Privacy Policy
Keep protection
1. Introduction
We are pleased about your visit to our website and your interest in Benma B.V. The protection of your personal data is of particular importance to us. In this Privacy Policy we inform you about the nature, scope and purpose of the processing of personal data as well as about your rights under the General Data Protection Regulation (GDPR).
2. Controller
Benma BV
Graafstroomstraat 71
3044 AP, Rotterdam,
Netherlands
Telephone: +31 68 568 3915
E-Mail: systems@benmabv.nl
3. Data Protection Officer
External Data Protection Officer:
Julia Großklaus
E-Mail: data@benmabv.nl
4. Definitions (Art. 4 GDPR)
Personal data: all information relating to an identified or identifiable natural person (Art. 4(1) GDPR).
Data subject: any identified or identifiable natural person whose personal data are processed (Art. 4(1) GDPR).
Processing: any operation or set of operations performed on personal data, whether or not by automated means (collection, recording, organization, storage, adaptation/alteration, retrieval, consultation, use, disclosure, alignment, restriction, erasure, destruction; Art. 4(2) GDPR).
Restriction of processing: the marking of stored personal data with the aim of limiting their future processing (Art. 4(3) GDPR).
Profiling: any form of automated processing of personal data intended to evaluate certain personal aspects (Art. 4(4) GDPR).
Pseudonymisation: the processing of personal data in such a way that they can no longer be attributed to a specific data subject without additional information (Art. 4(5) GDPR).
Controller: the natural or legal person, authority, institution or other body that determines the purposes and means of processing (Art. 4(7) GDPR).
Representative: as defined in Art. 27 GDPR, a person in the EU/EEA designated in writing by a controller or processor outside the EU/EEA to act as the contact point for supervisory authorities and data subjects. For controllers established in the EU/EEA – such as Benma – designation of a representative is not required.
Processor: a person who processes personal data on behalf of the controller (Art. 4(8) GDPR).
Recipient: a person to whom personal data are disclosed (Art. 4(9) GDPR).
Third party: a person other than the data subject, controller, processor or persons authorized to process personal data (Art. 4(10) GDPR).
Consent: any freely given, specific, informed and unambiguous indication of the data subject’s wishes (Art. 4(11) GDPR).
5. Processing of Personal Data
5.1 Visiting the Website
When you access our website, information is automatically transmitted by your browser to our server (in particular IP address, date/time of access, name of the retrieved file, referrer URL, browser type/version, operating system, access provider). This information is temporarily stored in log files.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stability and security). Storage period: maximum 14 days.
5.2 Contact
When contacting us by email or via a contact form, we process the data you provide (e.g. name, email address, message text) to handle your request.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures/contract performance) or Art. 6(1)(f) GDPR (legitimate interest in communication).
5.3 Application Procedures
Applications are received and processed via an external service provider. The processing takes place on the basis of a Data Processing Agreement pursuant to Art. 28 GDPR. Storage period: six months after completion of the application procedure, unless statutory retention obligations prohibit otherwise.
5.4 Contractual and Business Relationships
In the context of contractual relationships, we process data of customers, suppliers and other business partners (e.g. contact data, contractual and billing data).
Legal basis: Art. 6(1)(b) and (c) GDPR.
6. Cookies
Our website uses cookies to enable certain functions and to optimize use. Technically necessary cookies are required for operation. Other, optional cookies (e.g. for analytics or functionality) are only set with your consent (Art. 6(1)(a) GDPR in conjunction with Section 25(1) TDDDG). You can withdraw your consent at any time via the cookie consent banner or delete/block cookies in your browser.
7. Recipients of Personal Data
Personal data are disclosed only insofar as this is necessary for contract performance, communication or due to legal obligations. Possible recipients: IT service providers/hosting providers (processors within the meaning of Art. 28 GDPR) as well as authorities/public bodies when legally required. Data are not disclosed for other purposes.
8. Data Transfer to Third Countries
An transfer of personal data to countries outside the European Union (third countries) generally does not take place. Should it be necessary in individual cases, it will be carried out exclusively on the basis of an adequacy decision by the European Commission or by using EU Standard Contractual Clauses.
9. Data Security
We implement appropriate technical and organizational measures (TOMs) to protect personal data against loss, manipulation, unauthorized access and misuse. Our measures are regularly reviewed and adapted to the state of the art.
10. Storage Period
Personal data are deleted once the purpose of processing no longer applies and no statutory retention obligations exist. Examples: log files maximum 14 days; application documents 6 months; contractual and billing data after expiration of statutory retention periods.
11. Rights of Data Subjects
You have the right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to processing (Art. 21 GDPR). Consents can be withdrawn at any time with effect for the future (Art. 7(3) GDPR). To exercise your rights, an informal notification to data@benmabv.nl is sufficient.
13. Obligation to Provide Data
For the conclusion and performance of contracts as well as for applications, the provision of certain personal data is required. For merely visiting our website, there is no obligation to provide data.
14. Automated Decision-Making / Profiling
No automated decision-making including profiling takes place.