JVB DIGITAL IS COMMITTED TO ENSURING YOUR PRIVACY

The following privacy policy dated May 2018 applies to all website visits, transactions and agreements with JVB Digital / AVStyle.

JVB Digital takes the privacy of personal data very seriously and handles personal data with care. By using our sites, you agree to our privacy and cookie policy including a processor agreement. Any agreement between JVB Digital and you, the client, is governed exclusively by Dutch law.

We respect privacy and your rights to control personal data. Our guidelines are simple. We are clear about the data we collect and why we collect it. We protect data as best we can. We do not and will not sell data to third parties. This Privacy Statement (the “Statement”) explains what personal data we collect from you, whether directly or indirectly, and how we use it. Personal data is any data that can be used to identify you or that we can link to you. The Statement also covers what choices you can make regarding the data we collect and how to manage those decisions. This statement applies to all websites of JVB Digital (JVBDigital.com, JVBDigital.co.uk, OPPOstore.co.uk and AVStyle.co.uk).

We process personal data only for the purpose for which it was provided and in accordance with the General Data Protection Regulation (AVG) and the Telecommunications Act

Please read this Statement carefully so that you understand how JVB Digital may collect, use and share the personal information you provide. The words “we,” “us,” “our,” “our” and “JVB DIgital” all refer to JVB Digital.

The types of personal data we collect

Data you provide to us

We collect information that you voluntarily provide us, such as name, phone number and e-mail address; for example, if you want to know more about products when you contact our customer service. This may include the following data:

First and last name
E-mail address
Phone number
Website
Company name
Street and house number
Zip code, city and country
Chamber of Commerce number
VAT number
Data we collect automatically

We automatically collect data about you, such as data we collect through cookies and similar technology when you use, access or interact with our websites. For example, we may collect information about the type of device you use to access our websites, its operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the web pages you view on our websites, and whether and how you interact with content available on our websites. We also use Google ReCaptcha to prevent spam. The ReCaptcha script is automatically loaded when visiting our website to assess whether a visitor is a natural person or a (spam) bot.  

Customer interactions with JVB Digital

To make the information in this Statement understandable, we highlight various times when JVB Digital may collect personal data from customers. Customer interactions with JVB Digital are divided into the following segments:

Buy Products

When you purchase from us, we ask you to provide information so we can process the purchase.

We collect: name, phone number, e-mail address, delivery/shipping address and payment method.

Why: We use this information to process the transaction, track your purchase, provide assistance with any delivery issues, handle returns and other issues related to the purchase of the products. Processing your personal data for this purpose is necessary for the performance of the agreement we have with you. Please note that we do not store payment or credit card information. We use payment method information solely in connection with your purchase.

Customer Service

We use the data to answer customer questions, diagnose problems with products, repair products and provide other customer service and support services. This processing is necessary for the performance of the agreement we have with you and also serves our legitimate interest.

Business activities

We use data to develop aggregate analytics and business intelligence that enable us to run and protect our business, make informed decisions and report on our business performance. This processing is necessary to serve our legitimate interest.

Communications, marketing and advertising

We use the data we collect to accomplish and personalize our communications with you. For example, we may contact you via e-mail or other electronic communication tools to inform you about new products or services, to update you on a support issue, or to invite you to participate in a survey. This processing is necessary to serve our legitimate interest.

How we may share Personal Data

We do not sell our customers’ personal data.
We disclose data only in the ways we describe in this Statement. We may share data with the following third parties.

External suppliers

JVB Digital uses several third-party vendors to perform services such as website management and hosting, online purchase and shipment of products, credit card processing and e-mail communications. We share personal information only as necessary, such as to complete a transaction or provide Products or Services you have requested or authorized, and only with vendors or agents working on our behalf for the purposes described in this Notice. If so, your personal data will be shared with such agents or contractors only for the purpose of performing services on behalf of and at the direction of JVB Digital and in accordance with this Statement. It is our legitimate interest to share data with these parties for these purposes.

The legal grounds for the use of Personal Data.

There are several legal grounds on which we rely to use your personal data, namely:

Performance of an agreement
The use of your personal data may be necessary to perform the agreement you have with us. For example, to complete the purchase of your products, to register and maintain your account, to assist with delivery issues, to handle returns or to respond to your requests.

