a. Privacy statement: this privacy statement;
b. User: every user of the website;
c. DARQ Maastricht Maastrichter Smedenstraat 2, 6211GL Maastricht, 043 785 55 58
d. website: the website run on the domain name www.darqmaastricht.com
The personal information processed by DARQ Maastricht are;
Collection and use of personal data.
DARQ Maastricht collects personal data when the user transmits user data through the website to DARQ Maastricht, e.g. when the user is requesting information about services or products of DARQ Maastricht, places an order at DARQ Maastricht, or when the user applied for the newsletter of DARQ Maastricht.
DARQ Maastricht uses this personal data for purposes the user has given the data for DARQ Maastricht]:
when the user requests DARQ Maastricht for information about products or services DARQ Maastricht processes the given information to handle such requests.
When the user places an order, DARQ Maastricht uses this personal data to finish the order.
[When the user signed up for the newsletter, DARQ Maastricht will use this personal data to send newsletters to the user.]
In addition, DARQ Maastricht may use the personal data to inform its Users of products or services of DARQ Maastricht that could be of interest to the relevant User. If the User objects to this, he or she can get in contact with [e-mail] - email@example.com
Users can subscribe to the newsletter, which means they periodically can receive an e-mail with information, news and products and services of DARQ Maastricht. This subscription can be cancelled any moment by the user. The e-mail will only be used with explicit consent of a user to be added to this subscription list. The details will be saved for this goal, until the user cancels the subscription.
Social media buttons
On the website of DARQ Maastricht there can be buttons installed to share pages or content of the website on different social media platforms such as [Facebook, Twitter, Linkedin,] etc. The content shared on these third party platforms via these buttons will be a responsibility of each specific platform. By clicking these buttons you will activate the corresponding platform.
We advise users to read the privacy statement of these platforms to see what they do with personal data of users when they click said buttons.
In case the DARQ Maastricht needs permission from the user to use personal data and the user is younger than 16 years, the user needs to have permission of his or her parents or guardian to provide the personal data to DARQ Maastricht. The parent or guardian in such case can always change or modify provided personal data to DARQ Maastricht.
Transfer to 3rd party
DARQ Maastricht will not share personal details of it’s users with third parties, unless:
The transfer is done to a by DARQ Maastricht assigned data processor for purposes for which DARQ Maastricht and the data processor have an agreement which offers sufficient guarantees with regard to technical and organizational security measures with regard to the processing to be carried out; or
DARQ Maastricht is required by law to pass on personal data to competent authorities.]
DARQ Maastricht could also send personal data to third parties outside the EU. DARQ Maastricht party makes sure that there are suitable security measures in place to prevent unauthorised access and abuse of personal data. For more information about the measurements in place contact firstname.lastname@example.org
Security and confidentiality
DARQ Maastricht ensures appropriate technical and organizational measures to prevent loss or unlawful processing of personal data. These measures guarantee, taking into account the state of technology and the costs of implementation, an appropriate level of security, having regard to the risks involved in the processing and the nature of the data to be protected. The measures are also aimed at preventing unnecessary collection and further processing of personal data.
DARQ Maastricht must record all data leaks and report them to the Local Data Protection Authority, unless it is unlikely that the data leak involves a risk to the rights and freedoms of natural persons. Based on records the data protection authority must be able to check if DARQ Maastricht complied to the report duty.
DARQ Maastricht will notify the person(s) of the Data Leak as described above, insofar as the data leak is likely to pose a high risk to the rights and freedoms of natural persons.
With this Statement DARQ Maastricht meets its information obligation by informing the persons whose personal data are processed. This information is provided prior to the collection of the personal data or, if the data originate from third parties, prior to the moment of recording.
With this declaration DARQ Maastricht informs the users about their personal data being processed, for what purpose and on what basis and to whom the personal data are provided. Finally, this Declaration states which retention periods DARQ Maastricht will use.
Rights of person(s) involved: inspection, correction, protest
Every person involved has the right to inspect. A request for access may bear little costs if the person requests additional copies of the personal data.
If DARQ Maastricht doubts the identity of the petitioner, he or she shall as soon as possible request the petitioner to provide further information in writing regarding his identity or provide a valid proof of identity. This request suspends the deadline until the time that the requested proof is delivered.
A request for inspection must be made to DARQ Maastricht, who will respond to this in writing within four weeks of receipt of this request.
If the person concerned requests a correction because certain recorded data would be incorrect or incomplete, or because the objective of the system is not relevant, or conflict with these regulations, DARQ Maastricht takes within four weeks after the data subject submitted a decision on this.
If an involved user has made a request for correction of personal data processed by DARQ Maastricht, the same user may request that the processing be restricted during the period that DARQ Maastricht investigates the request. Even if the involved user is of the opinion that DARQ Maastricht unlawfully processes personal data or no longer needs them, or if the involved user has objected to data processing, the involved user may request (temporarily) to limit data processing.
In case DARQ Maastricht sees reason to comply with the request for limitation of data processing, DARQ Maastricht will only process personal data with the consent of the involved user or when there is a legitimate interest (including, but not limited to, the institution, exercise or substantiation of a legal claim).
DARQ Maastricht ensures that a decision to correct, supplement, remove or limit is implemented as quickly as possible.
The person concerned is entitled at all times to object to the processing of personal data concerning him or her on the grounds of a specific basis of those provisions. DARQ Maastricht ceases to process the personal data unless it invokes compelling justified grounds for processing that outweigh the interests, rights and freedoms of the involved user or that are related to the institution, exercise or substantiation of a legal claim.
When personal data are processed for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data relating to him for such marketing, including profiling relating to direct marketing. If the data subject objects to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
DARQ Maastricht must assess whether the objection is justified within four weeks of receipt of the objection. If that is the case, the processing of personal data must be terminated immediately.
The data subject also has the right to have the personal data transferred. This means that the person concerned can submit a request to DARQ Maastricht to send the personal data that is available about the person involved in a computer file to the data subject or to another organization named by the data subject.
A decision on a request for inspection, a decision as mentioned in paragraph 4 and the assessment as referred to in paragraph 6 of this provision are decisions within the meaning of the General Administrative Law Act.
Address and customer data: the personal data will be deleted within the legal time period, unless DARQ Maastricht must comply with any law that requires the retention of your data for a longer period of time.
Employees: the personal data will be deleted no later than two years after the employment or the activities of the person concerned have ended for the benefit of DARQ Maastricht, unless the personal data are necessary to comply with a statutory obligation to retain data.
DARQ Maastricht also informs the person concerned that he / she has the right to submit a complaint to the national supervisory authority, the Local Data Protection Authority. You can find more information on the data supervisor here: Download this PDF
Entry into force and citation
This statement can be cited as Privacy Statement DARQ Maastricht and will take effect on 20-5-2018.
The Declaration is established by DARQ Maastricht and replaces any previous versions. The statement may be modified from time to time by DARQ Maastricht.