Privacy Policy

Below is the privacy statement of SAMSOUMI BV. It explains how we handle your privacy. Amongst other things it explains which information we process and for which purposes. Furthermore, it states which rights you have with regard to the processing of your data, its correction, etc.

  1. WHO ARE WE?

SAMSOUMI is a limited liability company with its registered office at. Krullart Street 7 5211 HR's-Hertogenbosch and with company number NL861701471B01. Hereafter it will be referred to as: SAMSOUMI

 

  1. WHY IS YOUR PRIVACY IMPORTANT TO US?

As a company, we regularly need to process personal data, for example, when you place an order with us or apply for a job with us.

We declare that our activities are in compliance with current privacy legislation, which is primarily regulated by the General Data Protection Regulation (GDG or its English abbreviation GDPR).

For this reason, we want to inform, respect and give you as much control as possible over what happens to your personal data. Below you will find information about what data we collect about you, why we collect it, how long we keep it, what your privacy rights are and how you can exercise them.

In addition, this privacy statement is addressed to anyone who works with our company so that they also know what rights and safeguards we offer in terms of privacy.

Our privacy policy is governed by this privacy statement, as well as specific privacy agreements we make with you or third parties in an agreement.

In case of conflict, our general terms and conditions and special terms and conditions applicable to specific products and services take precedence over this privacy policy.

All our activities as data controllers are covered by this privacy statement so that your rights with respect to your personal data are always guaranteed.

  1. WHAT DOES "PROCESSING OF DATA" MEAN AND WHO IS RESPONSIBLE FOR IT?  

By "processing of personal data" we mean any processing of data that can identify you as a natural person. The term "processing" is broad and covers, among other things, the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, dissemination or making available by any means, assembly, combination, archiving, erasure or ultimate destruction of such data.

SAMSOUMI is the controller of your personal data.

  1. WHAT PERSONAL DATA CAN WE PROCESS? 

We process the personal data you give us yourself. This can be by phone (for example, when you call us to make an appointment), in writing (for example, when you send us a letter or e-mail, or contact us through the website or social media, or participate in a contest) or verbally (during a meeting).

 

  1. What categories of personal data are processed?

We distinguish different types of personal data, which can be combined with each other:

  • IDENTIFICATION AND CONTACT DETAILS

Identification and contact data are the data that allow us to identify and contact you as a (potential) customer (for example, your name, place and date of birth, nationality, residence status, national register number... and other data mentioned on identification documents, your address, e-mail address and telephone number, bank account number.

 

  • BILLING INFORMATION

Billing information is information that allows us to correctly charge for our services, such as billing address, company number, whether or not you are subject to VAT.

 

  • PREFERENCES AND INTERESTS

Preferences and interests are data related to your activities or your situation that allow us to send you newsletters that may be of interest to you and your activities.

  1. What do we process personal data for and on what basis?

 

  • GENERAL

We process personal data for various purposes, in each case processing only the data necessary to achieve the intended purpose.
Thus, we use personal data when necessary:

  • in connection with the preparation, execution or termination of contracts awarded to us;
  • To comply with the legal, regulatory and deontological provisions to which we are subject;
  • As part of contests in which you expressly participated.

 

  • OUR PROCESSING OPERATIONS

We collect personal data for the following specific purposes:

 

  • When you contact us or we contact you

If you contact us, for example to make an appointment, or you wish to receive our newsletters or follow us on social media, or you wish to apply for a job, we need your identity and contact information. Any information we receive about you will be used only to provide you with the requested information, in the manner you prefer. If you are active with a service provider or supplier of goods (e.g. sales service) who we may wish to use, we also record your identity and contact details.

  • As part of our services
  • We use your data for administration (including billing, transferring third-party funds) and dispute management.
  • We may also process your review data to improve and optimize our services in the future.
  • We may use your information to offer you (in writing, by telephone or electronically) newsletters or new products or services that we think may be of interest to you, as well as to send you greeting cards or invite you to an event organized by us.
  • We may use your data in connection with contests in which you have expressly participated.

 

  • If you work for us 

If you work for our company (as a trainee, employee, staff member or managing partner), then we need to process a lot of personal data about you as part of this relationship, such as your identity, contact details, data mentioned on your CV, the way you function within the company, the way you deal with clients, colleagues, office partners, etc., your presence or absence, training attended, etc. This is with a view to a correct course of the cooperation,

 

  1. How do we store and secure your personal data?

Your data will be stored in the form of a paper and/or electronic file.

Electronic files are kept on secure and locked (backup) servers, both internal and external. Paper files are also kept secure and locked in our offices and/or archives.

Our infrastructure and information systems are equipped with technical measures to protect your personal data from unauthorized access, unauthorized use and loss or theft of your data, including: password protection, hard disk encryption software, firewalls, antivirus, intrusion and anomaly detection and access controls for our employees. Our hardware and software are constantly kept up-to-date. For this, we rely on specialized third parties.

Your personal data is restricted to employees in our office. They are granted access to your personal data only to the extent that they need that information to properly perform their duties. Furthermore, your data are accessible to the administrators of our software systems, this purely in order to perform work on these systems (e.g. updates), and our financial administration for invoicing and accounting purposes. Naturally, we have made contractual agreements with them so that they are also bound by our privacy statement and your rights are guaranteed.

In the event of an unexpected data leak that adversely affects your personal data, you will be notified personally in the circumstances provided by law.

