In short, we inform you comprehensively about the data we process about you.
Scope of application
The responsible person
In accordance with the DPA and the GDPR, we as the “Data Controller” need to provide our contact details. If you have any questions about data protection, you can contact us using the following:
The legal bases, as set out in the DPA and the GDPR, enable us to process Personal Data and we only process your data if at least one of the following applies:
You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data of a contact form.
In order to fulfil a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a sales contract with you, we need Personal Data in advance.
If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain Personal Data.
In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process Personal Data. For example, we need to process certain data in order to operate our website in a secure and economically efficient manner. This processing is therefore a legitimate interest.
It is a general requirement that we only store Personal Data for as long as is absolutely necessary for the provision of our services and products. This means that we delete Personal Data as soon as the reason for processing the data no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes or statutory retention periods. Should you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as soon as possible and insofar as there is no obligation to store it.
Cooperation with processors and third parties
If in the course of our processing, we disclose data to other persons and companies, transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, is necessary for the performance of the contract, you have consented, a legal obligation provides for this or on the basis of our legitimate interest (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called “processing agreement”.
You have the following rights to ensure that data is processed fairly and transparently. This includes:
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.
Processing of Personal Data
When you contact us and communicate by phone, e-mail or social media, Personal Data may be processed. The data is processed for the purpose of handling and processing your question and the related business transaction. The data will be stored for the same period of time or as long as required by law. The processing of data is based on the following legal grounds: Consent, Contract, and our Legitimate Interests.
When you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically saves data such as
As a rule, the above data is stored for 14 days and then automatically deleted. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful behaviour. The processing of Personal Data in the context of web hosting results from our legitimate interest.
To provide our website, we use the services of Webvalue BV who process the above-mentioned data and all data to be processed in connection with the operation of our website on our behalf.
We also use the Content Management System (CMS) of Webstart BV to publish and maintain the created and edited Content and texts on our website and to provide the forms used. This means that all content and texts submitted to us by users for publication is transferred to Webstart. In addition to texts, this also includes, for example your data in our forms. This represents a legitimate interest.
In our online shop we offer you two options for purchase processing the Creation of a customer account and placing an order as a guest. For both options, the data required for order and payment processing and fraud prevention are requested, marked as mandatory fields:
If you decide to register in our shop, you have the advantage that you can view your order history and manage your master data, and your specified data will be stored for future order transactions. Once you have completed the registration process, your data is stored with us for use in the protected customer area. The online shop naturally offers you the possibility to make changes to your master data and to use the "My Account" function.
You can of course revoke your consent to the use of your account, your customer account in the shop will then be deactivated.
Please note: Your password will be stored in encrypted form. Employees of our company cannot read this password. Therefore, they cannot give you any information if you have forgotten your password. In this case, please use the "Forgotten password" function, which will send you an automatically generated new password by e-mail. No member of staff is authorised to ask you for your password by telephone or in writing. Therefore, please never give your password if you receive such requests.
If you decide to place a guest order in our shop, no customer account will be created in the shop. If you place another order, you will have to enter your data again for order processing.
In our online shop, you can choose between different payment methods. For this purpose, the respective payment-relevant data is collected in order to be able to carry out your order and payment processing. The data will be transmitted to our payment service providers for payment processing (currently Mollie B.V.).
The payment systems we use, use SSL encryption to protect the transmission of your data. The legal basis for the data processing is contract, as the processing of the data is necessary for the performance of the contract. The transfer of data for payment processing as well as for fraud prevention and detection is based on our legitimate interest as well as for the fulfilment of the contractual relationship.
In order to fulfil the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. If you have given us your consent to do so during or after your order, we will pass on your e-mail address to the selected shipping service provider so that the shipping service provider can contact you before delivery for the purpose of delivery notification or coordination.
Security and confidentiality
To ensure the security and confidentiality of the Personal Data we collect on the website, we use data networks that are protected by, among other things, industry-standard firewalls and password systems. When handling your Personal Data, we take appropriate technical and organisational measures to protect your information from loss, misuse, unauthorised access, disclosure, alteration, or destruction and to ensure its availability.
Nonetheless, databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Transfer of Personal Data
We will not disclose or otherwise distribute your Personal Data to third parties unless this:
However, we are entitled to outsource the processing of your Personal Data in whole or in part to external service providers acting as processors within the framework of the DPA and GDPR. External service providers support us, for example, in the technical operation of the services, support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.
The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the DPA and the GDPR responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organisational measures, and additional controls by us.
We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil our legitimate interests.
We maintain a presence in "social media" (currently Facebook, and Instagram). Insofar as we have control over the processing of your data, we ensure that they comply with applicable data protection regulations. However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).
In addition, we collect data for statistical purposes in order to be able to further develop and optimise the content and to make our online offer more attractive. The data required for this purpose (e.g., total number of page views, page activities and data provided by visitors, interactions) are processed and made available by the social networks. We have no influence on the generation and presentation of this data.
Further, your Personal Data is used by the providers of the social media, but also by us for market research, communication, and advertising purposes. It is possible, for example, that usage profiles are created based on your usage behaviour and the resulting interests. This allows, among other things, advertisements to be placed within and outside the platforms that presumably correspond to your interests. The processing of your Personal Data by us is based on our legitimate interest.
Advertising and Marketing
We use the data you provide to fulfil and process our contract and to respond to your enquiries on or on the basis of your consent. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.
Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe (or opt-out).
We use Facebook, and Instagram Conversion Tracking for marketing and optimisation purposes, in particular to analyse the use of our website and to be able to improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behaviour, we want to improve our offer and make it more interesting for users. This is also our legitimate interest in the processing of the above data by the third-party provider.
You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser.
Furthermore, you can also prevent the collection of the aforementioned information by Facebook, and Instagram by changing the corresponding settings in your Facebook, and Instagram Account. Please note that these settings will be deleted when you delete your cookies.
Our e-mail newsletter
If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory data for sending the newsletter is your e-mail address. We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter once you have expressly confirmed that you consent to receiving newsletters. By activating the confirmation link, you give us your consent. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately. The newsletter is sent using the dispatch service provider "MailChimp", a newsletter dispatch platform of the US provider Intuit Inc.
Personal Data and Children
The services available on our website are aimed at people aged 18 and over. We will not knowingly collect, use or disclose Personal Data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.
Links to other websites
The website may contain links to another website. We have no control over the privacy practices or the content of those other website. Therefore, we recommend that you carefully read the respective privacy policies of this other website that you visit.
Because we’re always looking for new and innovative ways to improve our website and services, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.
Who should I contact for more information?
Instagram: HIV tests
Facebook: HIV tests