Privacystatement

With the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018, we want to give you a clear understanding of what we do with your data. Do we store it? Why and how? And which data? You can read all about it on this page. This privacy statement may be adjusted or further specified.

On our website Sunredheaters.eu (part of OutTrade BV), we ask for your personal data to assist you as best as we can. Of course, we do our utmost to keep your data private. Within OutTrade BV, we spend a great deal of time and attention on protecting your personal information. We consider this very important — after all, it’s nobody else’s business.

You can read below in our privacy statement which data we ask for.

This privacy policy was last modified on May 27, 2024.

Purposes and Legal Bases for Data Processing

At OutTrade BV, we only process personal data that is necessary to carry out your order or agreement. It may happen that data is accessed by third parties, such as billing companies or administrative service providers. OutTrade BV never requests special categories of personal data, and therefore these are also never shared with third parties. We do everything we can to safeguard your privacy and use encrypted portals to keep your data confidential and secure. To keep it simple and clear for you, we’ve grouped the data we store, along with the reasons and legal bases for doing so:

Service, Customer Database, and Financial Processing

• Purpose: Managing orders / fulfilling the agreement
• Data: Name and address details, delivery address, billing address, email address, phone number, payment details, Chamber of Commerce number, VAT number, and customer number
• Legal basis: Performance of a contract
• Retention period: As long as necessary for this purpose

Marketing Newsletters

• Purpose: Informing and engaging customers and subscribers
• Data: Because our contacts already belong to our target audience, we only process first and last name, and (company) email address. This way, we collect as little data as possible, protecting your privacy better
• Legal basis: Given consent
• Retention period: As long as necessary, unless the recipient unsubscribes. Every newsletter includes an unsubscribe option. After unsubscribing, the contact is completely removed from our database.

Data Retention

Your data is stored in our database until further notice from the data subject or until the legal retention period has expired. After that, the data will be removed from OutTrade’s systems.

Right of Access

As a customer, you always have the right to access your personal data. You can also request rectification or deletion. This request will be handled by the responsible department as soon as possible. Requests can be sent to info@outtrade.eu. We aim to respond within 5 days. Under European law, you also have the right to lodge a complaint or object to the processing of your data with the Dutch Data Protection Authority Autoriteit Persoonsgegevens.

You may also request OutTrade to limit the processing of your personal data. Under certain conditions, you have that right.
If you invoke the right to data portability, OutTrade BV is obliged to comply. We will provide your data in a common and accessible format that can easily be imported into another standard digital system.

Data Processors

OutTrade BV uses external parties to properly fulfill the agreement. Think of financial administration or managing customer data in a digital order processing system.
Through processor agreements, OutTrade ensures that these parties also handle your (company) data confidentially.

Cookies – What and How?

A cookie is a small text file that is placed on a tablet, smartphone, or PC. Cookies are necessary to ensure the website functions properly and to provide a better user experience. They can also help us improve the website and better tailor it to visitor preferences. You can find more information about the cookies we use and why on our cookie page.

Can This Privacy Statement Be Changed?

Yes, this privacy statement may be updated. Therefore, we recommend checking it periodically to stay informed. If you still have questions after reading this privacy policy, feel free to contact us at info@outtrade.eu. If you have a complaint, you can also send it to this email address. Additionally, you can always contact the national privacy protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens.

Data Protection Officer (DPO)

OutTrade currently has a designated Data Protection Officer. You can contact them via  info@outtrade.eu. Given the nature of the data we process — and the absence of any special categories of personal data — a DPIA (Data Protection Impact Assessment) is not currently required.

Privacy by Default

OutTrade only processes data that is strictly necessary for a specific purpose. For example, our internal software solutions are used across the organization to manage data in a secure and transparent manner to fulfill contracts. We operate with a legitimate basis under the GDPR. An external party supports OutTrade with additional software services and will act promptly in case of any issues. We also work with external partners for financial administration, under clearly defined agreements to ensure that no unnecessary data is stored.

Data Processing Register

To keep track of customer data being processed, we’ve maintained a processing register since May 25, 2018. This register documents changes or new entries related to our customers, giving insight into what we process, how frequently, and in what way. As required by the GDPR, customers may request insight into the processing of their data. Such requests can also be sent to info@outtrade.eu.

Information Security Policy

This privacy statement reflects our commitment to treating your data confidentially. Sometimes, your data is processed by third parties, and sometimes only within our own database. To outline a clear policy, we first examine various key aspects:

Online Use

The website uses cookies to optimize browsing experiences. These data remain anonymous and cannot be traced back to you as an individual. You also have the option to sign up for our newsletter, where we only request your first and last name and email address. In line with our privacy policy, we aim to collect no more data than necessary. This data is only shared with software tools that help us analyze website usage and automate newsletter distribution.

External Parties

Some external parties may process more than just your name and email. OutTrade only works with partners that offer transparency about how they handle data and guarantee that the data is used exclusively to provide us with optimal service. These parties must also use reliable software security. If a data breach or suspicion thereof occurs, our processor agreement requires them to notify us within 24 hours.

Processing Register

To implement and monitor our policy, OutTrade maintains a processing register since May 25, 2018. This provides insight into the processed data and allows us to respond proactively should anything happen to your information.

Data Breach

Should a data breach occur, OutTrade will notify the Dutch Data Protection Authority as quickly as possible, and within 24 hours at the latest.

Your Data Shared with Third Parties?

As mentioned earlier in this privacy statement, your data may be shared with third parties. These are external parties with whom OutTrade has signed agreements in order to best serve our customers. Examples include the customer database, payment processing, website management, and HR administration. To ensure these parties also handle your data confidentially and with integrity, we have drawn up data processing agreements. If you have any remaining questions after reading this privacy statement, feel free to send them to  info@outtrade.eu.