Privacy Notice

General

This Privacy Notice explains how we collect and use your personal data. We take great care to effectively protect all your data and without exception your personal data. Please read this notice carefully. If you have any questions about this Privacy Notice, or if you want to enforce your rights, please contact us, po@madesmart.nl. 

Personal data in this Privacy Notice has the same meaning as in the EU General Data Protection Regulation 2016/679/EU (GDPR). Essentially, it means information which is connected to a living individual who can be identified from that information, either by itself or when combined with other data likely to come into our possession. Personal data can include information collected by certain cookies or tracking technologies if it builds up a profile of you. 

Collection and use. If we collect and use personal data it is in order to support our primary aim to carry out a business which serves our customers with maritime information. Our purposes and lawful grounds for processing your personal data vary, depending on our relationship with you and on the activity in question. We will never sell your personal data. 

We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.

What we collect and how we use it. 

 Visitors to our Websites: 

– we use Google Analytics for statistical insight in website visit based on IP address 

– we use your name, email address and comment if put in our contact form, to address your request. Your mail address is stored in our CRM to contact you later when we feel this is relevant for you and as related to your request. 

 Client contact: 

– we store your mail in our CRM, or delete when appropriate. 

– We store signed contracts in our administration. 

– Related to our services we monitor and log your log-in details, which might include e-mail address, name, company name and/or telephone number. These are stored in a secured user right management system and/or another secure database (see Data Security), with access limited to you, the user, for your own data, and to assigned authorized officers of MSG to operate and monitor our services to you. (see Data security) 

 Other business contacts: 

– we store your mail in our CRM, or delete when appropriate. 

 Suppliers and service providers and their personnel. 

– we store your mail in our CRM, or delete when appropriate. 

– We store signed contracts in our administration. 

 Applicants for jobs, traineeships etc. 

– we store your mail and data provided in our CRM, or delete when appropriate. We comply with legal limits for keeping data. Data is only accessible by designated authorized officers of MSG 

 Employees 

– Employee records are kept in our administration, and with the accountancy firm we contracted to do the payroll accounting and tax return administration. 

– The administration is accessible only by designated authorized officers of MSG 

– The contracted accountancy firm is compliant with GDPR. 

Data security 

In order to prevent unauthorized access, distortion or disclosure of your personal data we have put in place appropriate physical, technical and organizational measures. Our service providers are required to do the same. Almost all our data is secured in the Equinex Data Centers which comply with the highest safety and security standards. With our managed hosting service provider we have put in place a Data Processing Agreement and made sure the supplier qualifies as a processor within the meaning of Section 4(8) GDPR; 

CRM: limited access designated authorized officers MSG 

Administration: limited access designated authorized officers MSG, and in subcontract data with our accounting firm which complies with GDPR 

Operational systems and website visits: limited access designated authorized officers MSG

Data retention. 

We only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal, accounting or reporting requirements. 

Your rights 

Where applicable we respect your data protection rights, including to request access, rectification, restriction, deletion or “porting” of your data, and to object to our use of your data. We do not make decisions about you based on electronic profiling. You also have the right to complain to the applicable data protection Supervisory Authority, but please contact us first so that we can address your concerns. Please consider we only use your data to provide you services, and failing this data the quality of services might get at stake. 

You have all the rights on your data as you provided to us. These rights include, but not limited to, 

The right to object to direct marketing 

The right to have access to Information 

The right to withdraw your consent to the processing of your personal data 

The right to object to processing of your personal data 

The right to request the restriction of your personal data 

The right to request amendment or erasure of your personal data 

The right to personal data portability 

The right to complain to the Supervisory Authority 

One or more independent public bodies responsible for supervising the application of the GDPR, as referred to in Article 4(21) and Article 51 GDPR. In the Netherlands, this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). 

How to exercise your rights: 

You can exercise your rights at any time by contacting us at po@madesmart.nl 

Please include in your email: 

– A clear statement on which rights you are seeking to enforce; 

– A full description of the information or type of information that you are writing about; and 

– Details which will confirm your identity, such as a scan of your passport or driving license and a recent utility bill.