RPI complies with all applicable laws and regulations, including the General Data Protection Regulation. This means at least in any case:
- Processing of your personal data is limited to the minimum necessary for the purposes for which they are processed;
- We ask for your explicit consent if we need it for the processing of your personal data;
- We have taken appropriate technical and organizational measures to ensure the security of your personal data;
- We do not transfer personal data to other parties, unless this is necessary for the implementation of the purposes for which they were provided;
- We are aware of your rights regarding your personal data, want to point them out to you and respect them.
Marinus van Meelweg 13
5657 EN Eindhoven
2. Purposes for which we process personal data
Your personal data will be processed by RPI for the following purposes:
- Administration, confirmation, delivery (customers and their consumers);
- Management of the company (employees and company related stakeholders);
- Sending newsletters and invitations (commercial contacts).
3. Provision to third parties
We may provide the information you provide to us to third parties if this is necessary for the execution of the purposes described above.
For example, we may (possible) use third parties for:
- Sending of finished products to end-users;
- Storing data as part of backup/restore measures;
- Taking care of personnel administration;
- Taking care of the (financial) administration;
- Taking care of newsletters and invitations.
We never disclose personal data to other parties with whom we have not entered into a processor agreement. We will of course make the necessary arrangements with these parties (processors) to guarantee the security of your personal data, and we will not pass on the information you provide to other parties, unless this is required and permitted by law. We may also share personal data with third parties if you give us written permission to do so.
We do not provide personal data to parties established outside the EU.
We only process personal data of minors (persons under 16 years of age) if written consent has been given by the parent, guardian or legal representative.
5. Storage period
RPI does not retain personal data for longer than necessary for the purpose for which they were provided or required by law.
We have taken appropriate technical and organizational measures to protect your personal data against unlawful processing, for example, we have taken the following measures;
- All persons who are able to acquaint themselves with your data on behalf of RPI are bound by confidentiality.
- We use a username and password policy on all our systems;
- We pseudonymise and encrypt personal data if there is reason to do so;
- We make backups of the personal data in order to be able to recover it in the event of physical or technical incidents;
- We regularly test and evaluate our measures;
- Our employees are informed about the importance of personal data protection.
7. Rights regarding your data
You are entitled to inspect, rectify or delete the personal data we have received from you. You can also object to the processing of your personal data (or part of it) by us or by one of our processors. You are also entitled to have the information you provide us transferred to yourself or directly to another party. We may ask you to identify yourself before we can respond to the above requests.
Should you have a complaint about the processing of your personal data, please contact us directly. Should we not be able to settle your complaint, obviously this would be unsatisfactory. In that case you’ll always have the right to lodge a complaint with the Personal Data Authority, which is the supervisory authority in the area of privacy protection.