General Privacy Notice

Alfa Wassermann B.V. (Alfa Wassermann) may process personal data, as defined in the General Data Protection Regulation (GDPR), for example when you make use of its website (www.alfawassermann.nl). We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. Alfa Wassermann values clarity on how we process your personal data. This General Privacy Notice describes the Alfa Wassermann's policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights with due observance of the GDPR and any related applicable legislation. By visiting our website, you are accepting and consenting to the practices described in this General Privacy Notice. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this General Privacy Notice as we undertake new personal data practices or adopt new privacy policies.


1. Contact details
Alfa Wassermann B.V. is the data controller and with its headquarters at Lorentzlaan 5, 3401 MX IJsselstein, the Netherlands ("Alfa Wassermann") and registered at the Dutch Chamber of Commerce with number 30102846. If you have questions or comments regarding this General Privacy Notice please see under 12. "Questions".

2. To whom does this General Privacy Notice apply?
This General Privacy Notice applies to visitors of our website and to other business contacts.

3. What personal data do we process?
Alfa Wassermann processes personal data you have provided to us (for example by way of your business card), personal data generated during your visit to our website and personal data we have obtained from other sources such as the Social Media platforms linked to our website:
- Personal data provided by you: contact details and other personal data, including but not limited to, (distributor, customer and/or field service) names, addresses, telephone numbers, logins and passwords, e-mail addresses and country, provided through business cards, contact forms or other web forms. You can use most services offered through the website without providing your personal information, unless you wish to access the secured parts of our website via login and passwords for distributors, customers and/or field services.
- Personal data obtained through or generated on our website: IP address, your browsing behaviour on the website such as information on your first visit, previous visit and current visit, the visited pages and the manner in which you navigate on the website.
- Other personal data: our services are dynamic and we often introduce new features, which may require the collection of new information. If we collect materially different personal data or materially change how we use your data, we will notify you and may also modify this General Privacy Notice.

4. Third party websites
Our website contains hyperlinks to websites of other parties and social media buttons. This General Privacy Notice does not cover the links within this site linking to other websites. If you use a link from the website to a third party website, Alfa Wassermann is not responsible for the content of those websites or the services of these social media platforms or their data processing. Nor is Alfa Wassermann responsible for the privacy policy and the use of cookies on those websites and social media platforms. We encourage you to read the privacy notices on the other websites or social media platforms you visit.

5. What do we use your personal data for?
We use your personal data for various purposes:
- Informing you of services and products. We use the data to inform you of Alfa Wassermann's products and services by arranging for meetings or calls, sending postal mails and e-mails to you, distributing product notifications, new product information and other important information, implement various campaigns, to respond to your requests.
- Deliver services. We use the data to deliver products to buyers.
- Customer support. We use the data (which can include your communications) needed to investigate, respond to and resolve demands, inquiries and complaints and service issues (e.g., bugs).
- Conduct tests and surveys. We use the data to conduct questionnaire surveys and services and products monitoring tests.
- Improving and securing our website. We use the data that we have about you to provide, support and make our services more relevant and useful to you and others.
- Preparing and analysing user statistics. We use the data to produce aggregate insights that do not identify you. For example, we may use your data to generate statistics about our website users and/or users of our products and services, the demographic distribution of visitors to our website and/or to analyse and improve the website. We may place cookies, please see our Cookie Policy for further details. It forms a part of this General Privacy Notice;
- Security and Investigations. We use your data if we think it's necessary for security purposes or to investigate possible fraud or other violations of this General Privacy Notice and/or attempts to harm our visitors.

6. Legal grounds for processing
The main legal grounds used by Alfa Wassermann are:
1. Consent: you will always have the right to withdraw any consent given to process personal data. Withdrawal of consent will not affect the lawfulness of processing before the withdrawal.
2. (Conclusion of) an agreement: we will process your personal data if and to the extent necessary to enter into or for the performance of a contract;
3. A legal obligation;
4. Your vital interests: in order to protect these, should the need arise; and/or
5. A legitimate interest: we may also process your personal data, if we have a legitimate interest and do not disproportionately infringe on your privacy.

7. Data retention
Your personal data will not be kept longer than necessary and will be deleted, as soon as reasonably possible in view of the purposes for processing your personal data (see par. 5), unless we have an ongoing legitimate reason to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) or in the situations described below

When we have no ongoing legitimate business need or no other legitimate reason to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives and/or it is technically impossible and/or economically impractical), we will securely store your personal data until deletion is possible.

