B2C Europe B.V. is committed to the appropriate and lawful treatment of personal data which B2C Europe B.V. collects, stores and processes on its own behalf as well as on behalf of its clients. B2C Europe B.V. respects the privacy of its business partners, clients and employees and has prepared this privacy statement to inform them of the purposes for which B2C Europe B.V. will process their personal data as well as the obligations upon B2C Europe B.V., its employees and its third party processors when processing personal data.
This Privacy Statement applies when B2C Europe BV acts as a data controller as well as a data processor.
This Privacy Statement applies to the processing of personal data, irrespective of the nature or category of the personal data, relating to:
- Employment candidates
- Suppliers and subcontractors
This Privacy Statement sets out the minimum standard that B2C Europe BV has implemented when B2C Europe BV, its employees and third party processors process personal data. B2C Europe BV includes B2C Europe (Netherlands) B.V., B2C Europe Support B.V., B2C Europe Belgium NV, B2C Europe (Germany) GmbH, B2C Europe China Ltd, B2C Europe (UK) Ltd, Interpost Ltd, B2C Europe Spain SL, B2C Europe (Italy) SRL, B2C Europe (USA) Corp, B2C Europe France SAS and B2C Europe Switzerland GmbH. Any questions or concerns about the interpretation or operation of this Privacy Statement should be raised at the privacy department of B2C Europe B.V..
3. Purpose of personal data processing
3.1. Processing of Client Personal Data
B2C Europe B.V. will usually be a data processor for the execution of a contract with a client which requires it to process personal data controlled by those clients. When B2C Europe B.V. acts as a data processor, it shall commit to process client’s personal data solely in accordance with the contract and the client’s instructions.
3.2. Processing of Personal Data relating to Enquirers, Website Users, Marketing Contacts, Visitors etc.
B2C Europe B.V. will process personal data relating to data subjects who contact B2C Europe B.V. for various purposes, for example through B2C Europe B.V. websites, by email, telephone, letter and other means of communication. B2C Europe B.V. may also process personal data relating to visitors to B2C Europe B.V. controlled premises. For security reasons only, all B2C Europe B.V. offices and warehouses are security camera controlled. B2C Europe B.V. may also process personal data for marketing purposes. Forementioned processing of personal data is either necessary for the execution of a contract, based on a legitimate interest of B2C Europe B.V. or with your explicit consent.
3.3. Processing of B2C Europe B.V. Employee’s Personal Data
For personal data relating to employees of B2C Europe B.V. is the data controller. B2C Europe B.V. will comply with applicable laws (including where necessary any requirement to obtain consent from a data subject or the competent employee representative body – NL Works Council) regarding the processing of any personal data relating to employees.
Purposes for Processing
Subject to applicable legal requirements and restrictions, including but not limited to the general requirement to collect and process only what is necessary to achieve the relevant purpose, B2C Europe B.V. may process some or all of the following personal data categories: name, address (including email address), telephone number, emergency contact details, next of kin details, marital status, date of birth, nationality, gender, referee details, education details, work permit details, passport number or similar document number, national identity number, taxation reference number, bank account details, credit/debit card details, other financial details, employee number, IP address, driving license, car registration number, image and sound.
The main purposes for processing personal data relating to members may include the following:
1. Payroll, Pension, Finance, Shares – B2C Europe B.V. may share relevant personal data with pensions and share scheme administrators, scheme providers, insurance companies, tax authorities and other similar service providers in relation to employment obligations and employee benefits. B2C Europe B.V. will also process personal data for the purpose of identifying and paying employees.
2. Employee Administration and Management – B2C Europe B.V. may process personal data (including where appropriate, and subject to this Privacy Statement and the Applicable Data Protection Legislation, sensitive personal data) about employees and (where relevant) their dependents and next of kin, for purposes related to their employment with B2C Europe B.V.. This may include recruitment, general management, performance management, career development, health and safety compliance, provision of health insurance, life insurance, sickness monitoring/compliance, diversity monitoring, disciplinary procedures, security checks (if and where required), visa applications and other immigration requirements, communications to and from employees, employee contact directories, sensitive/secure area access controls, IT system administration and management, payment of taxes, expense processing and employee benefits.
3. Enterprise Security and Quality Control– B2C Europe B.V. provides some of its employees with pc’s laptops and (mobile) telephones enabling access to internet, e-mail, social media, B2C Europe B.V.’s intranet and various software applications and tools, Besides these digital equipment, B2C Europe B.V. also provides cars and physical workspaces (all of the latter being company property). B2C Europe B.V. trusts that each employee acts responsibly when using company property and to strictly abide by all applicable codes of conduct that are issued in that respect. B2C Europe B.V. may, in some cases or some departments, have good and legally justifiable reasons to monitor the use of digital equipment / devices, digital traffic and the cars through the equipment and devices by employees taking into consideration the necessity of the monitoring and the employee’s privacy. Incidental investigations will only be done for substantial reasons in targeted situations.
4. Regulatory, Professional and Membership Requirements – B2C Europe B.V. may process personal data about employees, and transfer personal data to relevant regulatory bodies and professional/trade/industry organizations, in relation to membership applications and renewals, regulatory requirements (including regulatory/legal reporting requirements), professional standards etc.
5. Compliance with Local Legal Requirements and Agreed Practices – B2C Europe B.V. may process personal data, and transfer personal data to other entities within the B2C Europe B.V. and/or appropriate third parties, as and when local laws require or permit it or where local practices have been agreed with employees, employee representatives, data protection officers, and/or data protection authorities/regulators.
3.4. Internal Transfer and Third Party Processing
On certain occasions B2C Europe B.V. will, only for its internal business purposes, internal reporting and analysis, auditing and customer management (e.g. customer satisfaction / reporting ), transfer personal data to specific companies within B2C Europe B.V.. This allows B2C Europe B.V. to improve the products and services it offers to its clients.
In order to manage the B2C Europe B.V.’s business efficiently, and to work as a global organization with standardized systems and processes, personal data of employees (including where appropriate, in accordance with this Privacy Statement and local legal requirements, sensitive personal data) may be transferred by B2C Europe B.V. to other entities within the B.V. and their designated third party processors for processing worldwide (both inside and outside the EEA).
4. Securing personal data
It goes without saying that we do everything we can to protect your personal data from unauthorized access, loss or theft the best we can. We have taken all necessary technical and organizational measures to ensure your personal data is protected with a standard fitting level of security, which also entails that employees only have access to your personal data when absolutely necessary.
Where at all possible and economically viable, anonymization and pseudonymization measures are applied to personal data to ensure that your actual identity is not discernible or cannot be reestablished without recourse to a disproportionate amount of effort.
If for our services or the execution of a contract, we employ an external party that processes personal data for us, we make sure that that party meets our security requirements. We do so by signing a so-called ‘Processing Agreement’ in which we make agreements on the protection measures and on the use of the personal data.
5. Keeping personal data
B2C will only retain personal data for as long as it needs it to carry out a particular purpose or meet a particular obligation
6. Requests relating to personal data
Based on the GDPR, you have the right to view your personal data that we process. In addition, you have the right to have us correct, block or remove your personal data.
For example, do you want to know what personal data of yours is processed by B2C Europe or which rights you have in terms of correcting, blocking and/or removing data? Contact us at the contact details provided below.
7. Revisions and changes to this statement
For any comments or questions on this privacy statement or to view/delete/alter any of your personal data, contact us via privacy@B2CEurope.eu.