Privacy Policy

We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Data Crossroads. The use of the Internet pages of the Data Crossroads is possible without any indication of personal data; however, you want to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from you.

The processing of personal data, such as your name and e-mail address, and your comments at our site shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Data Crossroads. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, you are informed, by means of this data protection declaration, of the rights to which you are entitled.

As the controller, the Data Crossroads has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, you are free to transfer personal data to us via alternative means, e.g. by telephone.

  1. Definitions

The data protection declaration of the Data Crossroads is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.

In this data protection declaration, we use, inter alia, the following terms:

  • a)    Personal data

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • b) Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

  • c)    Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • d)    Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

  • e)    Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

  • f)     Pseudonymisation

Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

  • g)    Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

  • h)    Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • i)      Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  • j)      Third party

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

  • k)    Consent

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  1. Name and Address of the controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

Data Crossroads

Rondeel 32

1083ME Amsterdam

The Netherlands

Phone: +31617380385

Email: contact@datacrossroads.nl

Website: www.datacrossroads.nl

  1. Collection of general data and information

The website of the Data Crossroads collects a series of general data and information when a data subject or automated system calls up the website. These general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, the Data Crossroads does not draw any conclusions about you. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Data Crossroads analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

  1. View site content

You can view the site content without registration.  We will require the registration when you collect information from the site, subscribe for newsletters, respond to a survey or marketing communication, download free context, fill out a form or enter information.

  1. Registration on our website

You have the possibility to register on our website  with the indication of personal data including your name and e-mail address. Which personal data are transmitted to us is determined by the respective input mask used for the registration. The personal data entered by you are collected and stored exclusively for internal use by the controller, and for his own purposes. By registering on our website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. The storage of this data takes place against the background that this is the only way to prevent the misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the storage of these dataare necessary to secure the controller. These data are not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.

Your registration, with the voluntary indication of personal data, is intended to enable us to offer you contents or services that may only be offered to registered users due to the nature of the matter in question. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted from the data stock of the controller.

We shall, at any time, provide information upon request to each data subject as to what personal data are stored about you. In addition, we shall correct or erase personal data at your request or indication, insofar as there are no statutory storage obligations. The entirety of the controller’s employees are available to the data subject in this respect as contact persons.

  1. Subscription to our newsletters and download of our free content

On the website of the Data Crossroads, users are given the opportunity to subscribe to our enterprise’s newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.

The Data Crossroads informs its users  and business partners regularly by means of a newsletter about enterprise offers. The enterprise’s newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.

  1. Contact possibility via the website

The website of the Data Crossroads contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of these personal data to third parties.

  1. Comments function in the blog on the website

The Data Crossroads offers users the possibility to leave individual comments on individual blog contributions on a blog, which is on the website of the controller. A blog is a web-based, publicly-accessible portal, through which one or more people called bloggers or web-bloggers may post articles or write down thoughts in so-called blogposts. Blogposts may usually be commented by third parties.

If a data subject leaves a comment on the blog published on this website, the comments made by the data subject are also stored and published, as well as information on the date of the commentary and on the user’s (pseudonym) chosen by the data subject. In addition, the IP address assigned by the Internet service provider (ISP) to the data subject is also logged. This storage of the IP address takes place for security reasons, and in case the data subject violates the rights of third parties, or posts illegal content through a given comment. The storage of these personal data is, therefore, in the own interest of the data controller, so that he can exculpate in the event of an infringement. These collected personal data will not be passed to third parties, unless such a transfer is required by law or serves the aim of the defense of the data controller.

  1. Fill in forms and questionnaires

The Data Crossroads will offer you questionnaires to fill in and will provide you with relevant feedback on filled in forms. For doing it, you will not be requested to provide any personal information for reading the feedback information at the site. Should you require receiving the feedback to your email, the rules for subscription to the newsletters will be applied as described in p.6. Tatik, prochitai vnimatelno.

  1. Routine erasure and blocking of personal data

The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.

  1. Usage of the data subject information

The controller might use the information it collects when you register, collects information from the site, subscribes for newsletters, responds to a survey or marketing communication, downloads free context, fills out a form or enter information or use certain other site features in the following way:

  • to personalize your experience and to allow to the controller to deliver the type of content and services offering in which you are most interested;
  • to improve our website in order to better serve you;
  • to send periodic emails regarding our services and newsletters;
  • provide results on the filled in forms and surveys.
  1. Protection of the data subject information
    Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We implement security safeguards to protect your data, such as https.

