Dataflex Policy Statement on Personal Data

Dataflex International B.V. and all of its subsidiaries (Dataflex Benelux B.V., Dataflex Deutschland GmbH, Dataflex France Sarl and Dataflex UK Ltd.), hereinafter referred to as “Dataflex”, handle the personal details of third parties with care. Hereby Dataflex satisfies the legal requirements of the General Data Protection Regulation (GDPR). The purpose of this document is to provide further information.

1. What is personal data?

All information about an identified or identifiable natural person is personal data. This means that information is directly about someone or can be traced to someone.

2. Which personal data does Dataflex process?

Dataflex only processes the data required for its business operations. Additional information is not requested, and if this reaches Dataflex, deleted. Examples of required data for business operations are:
    contact details
    - name
    - address
    - place of residence 
    - telephone number
    - email address
  • gender
  • client number(s)
  • financial details
    - bank account information
    - quotes
    - orders
    - invoices

  • data about the use of products and/or services
  • data from studies and reports

The information that is stored depends on the type of business relationship and the information that is shared with Dataflex.

3. Processing: principles and legitimate interests

Personal data is processed on the basis of the following principles from Article 6 of the GDPR:
  • permission;
  • performance of an agreement;
  • legal obligation;
  • fulfilment of a duty in the common interest;
  • legitimate interest of Dataflex or a third party.

Legitimate interests include: marketing, advertising, security, prevention of crime, IT administration, research and analysis of our products or services, company in-house matters, legal matters, internal management.

4. Purposes of processing personal data

Dataflex processes personal data for the purposes stated below:
  • The creation and maintenance of client relationships including the maintenance of a direct relationship between the person responsible, dealers, service partners and related financial service providers, including for commercial purposes.
  • The handling of orders (including invoicing), processing in financial accounting systems and dealing with logistics.g.
  • Offering customer service including services concerning the purchase of services and products, the fulfilment of guarantee obligations and product withdrawals for our own services and those of our dealers or service partners, handling complaints and requests.
  • Conducting market research to improve our business operations, services and products.
  • Updating business contacts about price alterations, changes to product ranges, or other commercial information. Hereby is always the option to unsubscribe or change email address.
  • The improvement of the content of Dataflex’s communications by customizing these to personal preferences.
  • The (continued) development and improvement of new and existing products and services.
  • The measuring of customer satisfaction, offering management information and determining the general business strategy.
  • Complying with legal obligations, settling disputes and enforcing our rights and agreements.

5. Sharing with third parties

Dataflex shares personal information with third parties in the following cases and with the related reasons:
  • with affiliated financial service providers;
  • with authorised dealers or service partners from Dataflex’s distribution network;
  • in the event of a legal obligation or authority to provide personal data to third parties;
  • in cases of suspicion of a violation of the rights of third parties, of criminal offenses or of abuse, Dataflex may provide personal data to third parties with a legitimate interest or to entities that serve the public interest. This may include law enforcement authorities, such as the Public Prosecution Service or regulatory authorities;
  • Dataflex may also share data with other business units within Dataflex Holding for the execution of agreements, or for legitimate business interests, such as conducting central administration or customer service and the analysing of services;
  • with parties who assist Dataflex in its services and are not processors (such as accountants and (legal) advisers);
  • for economic purposes (such as the sale of business activities or shares, or restructuring).

6. Storage period for personal data

Personal data is stored in accordance with Dataflex’s internal data retention policy and/or as long as (i) the customer relationship lasts, (ii) Dataflex is legally obliged to store the data, or (iii) Dataflex believes there are good grounds for storing data, for instance, for guarantee claims.

7. Identifying website visits

Cookies may be used during visits to Dataflex’s websites with the purpose of being able to offer visitors a faster, safer and personalised customer experience. It is possible to reject cookies (For more details, see:

8. Rights

Everyone has the right to know the personal data that Dataflex has recorded about him/her and to whom Dataflex has provided this personal data. Regarding this contact Dataflex will make every effort to respond within the legally required period. 
Other rights of persons whose data Dataflex processes are:

  • the right to withdraw consent to the processing of (specific) personal data where this does not conflict with Dataflex’s other legal obligations;
  • the right to submit a complaint to the Dutch Data Protection Authority;
  • the right to have personal data rectified/corrected;
  • the right to the removal of personal data, insofar as this does not conflict with other (legal) obligations of Dataflex;
  • the right to restrict the processing of personal data;
  • the right to data portability;
  • the absolute right to object to direct marketing;
  • the right to object to processing that takes place due to the legitimate interests of Dataflex or a third party (depending on personal circumstances).

9. Security and protection of data

Dataflex uses appropriate protection measures to combat any misuse, loss, unauthorised access, undesired disclosure and unauthorised alteration as much as possible. Dataflex has taken both technical and organisational measures to protect personal data. These security measures are periodically reviewed on the basis of threats.

10. Contact

If you have any questions and/or comments regarding this policy statement on personal data, please contact:

11. Changes

The way in which and the composition or quantity of personal data processed by Dataflex may change. Therefore Dataflex retains the right to alter this policy statement. If necessary, the persons concerned will be informed of an alteration. This policy statement always includes the last date of amendment.
This statement was last revised on 23 May 2018.

This statement was last revised on 23 May 2018.