Legitimate interests
We may use your personal data for our legitimate interests. For example, we rely on our legitimate interest to analyze and improve our products and the content of our websites, to notify you of software updates or information about products and or to use your personal data for administrative, fraud detection or legal purposes. Where we process your personal data based on our legitimate interest and no opt-out mechanism is available to you, you may exercise your right to object by sending an email to customerservice@jvbdigital.nl/ customerservice@jvbdigital.com

Retention period

We do not keep your data longer than necessary for the purpose for which it was received. If you unsubscribe from our emails, your personal data will be removed from the system no later than the end of the corresponding month.

We keep the data in our accounting and CRM system for at least 7 years, in part to fulfill all of our legal obligations. We will delete this data within 1 year after this obligation expires.

The above period applies provided that there are further legal obligations for us to retain and/or keep the data available longer.

Processing Agreement
The following articles qualify as processing agreements.

Processing Responsible Party provides data for the purpose of purchasing products.
Processing Responsible Party possesses – for the performance of that service – various data, including, inter alia, personal data of various data subjects within the meaning of the General Data Protection Regulation (AVG).
3. Processor wishes to have the storage, processing and security of this
personal data performed by Processor (JVB Digital) (the Assignment).
Processor is willing to accept this Assignment.

Article 1 – Execution of processing
In executing the Assignment, the Processor shall treat the personal data with care and shall only process the personal data on the instructions of the Processor, in accordance with the latter’s written instructions and in accordance with this Agreement and the regulations contained in the PDPA. If an instruction of Processor does not comply with applicable laws and regulations, including the AVG, Processor shall notify Processor immediately.
The personal data processed by Processor in the context of the activities referred to in the previous paragraph and the categories of data subjects from whom they originate. Processor shall not process the personal data for any purpose other than as determined by Processor. Processor does not control the purposes and means of processing personal data.
Processor further warrants that persons acting under its authority will only process personal data lawfully and in accordance with this Agreement and the AVG.
Processor shall, at Processor’s request, provide as soon as possible information to Processor about the genome (security) measures to comply with the obligations under the AVG, this Agreement and the other written instructions of Processor.
Article 2 – Controller’s Guarantee
Controller warrants that the principles of processing the personal data of data subjects, as referred to in this Agreement, are not unlawful and that the rights of others are not infringed. Processor shall indemnify Processor against all claims relating thereto.

Article 3 – Transfer of Personal Data
Personal Data shall be processed within the European Union. Transfer of the Personal Data to countries outside the European Union is only permitted to countries that provide an adequate level of protection for the processing of Personal Data in accordance with the AVG.
Processor shall, at the request of Processor, disclose within which country or countries the Personal Data are processed that Processor processes on behalf of Processor.

Article 4 – Security measures
Processor shall make every effort to take sufficient technical and organizational measures with respect to the personal data processing to be performed, against loss or against any form of unlawful processing (such as unauthorized access, impairment, modification or disclosure of the personal data).
Processor shall in any case take the following measures:
encryption (encoding) of digital files containing personal data.

securing network connections via Secure Socket Layer (SSL) technology or similar technology that provides at least the same level of security.

Processor does not warrant that security is effective under all circumstances. In the absence of an explicitly defined security in the Processor Agreement, Processor shall make every effort to ensure that the security meets a level that is not unreasonable, given the state of the art, the sensitivity of the personal data and the costs associated with implementing security.
Article 5 – Duty to Report
Processor is at all times responsible for reporting a security breach and/or data leak (which is understood to mean: a breach of security that accidentally or unlawfully results in the destruction, loss, modification or unauthorized disclosure of or unauthorized access to transmitted, stored or otherwise processed data) to the Supervisor and/or data subjects. To enable Processor to comply with this legal obligation, Processor shall notify Processor of the security breach and/or data breach within a period of 72 hours.
A notification must be made only in the case of high-impact events, and only if the event has actually occurred.
The duty to notify includes, in any case, reporting the fact that a leak has occurred. In addition, the duty to report includes:
– the nature of the personal data breach, where possible specifying the categories of data subjects and personal data records involved and, approximately, the number of data subjects and personal data records involved;

– The name and contact details of the data protection officer or other contact point where more information can be obtained;

– the probable consequences of the personal data breach;

– the measures proposed or taken by the Processor to address the personal data breach, including, where applicable, the measures to mitigate any adverse effects thereof.