We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.

However,  we cannot warrant the security of any information that you send to us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

 

  1. Cross-border data transfers

We store your data both inside and outside of EU. We have signed the Data Processing Agreement to ensure that the Data processor meets General Data Protection Regulation requirements.

  1. Usage of ‘cookies’
    We do not use cookies for tracking purposes
    You can choose to have your computer warn you each time a cookie is being sent, or the data subject can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, you might take a look at your browser’s Help Menu to learn the correct way to modify your cookies.
    If you turn cookies off, some of the features that make their site experience more efficient may not function properly. that make the data subject site experience more efficient and may not function properly.
  2. Third-party disclosure
    We do not sell, trade, or otherwise transfer to outside parties the data subject Personally Identifiable Informatio16.Third-party links

We do not include or offer third-party products or services on the controller’s website.

16.Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We uses Google AdSense Advertising on our website.
Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:
• Google Display Network Impression Reporting
• Demographics and Interests Reporting
• DoubleClick Platform Integration

The controller, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, the data subject can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.

 

  1. Data retention

We keep your personal data for as long as you provide us with the consent to do it.

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

 

  1. Rights of the data subject
  • a) Right of confirmation

Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

  • b) Right of access and control personal data

You can access or delete your personal data. You have the following choices:

  • Delete data: you can request us to delete your personal data, including name, e-mail address, comments on the site;
  • Change or correct data: you can request to change your personal data, including your name or email address by emailing us;
  • Object to, or Limit or restrict, use of data: you can ask us to stop using your personal data (name and email address) for delivering services as sending periodic emails regarding our services and newsletters and providing results on the filled in forms and surveys
  • Right to Accesss and/or Take your data: you can ask us for a copy of your personal data in machine readable form.
  1. c) Close of subscription

We will not keep your personal data as name and email address after your request to stop using your personal data or to delete your personal data.

  • d) Right to withdraw data protection consent

Each data subject shall have the right granted by the European legislator to withdraw his or her consent to processing of his or her personal data at any time.

If you wish to exercise the right to withdraw the consentyou may, at any time, contact any employee of the Data Crossroads.

  1. You will be notified of any Privacy Policy changes:
    • On our Privacy Policy Page
    19. How does our site handle Do Not Track signals?
    We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
    Does our site allow third-party behavioral tracking?
    It’s also important to note that we do not allow third-party behavioral tracking
  2. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay by email..

The communication to the data subject shall not be required if any of the following conditions are met:

(a) the controller has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;

(b) the controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects referred to in paragraph 1 is no longer likely to materialise;

(c) it would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.

 

  1. Lawful Bases for Processing

We have lawful bases to collect, use and share data about you. You have choices about our use of your data.

At any time, you can withdraw consent you have provided by sending us an email.

We will only collect and process personal data about you where we have lawful bases. Lawful bases include consent (where you have  given consent). Where we rely on your consent to process personal data, you have the right to withdraw or decline  your consent at any time and where we rely on legitimate interest, you have the right to object.

  1. CAN SPAM Act
    The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
    We collect your email address in order to:
    • Send information, respond to inquiries, and/or other requests or questions
    • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
    To be in accordance with CANSPAM, we agree to the following:
    • Not use false or misleading subjects or email addresses.
    • Identify the message as an advertisement in some reasonable way.
    • Include the physical address of our business or site headquarters.
    • Monitor third-party email marketing services for compliance, if one is used.
    • Honor opt-out/unsubscribe requests quickly.
    • Allow users to unsubscribe by using the link at the bottom of each email.
    If at any time you would like to unsubscribe from receiving future emails, you can email us at
    • Follow the instructions at the bottom of each email.
    and we will promptly remove you from ALL correspondence.

 

This Privacy Policy has been developed based on the Privacy Policy generated by the Privacy Policy Generator of the DGD – Your External DPO that was developed in cooperation with German Lawyers from WILDE BEUGER SOLMECKE, Cologne.

 

Last Edited on 18-05-2018