Personal data entail any information relating to an identified or identifiable natural person. A natural person is considered to be ‘identifiable’ if he can be identified, directly or indirectly, in particular by reference to an identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural of social identity of that natural person.
As a controller, Sparkfish can collect e.g. a data subject’s name, address, date of birth, telephone numbers, e-mailaddress and IP-address.
This personal data is processed and used by Sparkfish in order to optimize her services and to work as efficient and accurate as possible. Sparkfish will process the data for, among others:
The processing of personal data by Sparkfish will be based on the following legal bases:
Sparkfish will provide sufficient security regarding the personal data that is stored and processed.
Both Sparkfish and her appointees will take the appropriate technical and organizational measures to safeguard the processing that will take place.
As far as possible and can reasonably be expected, Sparkfish will make sure that the personal data she has in her possession is updated and that incorrect, incomplete and redundant personal data are corrected or deleted.
Moreover Sparkfish will, as far as possible and can be reasonably expected, make sure to only grant limited access to the personal data to her appointees. This access will be restricted to those appointees that need the personal data in order to execute their duties or to what is necessary information with regard to the requirements of the department.
In this manner Sparkfish will attempt to offer an appropriate level of security for this personal data and the processing thereof.
The data subject will be required to provide all requested personal data to Sparkfish following a legal requirement (e.g. with respect to the Law regarding the prevention of money laundering and the funding of terrorism) and/or because it is a requirement necessary to enter into a contract and to enable the execution of that contract.
In case the data subject does not provide the requested personal data, Sparkfish will not be allowed or able to render the services that have been demanded.
In principle, Sparkfish will only share the personal data with others if the data subject has given its consent to do so or if it is necessary in order to complete a transaction, to deliver a product or to render a service.
If necessary, the personal data will also be shared with Sparkfish’s suppliers, in case it is legally required, in case Sparkfish is involved in a dispute with the data subject, in order to protect Sparkfish’s clients, in order to guarantee product safety and in order to safeguard Sparkfish’s (property) rights.
Sparkfish will not transfer the personal data concerned to third countries or international organizations.
The personal data that has been collected will be stored by Sparkfish for a period of ten years starting from the end of the partnership with the data subject, unless certain legal statutes of limitation or retention periods should demand a longer period.
Furthermore, web beacons and other similar technologies, as well as Google Analytics are used.
Sparkfish makes use of profiling in order to carry out targeted mailings of newsletters. This way Sparkfish will attempt to inform her clients only regarding campaigns and products they might show a particular interest in.
Sparkfish will facilitate the execution of the data subject’s following rights:
In order to exercise this right/these rights, the data subject will need to send an e-mail in this regard to the following e-mailadress: [email protected]. Seeing that Sparkfish will need the necessary assurances regarding the identity of the questioner, the data subject will need to add a copy of its identity document to the request.
Sparkfish will respond promptly and in principle within one month, to the data subject’s request.
In any case the data subject has the right to withdraw its consent regarding the processing of its personal data at any time. However, this withdrawal will not affect the lawfulness of the processing based on that consent before its withdrawal.
Sparkfish’s appointee responsible for security and privacy can be contacted at the following e-mailadress: [email protected].
Should the data subject believe that the processing of its personal data constitutes a breach of the provisions of the GDPR, the data subject will have the right to lodge a complaint with the competent supervisory authority.
In case of any discrepancies between the provisions of this Privacy Statement and the agreement that has been concluded between Sparkfish and the data subject, the provisions as stated in the agreement will prevail.
Sparkfish explicitly reserves the right to amend this Privacy Statement at any time, without any prior notice.