Because Thingsdata attaches high value to your privacy, we explain in this privacy statement which personal data we collect and use, but also why we do this.
Thingsdata is responsible for the processing of personal data as shown in this privacy statement. See also our data processing agreement for more information.
Thingsdata holds ISO 9001 and ISO 27001 certifications, issued by DEKRA. These certifications confirm that our quality processes and information security measures meet international standards. The ISO 27001 certification specifically covers the management of personal data and information security risks within our organisation.
View our ISO 9001 certificate and our ISO 27001 certificate.
When do we process your personal data?
Thingsdata processes your personal data because you use our services and/or because you provide it to us yourself. Below you will find an overview of the personal data that we can process:
- First and last name;
- Gender;
- Address;
- Telephone number;
- E-mail address;
- Location data.
Other personal data that you actively provide, for example, when you correspond with us or when you call us. Technical data of the equipment you use, for example your smartphone/laptop/tablet, such as IP address and the software used. Other data necessary for the processing purposes listed below.
What do we do with your personal data?
Thingsdata can use this data for the following purposes:
- Handling your order and payment;
- To be able to call or e-mail you if this is necessary to be able to carry out our services;
- To inform you about changes to our services and products;
- To allow you to create an account;
- To be able to deliver goods and services to you;
- Sending our newsletter (if registered for this);
- To improve our website and our services;
- Handling requests, complaints and disputes and compliance with legal obligations;Legal bases for the processing are entering into and executing agreements that we conclude with you, complying with legal obligations and representing our legitimate interest, including in being able to offer and promote our services. We also ask for your permission to send the e-mail newsletter and place cookies. You can withdraw your consent at any time.
How long do we retain your personal data?
Thingsdata retains your personal data no longer than strictly necessary to achieve the purposes for which your data was collected. Retention periods are set out in our information security policy, which forms part of our ISO 27001-certified management system.
The security of your personal data
Thingsdata takes the protection of your data very seriously. As an ISO 27001-certified organisation, we operate an Information Security Management System (ISMS) that is continuously audited and improved. This system encompasses technical and organisational measures to prevent misuse, loss, unauthorised access, unwanted disclosure and unauthorised modification of personal data. Specific measures include encrypted connections (SSL/TLS), access control based on the least-privilege principle, periodic risk assessments and internal audits in accordance with the ISO 27001 standard. Our certification is reviewed annually by DEKRA as an independent external party.
If you have the impression that your data is not properly secured or there are indications of abuse, please contact us through info@thingsdata.nl.
Thingsdata also uses certified SSL connections for the website during the ordering process and all contact forms.
Provision to third parties
Thingsdata will only provide your personal data to third parties if this is necessary for the execution of our agreement with you or to comply with a legal obligation. The parties we work with are carefully selected by Thingsdata in order to guarantee the protection of your personal data. Third parties have concluded a processing agreement with Thingsdata, which includes, among other things, that they will only process your data on behalf of Thingsdata.
Where applicable, we require partner organisations to demonstrate information security measures commensurate with the level we uphold as an ISO 27001-certified organisation.
Cookies, or similar techniques, that we use
A cookie is a small text file that is stored in the browser of your computer, tablet or smartphone when you first visit this website. Thingsdata uses functional, analytical and tracking cookies. These are cookies with a purely technical functionality and are used to make the website work properly and to be able to optimize it. The cookies also ensure that, for example, your preferred settings are remembered. In addition, we place cookies that keep track of your surfing behavior so that we can offer customized content and advertisements. You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information that has previously been stored via the settings of your browser.
View, adjust or delete your personal data
You have the right to view, adjust or delete your personal data. In addition, you have the right to withdraw your consent to data processing or to object to its processing by Thingsdata. Finally, you have the right to data portability. This means that you can submit a request to us to send your personal data that we have available in a computer file to you, or to another organization mentioned by you.
For questions or a request for access, correction, deletion, data transfer, withdrawal of your consent or an objection to the processing of your personal data, please email: info@thingsdata.nl
You can also send your question and/or request by post to:
Thingsdata BV
Johan van Hasseltweg 2-C4
1022 WV Amsterdam
To ensure that the request for access has been made by you, we ask you to send a copy of your proof of identity with the request. Make your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) black in this copy. This is to protect your privacy. We will respond to your request as soon as possible and at the latest within four weeks.
You also have the right to submit a complaint with the supervisory authority. The competent supervisory authority is the Dutch Data Protection Authority.
Changing or updating our privacy statement
We may change our privacy statement, for example because we believe that the privacy statement could be even clearer, if it contains a spelling error or if our services or working methods change. You can always view the latest version of our privacy statement on our website. This privacy statement was last updated on July 26, 2023.