We recommend that you also take the necessary security measures yourself to protect your personal data, such as securing your own mailbox, firewalls on your computer, etc.

  1. To whom may we disclose your information?

We do not sell personal data to third parties and we do not pass it on to third parties except in the following cases:

  • To fulfill our accounting, tax and social law obligations. For example, we must pass on your data, if applicable, to our accountant or the social secretariat.
  • You give us permission to do that.

 

If in other situations we would provide personal data to third parties, this will be done with an explicit notice, which will include an explanation of the third party, the purposes of the transfer and processing. Where required by law, we will obtain your explicit consent.

  1. How long do we keep your data?

We may not keep personal data longer than necessary to fulfill the purpose for which we collect it.

All data we process as part of our services are stored for the duration of the case as well as for a period of 5 years after the conclusion of the case and integral payment of our invoices.

Invoicing and other accounting records are kept for a period of 7 years to comply with our accounting and tax obligations.

Applicant data is kept for a period of 5 years from receipt of the application message and CV, in order to optimize our recruitment policy and to be able to offer the applicant future vacancies.

Upon expiration of the applicable retention period(s), personal data will be deleted or anonymized.

  1. WHAT RIGHTS DO YOU HAVE?
    • RIGHT OF INSPECTION

You have the right at any time to learn from us whether or not we are processing your personal data, and if we are processing it to access that data and receive additional information about:

  • processing purposes;
  • the categories of personal data involved;
  • the recipients or categories of recipients (especially recipients in third countries);
  • if possible, the retention period or, if not possible, the criteria for determining that period;
  • the existence of your privacy rights
  • The right to file a complaint with the supervisory authority;
  • the information we have about the source of the data if we obtain personal data through a third party; and
  • The existence of automated decision-making.

You also have the right to obtain a free copy of the data processed, in understandable form. We may charge a reasonable fee to cover our administrative costs for each additional copy you request.

  • RIGHT TO RECTIFICATION OF PERSONAL DATA

You have the right to have incomplete, incorrect, inappropriate or outdated personal data rectified without delay.

In order to keep your information up-to-date, please notify us of any change anyway, such as a move, a new account number, new contact information, a change of ultimate beneficiary.

  • RIGHT TO DATA ERASURE (THE "RIGHT TO OBLIVION")

You have the right to have your personal data deleted in the following cases, and without unreasonable delay:

  • Your personal data is no longer needed for the purposes for which it was collected or otherwise processed by us;
  • you withdraw your previous consent to processing and there is no other legal basis on which we can rely for the (further) processing;
  • you object to the processing of your personal data and there are no more weighty, justified grounds for the (further) processing;
  • your personal data is processed unlawfully;
  • your personal data must be deleted to comply with a legal obligation;
  • your personal data was collected when you were a minor.

Please note, however, that we may not always be able to delete all requested personal data, for example, when their retention and processing is necessary to comply with legal obligations.

  • RIGHT TO RESTRICTION OF PROCESSING

You have the right to obtain the restriction of the processing of your personal data if any of the following applies:

  • you dispute the accuracy of that personal data: its use will be restricted for a period that allows us to verify the accuracy of the data;
  • the processing of your personal data is unlawful: instead of erasing your data, you request that its use be restricted;
  • we no longer need your data for the original processing purposes, but you need it for the establishment, exercise or support of a legal claim: instead of deleting your data, its use is restricted for the establishment, exercise or support of the legal claim;
  • until a decision has been made on the exercise of your right to object to the processing, request that the use of your personal data be restricted.

 

  • RIGHT TO TRANSFERABILITY OF PERSONAL DATA ('DATA PORTABILITY')

You have the right to request and have your personal data transferred. This is only possible for the personal data you have provided to us yourself, based on consent or following agreement. In all other cases, you cannot enjoy this right (for example, when the processing of your data is done on the basis of a legal obligation).

You may ask us to recover the personal data in question in a structured, common and machine-readable form.

 

  • RIGHT TO OBJECT TO PROCESSING

You have the right, based on your particular situation, to object to the processing of your personal data if the processing is in our legitimate interest or in the public interest.

 

We will cease processing your personal data unless we can demonstrate compelling and legitimate grounds for the processing that outweigh those of you or when the processing of the personal data is related to the establishment, exercise or support of a legal claim (for example, filing an application with a court).

As for your right to object in the context of direct marketing, see below.

  1. HOW TO EXERCISE YOUR RIGHTS?

To exercise your rights, contact your SAMSOUMI at info@momadecupcakes.be

In order to exercise your right of access, and to prevent any unauthorized disclosure of your personal data, we need to verify your identity. In case of doubt or uncertainty, we will first ask you for additional information (preferably a copy of the front of your identity card).

  1. WHAT IF THERE IS A CONFLICT ABOUT THE PROCESSING OF YOUR PERSONAL DATA?

For complaints related to the processing of your personal data, please contact the Data Protection Authority, Printing Press Street 35, 1000 Brussels / +32 (0)2 274 48 00 / contact@apd-gba.be / www.gegevensbeschermingsautoriteit.be.

  1. CHANGES

We reserve the right to modify our privacy policy and this privacy statement from time to time in function of changing regulations and/or the interpretation of these regulations or by changing the way in which we offer our services (and products) (e.g. via new communication techniques). We therefore invite you to always consult the latest version of this policy on our website (www.momadecupcakes.nl). Naturally, we will inform you in advance via our websites or other current communication channels of any change in content and, when required by law, we will ask your prior consent for our (new) processing activities.