SAMSOUMI is a limited liability company with its registered office at. Krullart Street 7 5211 HR's-Hertogenbosch and with company number NL861701471B01. Hereafter it will be referred to as: SAMSOUMI
As a company, we regularly need to process personal data, for example, when you place an order with us or apply for a job with us.
We declare that our activities are in compliance with current privacy legislation, which is primarily regulated by the General Data Protection Regulation (GDG or its English abbreviation GDPR).
For this reason, we want to inform, respect and give you as much control as possible over what happens to your personal data. Below you will find information about what data we collect about you, why we collect it, how long we keep it, what your privacy rights are and how you can exercise them.
In addition, this privacy statement is addressed to anyone who works with our company so that they also know what rights and safeguards we offer in terms of privacy.
Our privacy policy is governed by this privacy statement, as well as specific privacy agreements we make with you or third parties in an agreement.
In case of conflict, our general terms and conditions and special terms and conditions applicable to specific products and services take precedence over this privacy policy.
All our activities as data controllers are covered by this privacy statement so that your rights with respect to your personal data are always guaranteed.
By "processing of personal data" we mean any processing of data that can identify you as a natural person. The term "processing" is broad and covers, among other things, the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, dissemination or making available by any means, assembly, combination, archiving, erasure or ultimate destruction of such data.
SAMSOUMI is the controller of your personal data.
We process the personal data you give us yourself. This can be by phone (for example, when you call us to make an appointment), in writing (for example, when you send us a letter or e-mail, or contact us through the website or social media, or participate in a contest) or verbally (during a meeting).
We distinguish different types of personal data, which can be combined with each other:
Identification and contact data are the data that allow us to identify and contact you as a (potential) customer (for example, your name, place and date of birth, nationality, residence status, national register number... and other data mentioned on identification documents, your address, e-mail address and telephone number, bank account number.
Billing information is information that allows us to correctly charge for our services, such as billing address, company number, whether or not you are subject to VAT.
Preferences and interests are data related to your activities or your situation that allow us to send you newsletters that may be of interest to you and your activities.
We process personal data for various purposes, in each case processing only the data necessary to achieve the intended purpose.
We collect personal data for the following specific purposes:
If you contact us, for example to make an appointment, or you wish to receive our newsletters or follow us on social media, or you wish to apply for a job, we need your identity and contact information. Any information we receive about you will be used only to provide you with the requested information, in the manner you prefer. If you are active with a service provider or supplier of goods (e.g. sales service) who we may wish to use, we also record your identity and contact details.
If you work for our company (as a trainee, employee, staff member or managing partner), then we need to process a lot of personal data about you as part of this relationship, such as your identity, contact details, data mentioned on your CV, the way you function within the company, the way you deal with clients, colleagues, office partners, etc., your presence or absence, training attended, etc. This is with a view to a correct course of the cooperation,
Your data will be stored in the form of a paper and/or electronic file.
Electronic files are kept on secure and locked (backup) servers, both internal and external. Paper files are also kept secure and locked in our offices and/or archives.
Our infrastructure and information systems are equipped with technical measures to protect your personal data from unauthorized access, unauthorized use and loss or theft of your data, including: password protection, hard disk encryption software, firewalls, antivirus, intrusion and anomaly detection and access controls for our employees. Our hardware and software are constantly kept up-to-date. For this, we rely on specialized third parties.
Your personal data is restricted to employees in our office. They are granted access to your personal data only to the extent that they need that information to properly perform their duties. Furthermore, your data are accessible to the administrators of our software systems, this purely in order to perform work on these systems (e.g. updates), and our financial administration for invoicing and accounting purposes. Naturally, we have made contractual agreements with them so that they are also bound by our privacy statement and your rights are guaranteed.
In the event of an unexpected data leak that adversely affects your personal data, you will be notified personally in the circumstances provided by law.
We recommend that you also take the necessary security measures yourself to protect your personal data, such as securing your own mailbox, firewalls on your computer, etc.
We do not sell personal data to third parties and we do not pass it on to third parties except in the following cases:
If in other situations we would provide personal data to third parties, this will be done with an explicit notice, which will include an explanation of the third party, the purposes of the transfer and processing. Where required by law, we will obtain your explicit consent.
We may not keep personal data longer than necessary to fulfill the purpose for which we collect it.
All data we process as part of our services are stored for the duration of the case as well as for a period of 5 years after the conclusion of the case and integral payment of our invoices.
Invoicing and other accounting records are kept for a period of 7 years to comply with our accounting and tax obligations.
Applicant data is kept for a period of 5 years from receipt of the application message and CV, in order to optimize our recruitment policy and to be able to offer the applicant future vacancies.
Upon expiration of the applicable retention period(s), personal data will be deleted or anonymized.
You have the right at any time to learn from us whether or not we are processing your personal data, and if we are processing it to access that data and receive additional information about:
You also have the right to obtain a free copy of the data processed, in understandable form. We may charge a reasonable fee to cover our administrative costs for each additional copy you request.
You have the right to have incomplete, incorrect, inappropriate or outdated personal data rectified without delay.
In order to keep your information up-to-date, please notify us of any change anyway, such as a move, a new account number, new contact information, a change of ultimate beneficiary.
You have the right to have your personal data deleted in the following cases, and without unreasonable delay:
Please note, however, that we may not always be able to delete all requested personal data, for example, when their retention and processing is necessary to comply with legal obligations.
You have the right to obtain the restriction of the processing of your personal data if any of the following applies:
You have the right to request and have your personal data transferred. This is only possible for the personal data you have provided to us yourself, based on consent or following agreement. In all other cases, you cannot enjoy this right (for example, when the processing of your data is done on the basis of a legal obligation).
You may ask us to recover the personal data in question in a structured, common and machine-readable form.
You have the right, based on your particular situation, to object to the processing of your personal data if the processing is in our legitimate interest or in the public interest.
We will cease processing your personal data unless we can demonstrate compelling and legitimate grounds for the processing that outweigh those of you or when the processing of the personal data is related to the establishment, exercise or support of a legal claim (for example, filing an application with a court).
As for your right to object in the context of direct marketing, see below.
To exercise your rights, contact your SAMSOUMI at info@momadecupcakes.be
In order to exercise your right of access, and to prevent any unauthorized disclosure of your personal data, we need to verify your identity. In case of doubt or uncertainty, we will first ask you for additional information (preferably a copy of the front of your identity card).
For complaints related to the processing of your personal data, please contact the Data Protection Authority, Printing Press Street 35, 1000 Brussels / +32 (0)2 274 48 00 / contact@apd-gba.be / www.gegevensbeschermingsautoriteit.be.
We reserve the right to modify our privacy policy and this privacy statement from time to time in function of changing regulations and/or the interpretation of these regulations or by changing the way in which we offer our services (and products) (e.g. via new communication techniques). We therefore invite you to always consult the latest version of this policy on our website (www.momadecupcakes.nl). Naturally, we will inform you in advance via our websites or other current communication channels of any change in content and, when required by law, we will ask your prior consent for our (new) processing activities.
