiting and/or using the website of OERUM [www.oerumdesign.com] (“Website”) and/or the purchase of a product of OERUM.

By visiting the Website and/or using the Services and/or entering into an Agreement, you as a Data Subject agree with this Privacy Statement. By agreeing with the Privacy Statement, you are giving your consent to OERUM as a Data Subject for the use and processing of personal data.

Section Three – Data that OERUM processes and the purpose of processing

Below, an overview has been included of the purposes for which OERUM processes personal data. Each time, it is stated what data OERUM uses for that specific purpose and what the legal basis is that allows for these data to be processed. If OERUM uses data based on the consent given by the Data Subject, the Data Subject has the right to withdraw its consent for this use at any given time.

This overview has been grouped according to type of data flow.

SERVICES, CLIENT MANAGEMENT, AND FINANCIAL ADMINISTRATION

Purpose: Financial administration
Data: (Company) name, (Company) information, Invoice address, Bank information (Name Bank/IBAN/BIC) and/or Credit Card Details
Basis: Legal obligation and/or Execution of the Agreement and/or Consent

Purpose: Invoicing
Data: Contact details, Email address, VAT number, (Company) information, Payment details (Name Bank/IBAN/BIC) and/or Credit Card Details
Basis: Execution of the Agreement and/or Consent

Purpose: CRM (Client Relationship Management)
Data: Contact details, Email address, Location, Telephone number
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

Purpose: Execution of Services, such as sales support and account management
Data: Contact details, Email address, Telephone number
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

Purpose: Application Employee/Hiring Freelancers
Data: Contact details, Email address, Gender, Age, Location, Telephone number, Profile photo, Resume
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

Purpose: Execution of Services and/or Execution of the Agreement
Data: Data of consumers/customers and their actions concerning the Services, such as the identity of those specific consumers/customers and the product they purchased and other information on the execution of Services and/or the Agreement
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

Purpose: Execution of Services and/or Execution of the Agreement
Data: Data of shops, agents and resellers and their proceedings concerning the Services and/or execution of the Agreement
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

MARKETING

Purpose:  Direct marketing
Data: Contact details, Email address, Telephone number, Clicking behaviour, Browsing behaviour, Interest in a product, Social media account
Basis: Legitimate interest and/or Consent

Purpose: Newsletter
Data: Contact details, Email address, Telephone number, Clicking behaviour, Browsing behaviour, Interest in a product, Social media account
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

Purpose: Social marketing
Data: Contact details, Email address, Telephone number, Clicking behaviour, Browsing behaviour Interest in a product, Social media account
Basis: Legitimate interest and/or Consent

Purpose: Market Research and improvement of the quality of Services
Data: Demographic information and/or responses of Data Subjects to questions and/or surveys
Basis: Legitimate interest and/or Execution of the Agreement and/or Consent

WEBSITE

Purpose: Website analytics
Data: Browsing and clicking behaviour on Website, Location, IP address, browser specifications, how Data Subject arrived at Website (e.g. direct, through a link or search engine), pages viewed, search terms used, et cetera, and the other data listed in the cookie notification on the Website.
Basis: Legitimate interest and/or Consent

Purpose: Processing requests made through the contact form
Data: Contact details, Email address, Telephone number
Basis: Execution of the Agreement and/or Consent

Section Four – Data retention period

OERUM shall retain the personal data for as long as this is necessary for the purpose for which they have been collected and/or during the period that the Data Subject uses the Services and the personal data are necessary for these Services and/or during the period of the Agreement and as long as the personal data are necessary for the execution of the Agreement. When a data processing purpose has been fulfilled, OERUM will check whether it is obliged to retain the personal data by virtue of a legal obligation or in order to settle a claim or dispute.

Section Five – Providing personal data to third parties

OERUM will treat the personal data of Data Subject discreetly, and will only process these personal data for the purposes stated in this Privacy Statement. OERUM will not provide the personal data of Data Subject to any third parties, unless Data Subject has given its consent to do so or if this is necessary for the execution of the Agreement or if this is necessary in order to perform all the functions and/or all the Services that Data Subject has given its consent for. All third parties employed by OERUM will be bound to the conditions that apply on the basis of this Privacy Statement. OERUM, moreover, is entitled to provide the personal data of Data Subject to a third party, if OERUM is required to do so by national or international laws and regulations. Futhermore, OERUM shall be entitled to provide the personal data of Data Subject to a third party, if this is necessary for the vital interest of Data Subject or if OERUM has a legal interst to do so.