If you have questions about, or need further information concerning, our data retention periods, please contact us, see under 12. "Questions".

8. Security
We take the security of your personal data seriously. We have put in place appropriate technical and organizational measures, including internal policies and controls, to:
- protect your information, for example to backup and protect the integrity of our electronic communications and data storage systems;
- limit access to your personal information to those employees, agents, contractors and other third parties on a need to know basis. They may only process your personal information on our instructions, they are subject to a duty of confidentiality and are obliged to keep it secure;
- prevent your personal information from being unauthorized or unlawful processing of personal data and against unintended access, loss or destruction of, or damage to, or unauthorized use of personal data; and
- deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

9. Sharing personal data with third parties
We sometimes need to share your personal data with third parties:
- Service providers. We may use service providers (processors) to help us provide our services (e.g., maintenance, analysis, audit, payments, fraud detection, marketing and development). They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated to not to disclose or use it for other purposes. The processors may solely process your personal data based on our instructions. For example, we work with service providers offering SaaS solutions (Software as a Service) or hosting services. We also hire IT service providers that provide support to the safe and stable operation of our systems. If we engage a third party to handle personal information, we shall perform a thorough background check on such third party and exercise proper supervision over such third party to ensure the safe management of personal information. We will conclude a data processor agreement with our data processors, which meets the requirements laid down in the GDPR.
- Legal disclosures. We may need to share your data when we believe it's required by law or to protect your and our rights and security. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary. We attempt to notify visitors about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority.
- Change in control or sale. We can also share your personal data as part of a sale, merger or change in control, or in preparation for any of these events. Any other entity which buys us or part of our business will have the right to continue to use your data, but only for the purposes and in the manner set out in this General Privacy Notice unless you notify the purchaser to the contrary.
- Commercial use. Your personal data will not be shared with third parties for commercial purposes.

10. Transfer outside the European Economic Area
We may need to transfer your personal data to parties located outside of the European Economic Area (EEA), for example our website is hosted in the USA. We shall only transfer personal data to parties outside the EEA if an adequate level of protection of the personal data is ensured or if specific safeguards are in place (for example by making use of EU standard contractual (data protection) clauses) or if a legal derogation or exemption applies.

11. What are your rights with regard to your personal data?
In accordance with the GDPR and applicable legislation and depending on the circumstances, you have rights with respect to:
- Consent: you can withdraw this. If you do not wish to receive any future communications or to have your name deleted from our mailing lists, you may follow the "unsubscribe" procedure included with our communication. In addition, you may e-mail us at [privacy@alfawassermannus.com];
- Information, access and rectification of your personal data: you have the right to receive information about the type and contents of the personal data that is stored or processed by Alfa Wassermann or by third parties and to request the correction of and/or change to any incorrect or incomplete personal data that is held;
- Erasure and restriction of personal data: under certain circumstances it is possible to request restriction of the processing or erasure your personal data;
- Objection: you can object the use of your personal data or request to limit their use;
- Data portability: you can request a copy of your personal data and the transfer thereof to another party.
- Profiling: you may the right to object to decisions made solely on automated processing, including profiling;
- Complaints: you may have the right to log a complaint with the supervisory authority, see under 12.1.
If you have any questions, please see under 10. "Questions" and we will assist you with the process.

12. Questions
If you have any questions related to this General Privacy Notice, please reach out to the (Acting) General Manager of Alfa Wassermann (rroelofs@alfawassermann.nl) or the General Counsel of Alfa Wassermann, Inc. (bhand@alfawassermannus.com).

13. Complaints?
1. If you have any complaints about how we handle your personal data or any indications of misuse, please contact us, see above under 12. We would be happy to help you find a solution.
2. You can also file a complaint with the Dutch Personal Data Protection Authority (https://autoriteitpersoonsgegevens.nl).

14. Changes
We keep our General Privacy Notice under regular review and therefore our General Privacy Notice may change from time to time, so please review this page of our website from time to time. If the changes are significant, we will provide a more prominent notice (including, for certain services, a website or email notification of changes). Your continued use of our website after we publish or send a notice about our changes to this General Privacy Notice means that you are consenting to the contents of the updated General Privacy Notice.

This General Privacy Notice was last updated on 5 July 2018.