Privacy policy
Introduction.
Eden Sept is doing everything to respect and protect your privacy. Our goal is to be clear about what information we collect and how we use and protect your personal information.
Laws and Regulations.
The information we collect, use, and process is gathered in accordance with: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, or 'GDPR').
Dutch Data Protection Law.
Principles.
This policy is based on the following principles:
Personal data shall be processed lawfully, fairly, and transparently.
Personal data shall only be collected for specific purposes and not further processed in a manner that is incompatible with those purposes.
Personal data shall be adequate, relevant, and limited to what is necessary for processing.
Personal data shall be accurate and, where necessary, kept up to date, with every reasonable step taken to erase or rectify without delay.
Personal data shall be kept in a form that permits identification of data subjects only for as long as is necessary for the purposes of processing.
Personal data shall be processed in a manner that ensures appropriate security. Personal data shall not be shared with third parties unless necessary to provide services in consultation with them.
Data subjects shall be able to easily exercise their rights.
What is this Privacy Policy for?
Personal information is data that can be used to identify you or to contact you. According to the General Data Protection Regulation (GDPR) of the EU, all personal data is defined as: 'any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.'
When we collect personal data, we will never collect sensitive personal data about you. The EU General Data Protection Regulation (GDPR) defines sensitive personal data as "categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union, genetic data, biometric data, health data, or data concerning a natural person's sex life or sexual orientation."
When you use our website and/or purchase something from us, we may collect various types of information. In any case, we make every effort to ensure that the information we receive and use is appropriate for the purposes outlined below.
Purposes: To sign you up for our newsletters and to receive information, news, and offers about our products.
Information we might use: Email address.
Legal basis for processing: Your consent: You grant permission to receive newsletters from us.
Purposes: To inform or remind you about a task that hasn't been completed yet (incomplete orders, abandoned carts).
Information we might use: Email address.
Legal basis for processing: For our legitimate interests*: It helps us improve your customer experience.
Sharing Your Information.
We will never sell your personal data to third parties. However, we may share your personal data with companies that are experts in their field and assist us in operating the website, running our business, or serving you. But don't worry! All our service providers are selected by us for their ability to provide the specific required services, including their ability to handle your personal data. All these providers offer sufficient guarantees to implement the technical and organizational measures required to meet the requirements of the GDPR and ours. We share your personal information in the following cases:
- With any member of our group, i.e., our subsidiaries, our ultimate holding company, and its subsidiaries.
- In the event that we buy or sell a business or assets, data may be disclosed to the potential buyer or seller of those businesses or assets.
- If we are obliged to disclose or share your personal data to comply with a legal obligation or to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, or safety of EDEN SEPT, our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
- If we process it on behalf of a client.
- To companies for the execution of a contract we enter with you or them and that assist us in adequately delivering our services, such as payment service providers, delivery companies, or our warehouse.
- To other professional service-providing companies like website hosts, advertising/marketing agencies, and analytic or search engine providers that assist us in running, improving, or optimizing the website and help us store your data.
- With your explicit consent. Transfer of your information outside the European Economic Area When an external provider is located outside the European Economic Area, we will always ensure that the transfer of personal data is protected by appropriate safeguards, namely the use of standard data protection clauses approved by the European Commission, where the data protection authority believes that the third country has adequate data protection laws or with companies that are Privacy Shield certified. What are your rights? As long as we possess or process your personal data, your rights are as follows:
- Right to information: Our aim is to be as clear and transparent as possible about how we use and process your data. You can easily find this privacy statement at various locations on our website and in the app. You can request a PDF copy of this statement by contacting us.
- Right to access: You have the right to request a copy of the data we hold about you. Please note that exceptions apply to this right. We might not be able to provide all the information if, for example, providing your data would reveal personal data about another person, if we are legally prevented from disclosing such information, or if your request is clearly unfounded or excessive.
- Right to rectification: You have the right to correct data we hold about you that is inaccurate or incomplete. You can edit the information we hold about you in your account settings.
- Right to be forgotten: Under certain circumstances (i.e., if we have no legal reasons to continue storing your data), you can ask to have the data we hold about you removed from our records.
- Right to restrict processing: Under certain conditions, you have the right to restrict the processing of your data.
- Right to data portability: You have the right to transfer the data we hold about you in a secure manner to another organization. This right applies only to personal data that EDEN SEPT holds and must be retained by EDEN SEPT with consent or for the execution of a contract, and the processing is carried out automatically.
