Phonify B.V. commits to protect its customers’ and partners’ personal data as carefully as possible. This privacy policy is intended for achieving transparency about the way personal data are processed and stored. Phonify B.V. will adhere to and respects the requirements of the different local and international Data Protection Acts, where under the current and upcoming e-Privacy regulations. Phonify B.V. handles everyone’s privacy carefully. In order to do so, Phonify B.V. adheres to privacy legislation, as stipulated in this section, in addition to legal standards which are dictated by approved codes of conduct.
WHY CONSENT
In accordance with our data processing operations we have checked if your consent is the most appropriate basis for processing. We ask our customers and respondents to positively opt-in prior to any start of the processing. The request for consent to you is made prominent and separate from any conditions that may apply to the promotions you have participated. Your consent is (also) used to administer the campaigns you are interested in. If you withdraw consent you contact data is blocked until you have given your consent again. Any given consent is never made on a default mode. We keep a record of when and how we received your consent on an individual identifiable basis. We also keep a record of exactly what you were shown or told at the time of participating to the campaign.
Should you have questions about the campaign to which you participated in, then please contact our privacy officer at sa.coolorama.co who can reply to you directly for any question or concern you may have.
We would like to specify to you why we process data and what we’re going to do with it, for which purposes data are going to be used and further processed.
HOW TO CONSENT OR WITHDRAW
We give individual options to consent or positively opt-in to different purposes and types of processing. We name our organisation and any third party controllers who will be relying on the consent at the moment of collecting your data. We inform our customers and respondents that they can withdraw or refuse their consent without detriment. We perform on withdrawals of consent as soon as we can and direct our customers and respondents how to do so. In offering online communication directly to our customers and respondents we seek consent in accordance with and necessary for the purposes of our data processing operations and our relation with you. We have age-verification measures (and parental-consent measures for younger children) in place to avoid that children (below 12) and youngsters (12-18) can participate to our services.
LEGITIMATE INTERESTS
These categories of personal data are processed for purposes which are based on legitimate interests in accordance with the laws and regulations. The legitimate interests are our own interests and the (commercial) interests of third parties to provide you with the offers you would like to receive (common interests). The promotions contain not only offers which benefit our customers’ and respondents’ contact preferences (see above) but also apply to educate you about discount offers and for that purpose sending the correct email and sms on the right moment. In order to balance the commercial interests with your privacy preferences we never collect or ask for more data than is necessary for a proper operational performance of our online communication.
WHY PROCESS DATA
We process data when such is necessary for:
- The responsible management of Coolorama’s online communication.
- Providing the option to register or unregister for specific user interests in Coolorama services.
- Processing your interest(s) in product or service categories which are offered market trends.
- Operation of customer services, such as answering questions and block personal data on the first request of the data subject.
- Processing of traffic data (inbound clicks, A/B testing, log files where needed) and analyse these to detect fraud and redemption.
- Offering the option to use mobile device as a form of identification to obtain or purchase services from other organisations and address the benefit of the data subject therein.
- If applicable, the conclusion or performance of a contract concluded in the interest of the data subject between the controller.
- The (further) performance of another legal obligation.
Information is not automatically used for all these objectives simultaneously.
ONLINE COMMUNICATION
Data required for online (direct) communication are processed in accordance with the following requirements.
The processing is intended for communication with data subjects, sending information about the products and services of Coolorama and keeping an overview of the information sent and maintaining the contact with the data subjects.
No other personal data will be processed than:
- Surname, first names, initials, title, gender, date of birth, address, postcode, place of residence, telephone number and similar data required for communication by the person concerned;
- Data relating to the information to be sent and transmitted;
- Other additional data that are necessary with a view to maintaining contact with the involved data subjects.
No special categories of data as referred to in the General Data Protection Regulation 2016/679 will result from the processing.
The personal data will be deleted at the request of the data subject or no later than two years after the relationship with the data subject has terminated, unless the personal data are necessary for compliance with a legal obligation to retain data.