Article 6 – Duration and Termination
This Agreement commences when a purchase is made from JVB Digital. The parties enter into this Agreement for an indefinite period of time.
Termination is possible by the end of the month with a notice period of 3 months.
If this Agreement terminates or is dissolved, the Parties shall continue to comply with the provisions of this Agreement relating to confidentiality, liability, indemnification and all other provisions which by their nature are intended to survive termination or dissolution of this Agreement.
If this Agreement terminates or is terminated, Processor shall give Processor the opportunity for 30 days to move all data, including Personal Data, held by Processor under this Agreement to another location. After this period, Processor shall delete or destroy all data, including personal data, held by it under this Agreement (including any copies thereof).
Article 7 – Confidentiality
All personal data received by Processor under this Agreement shall be subject to a duty of confidentiality towards third parties. All persons employed by or working on behalf of Processor, as well as Processor itself, are obliged to keep the personal data confidential.
Processor shall not provide, copy, or otherwise reproduce or disclose Personal Data to third parties without the consent of Processor.
If Processor receives a request from a third party to provide access to the Personal Data on the grounds of an alleged (legal) obligation, it shall inform Processor in writing, if permitted by law, before providing such third party with access to the Personal Data, so that Processor can assess whether the third party’s request is justified.
Article 8 – Persons Working Under the Authority of Processor
The obligations of Processor arising from this Agreement also apply to those who process personal data under the authority of Processor, including but not limited to employees.

Article 9 – Liability
Processor shall be liable for damages suffered by Processor if Processor fails to comply with further instructions of Processor, this Agreement, the AVG or other applicable laws and regulations on privacy and protection of personal data.
Processor shall indemnify Processor against third party claims insofar as such claims relate to the processing of personal data and any other work that Processor performs or has performed for the Client under this Agreement.
Article 10 – Nullity
If any part of this Agreement is null and void or voidable, it does not change the validity of the rest of the Agreement. The void part shall be replaced by a provision that follows as closely as possible the content of the void provision.

Article 11 – Engaging third parties or subcontractors
Processor may use third parties in the context of this Processor Agreement subject to prior notification to Processor; Processor may object if the use of a specific reported third party is unacceptable to it. In such a case, the Parties will consult with each other to reach a workable solution.
In any case, Processor shall ensure that these third parties assume in writing at least the same duties as agreed upon between Processor and Processor.
Processor guarantees that these third parties will properly comply with the obligations of this Processor Agreement and, in the event of errors by these third parties, shall itself be liable for all damages as if it had itself committed the error(s).
Article 12 – Audit
Processor shall have the right to have audits performed by an independent, expert third party bound by confidentiality to verify compliance with security requirements, compliance with the general rules around processing personal data, misuse of personal data by Processor’s employees, compliance with all points in the Processor Agreement, and anything directly related thereto.
This audit may take place up to once a year or otherwise in the event of a concrete suspicion of misuse of personal data.
Processor shall cooperate with the audit and provide all information reasonably relevant to the audit, including supporting data such as system logs, and employees as timely as possible.
The findings resulting from the audit conducted will be reviewed by Processor and may, at Processor’s discretion and in the manner determined by Processor, be implemented by Processor.
The cost of the audit shall be borne by Controller.
Article 13 – Handling of requests by data subjects
In the event that a data subject makes a request to Processor to exercise his/her legal rights, Processor shall forward the request to Processor, and Processor shall further handle the request. Processor may notify the data subject.

Article 14 – Final Provisions
Only written amendments to this Agreement are valid.
This Agreement supersedes all previous agreements between the Parties.
Article 15 – Applicable Law
The Agreement and its performance are governed by Dutch law.

Article 16 – Competent court
All disputes that may arise between the Parties in connection with the Contract shall be submitted to the competent court for the district in which Processor is located.

Rights

You always have the right to withdraw your consent to the processing of your data, after which we will no longer process your data. The withdrawal of this consent does not affect the legality of our data declaration based on your consent, which took place before this withdrawal.

You also have the right to access your personal data and the right to rectify your personal data. If you would like to know what personal data we process about you, please submit a written request for inspection.

Should your information be incorrect, incomplete or irrelevant, you may request in writing that we change or supplement your information.

In addition, you have the right to erasure of your personal data, a right to restrict processing and a right to object to processing. In addition, you have the right to transfer, or make your data transferable. You can also make a written request for this.

We will process your request within 4 weeks. Written also means by e-mail. You can email your request to us at customerservice@jvbdigital.nl/ customerservice@jvbdigital.com

Changes

We reserve the right to change our privacy policy at any time. The amendments will take effect at the announced time of entry into force.

Company data

This is a Web site of JVB Digital,

JVB Digital can be reached as follows:

Mailing address: P.O. Box 124, 3830AC Leusden

Branch address: Maten 51, 3831PJ Leusden (Note: this is not a visiting address).

Chamber of Commerce registration number: 32073851

Phone: +31-(0)33-4655366

e-mail address: CustomerService@JVBDigital.nl / info@AVstyle.nl