Moreover, OERUM is entitled to transfer the personal data of Data Subject to third parties in the case of a merger, an acquisition, a reorganisation, sale of business units, or bankruptcy of OERUM. Should this be required by applicable law, OERUM will ask Data Subject for its prior consent.

Section Six – Use of cookies

OERUM uses cookies on the Website. By clicking on “OK” in the cookie notification on the Website, or by continuing to use the Website, Data Subject gives its consent to place cookies. Cookies are small bits of (textual) information that are sent to the browser when visiting the Website, and are consequently stored in the memory of the computer, laptop, tablet, mobile phone, or other device of Data Subject (hereafter referred to as “Device”) and similar techniques with which information is collected. The cookie notification on the Website specifies in more detail what cookies are used on the Website.

Section Seven – Modifying cookie settings or removing cookies

If Data Subject does not want OERUM to place cookies on its Device, Data Subject can refuse the use of cookies via its browser’s settings or options. Data Subject must change the settings individually for each browser and each Device. Note: it may be possible that after changing the cookie settings, some parts of the Website can no longer be used (correctly). When OERUM has placed cookies, Data Subject can also remove these. How this is done, varies from one browser to another. Data Subject should – if necessary – consult the browser’s help function.

Section Eight – Security

OERUM does its utmost to protect the data of Data Subject. To this end, OERUM uses technical and organisational precautions to protect the personal data that OERUM manages from manipulation, loss, destruction, and access by unauthorised persons. These safety precautions are improved continuously in line with technological developments. Moreover, the Website is continuously updated with the latest security updates.

The Website may contain links to external websites that are managed by other companies. OERUM cannot offer any guarantees concerning the privacy policy of these external websites, and OERUM is not responsible for these websites. OERUM advises Data Subject to read the privacy statements of these external websites carefully.

Section Nine – Rights Data Subject

With regard to the personal data that OERUM collects and processes, Data Subject is at all times entitled to the following:

Access to personal data:

Data Subject can file a request with OERUM to access the personal data of Data Subject that OERUM has collected and/or processed;

Removal of personal data:

Data Subject can file a request with OERUM to partly or completely remove or delete the personal data of Data Subject that OERUM has collected and/or processed;

Rectification and complementation of personal data:

Data Subject can file a request with OERUM to adjust, modify, update, or correct the personal data of Data Subject that OERUM has collected and/or processed if these data are incorrect or incomplete;

Restriction of processing personal data:

Data Subject can file a request with OERUM to restrict the processing of the personal data of Data Subject that OERUM has collected and/or processed if these data are incorrect and/or the processing is illegal and/or the data are no longer required for the purpose that they have been collected for and/or Data Subject has objected to the processing of its personal data.

Personal data data portability:

Data Subject can file a request with OERUM to receive a copy of an overview of the personal data of Data Subject that OERUM has collected and/or processed in a format in common use;

Objection personal data:

Data Subject can file a request with OERUM to cease collecting and/or processing (part of) its personal data and/or restrict processing, and Data Subject can file an objection with OERUM at any time to the processing of its personal data.

Data Subject must send any of the above-mentioned requests to greetings@oerumdesign.com stating “Privacy Request”. OERUM will reply to the Privacy Request within a reasonable time. OERUM is entitled to charge a reasonable compensation for taking into consideration such a Privacy Request. OERUM will only take a Privacy Request into consideration if it is certain that the person who has filed the request actually is the Data Subject. OERUM is entitled to dismiss the Privacy Request of Data Subject in certain cases. OERUM can only dismiss a Privacy Request if it can provide a valid reason.

Section Ten – Amendments

OERUM reserves the right to modify the Privacy Statement. Data Subject can find the most current version of the Privacy Statement on the Website at all times.

Section Eleven – Complaints or questions

In the case of complaints or questions about this Privacy Statement, or about the processing of its personal data, Data Subject can contact OERUM by sending an email to greetings@oerumdesign.com. Please remember to state that the email is about the Privacy Statement. Moreover, Data Subject can also always contact the authorised national regulator dealing with privacy protection. In the Netherlands, this is the Dutch Data Protection Authority.

Date

This Privacy Statement was last amended on 5th February, 2020.