SECURITY
Data required for security reasons are processed in accordance with the following requirements.
The processing is intended for the control and security of the systems or programs, the support of the proper functioning of the systems or programs, sorting and recovering files, creating backup copies of files, the management of the systems or programs.
No other personal data will be processed than: a. data relating to the use of the software, b. technical and control data, c. data to promote proper functioning, d. historical data, e. user data.
The personal data are only provided to those, including third parties, who are in charge of or direct the system, data management or application management or who are necessarily involved and others, as the case may be, to the (further) performance of another legal obligation.
The personal data will be deleted at the latest 6 months after they have been obtained, unless the personal data are necessary to comply with a legal data retention obligation.
DATA TRAFFIC WITH COUNTRIES OUTSIDE THE EUROPEAN UNION
As controller of the data Phonify B.V. does not intend to transfer personal data to a third country (country outside the European Union). Should data be transferred to a country outside the European Union then (in that event):
The existence or absence of an adequacy decision by the European Commission will be reviewed, such as by the EU-US Privacy Shield (PbEU L 207), and, reference will be made to the appropriate or suitable safeguards and the means by which to obtain a copy of such safeguards are made available on first request, and if all such is absent,
The data subject will be explicitly asked for consent to a proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards, or the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject’s request, or the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject of the controller.
COMBINATIONS OF PROCESSING OPERATIONS
This privacy policy does not apply to processing operations partners. Please read the privacy policy of the involved partners, provided prior to each entry to the promotion and meeting the requirements stated in the relevant privacy policies. Each organization in his capacity as Controller ensures adequate access security of the website, as well as adequate protection of personal data for further processing by search engines.
BROWSING SESSION AND IP-ADDRESS
We also make use of the IP-address of your computer. This IP-address is a number which automatically assigned to your computer when you have a browsing session on the internet, such as when you visit one of our sites or landing pages. They can be used to see which use has been made of the website and for drafting analyses and reports with non-identifiable information.
WEBSITE AND COOKIES
Coolorama uses cookies and similar technologies on its websites. Cookies are small text files that are saved on your device (computer, telephone, tablet) when you visit a website. Cookies such as ‘functional session cookies’ are used to provide services or to store your preferred settings for purposes such as:
Remembering and communicating information that you fill in during the entry process or that you enter when indicating your interests in the various web pages, so that you don’t have to re-enter the same information every time or see the same promotions twice,
Saving of preferred settings, and
Tracking the unauthorised use of our landing pages.
ANALYTICAL COOKIES
‘Analytical’ cookies are used to analyse your visit to our websites. We analyse the number of visitors to our websites, the duration of the visits, the order of pages visited and whether any changes need to be made to the website. Using the information collected, we can make our websites even more user-friendly. These cookies are also used to solve possible technical problems on the websites.
MARKETING AND TRACKING COOKIES
We will only use tracking cookies for commercial purposes with your prior consent. These cookies, which are often posted by third parties, help us to tailor promotional offers to you personally. Third parties can use tracking cookies.
OTHER TECHNOLOGIES
In addition to cookies, Coolorama also uses technologies such as JavaScript. Using JavaScript in your browser allows us to make our sites interactive and to develop web applications in a consumer friendly tailor made manner. For the provision of our service we keep database records in order to have a robust control in place on our services (and our service providers). The purpose of this is to optimize the reliability of the service. The information derived from these data is used to prevent misuse of data and if necessary to comply with more detailed information queries from third parties on the basis of (self)regulation.
QUESTIONS, COMPLAINTS OR DISPUTES
If you wish to ask a question, make a complaint or provide any comments on our privacy policy or sites please contact us on: [email protected]. We will contact you to discuss any concerns within 48 hours of receiving your email.
ADJUSTMENTS
We reserve the right to make adjustments to this privacy policy. Important adjustments are made know on this site in the privacy policy.
Amsterdam, 2024