- Right to object: You have the right to object to certain types of processing, such as direct marketing. You can unsubscribe from our newsletters at any time, for example, by clicking on the unsubscribe link at the end of our newsletters.
- Right to withdraw consent: If you have given EDEN SEPT permission to process your data, you have the right to withdraw your consent at any time.
-
Right to file a complaint with a supervisory authority: In the event that EDEN SEPT has not responded correctly to your request, you have the right to file a complaint with a supervisory authority.
To access which personal information identification is required. When requesting access to your information, we are required to take all reasonable measures to verify your identity before granting you access. These measures only exist to protect your information and reduce the risk of identity fraud, theft, or unauthorized access to your information. We, therefore, kindly ask you to send us original or certified copies of the following documentation: passport, ID card, birth certificate, or driver's license. One of the above documents is required to request your personal information. We will try to respond within a month. If you want to exercise any of the above rights, please contact us using the contact details below.
How long do we keep your information? We retain your personal data as long as you have an account and as long as necessary to comply with our legal/regulatory obligations, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. When we no longer need to retain your personal data, they will be deleted or anonymized so that they can no longer be linked to you. We destroy all financial information once we have used it and no longer need it.
How are your personal data secured? EDEN SEPT will make all reasonable efforts to protect your personal data. We use the latest industry standards and security measures such as SSL/TLS encryption for the protection of personal and user data. Our goal is to take all applicable technical and organizational measures to ensure a level of security appropriate to the risk of processing and using personal data. We have security processes in place to continuously ensure the confidentiality, integrity, availability, and resilience of our processing systems and services or those of third parties, as well as the ability to timely restore the availability and access to personal data in the event of a physical or technical incident. Your data is always stored in secure environments, and we train our employees in best practices for data protection. We require them to sign a confidentiality agreement. You can access and edit your personal data after logging into your account. To log in, you need to know your credentials, email address, and password. There is no way to access your personal data without knowing the login details. Therefore, an unauthorized party has no access to this information. Therefore, we ask you to keep your password secret and not share it with others (not even a friend!). Let us know immediately if you know or suspect that you have lost your login details or that someone else has access to your account.
Links to other websites or social media Our website or newsletters may occasionally contain links to and from other websites of our partners, advertisers, and affiliates. Please note that this privacy policy only applies to this website. If you visit one of these websites, we recommend reading their own privacy policy as we do not accept responsibility or liability for this policy.
Transfer of your information outside the European Economic Area
When an external provider is located outside the European Economic Area, we will always ensure that the transfer of personal data is protected by appropriate safeguards, specifically the use of standard data protection clauses approved by the European Commission, where the data protection authority believes that the third country has adequate data protection laws or with companies that are Privacy Shield certified.
What are your rights? As long as we possess or process your personal data, your rights are as follows:
Right to information Our goal is to be as clear and transparent as possible about how we use and process your data. You can easily find this privacy statement in various locations on our website and in the app. You can request a PDF copy of this statement by contacting us.
Right to access You have the right to request a copy of the data we hold about you. Please note that there are exceptions to this right. We might not be able to provide all the information if, for example, disclosing your data would reveal personal information about someone else, if we are legally prevented from disclosing such information, or if your request is manifestly unfounded or excessive.
Right to rectification You have the right to correct data that we hold about you that is inaccurate or incomplete. You can edit the information we store about you in your account settings.
Right to be forgotten Under certain circumstances (i.e., if we have no legal reasons to continue storing your data), you can request the deletion of the data we store about you from our records.
Right to restrict processing Under certain conditions, you have the right to restrict the processing of your data.
Right to data portability You have the right to securely transfer the data we store about you to another organization. This right only applies to personal data that EDEN SEPT holds and must be retained by EDEN SEPT with consent or for the execution of a contract, and the processing is automated.
Right to object You have the right to object to certain types of processing, such as direct marketing. You can unsubscribe from our newsletters at any time, for instance, by clicking on the unsubscribe link at the end of our newsletters.
Right to withdraw consent If you have given EDEN SEPT permission to process your data, you have the right to withdraw your consent at any time.
Right to file a complaint with a supervisory authority In the event that EDEN SEPT has not responded correctly to your request, you have the right to file a complaint with a supervisory authority.