This privacy statement has been written for customers, suppliers and applicants.
Mayfran Limburg B.V. and Mayfran International (from now on: Mayfran) processes your personal data carefully, safely and confidentially. It is important to us that you have confidence in our organisation, which is why we are committed to protecting your privacy. The rules on protecting your privacy are set out in the General Data Protection Regulation, and the Dutch Data Protection Authority monitors organisations for their compliance with this law. Mayfran acts within the framework of the law.
Privacy Statement Structure
This document explains which personal data we process and for which purposes we do this. It also clarifies the services for which we process the data and the legal basis for doing so. The sharing of data with other parties is highlighted, as is the processing of personal data outside the EU. Moreover, the security of personal data is addressed, along with how retention periods are dealt with. Finally, there is a section on your rights and how to file a complaint or contact Mayfran.
Who is the data controller?
Mayfran, situated at Landgraaf (The Netherlands) is the data controller for the processing of personal data.
Mayfran has a privacy officer. He can be reached via firstname.lastname@example.org.
What are personal data?
Personal data are all data which can be traced back to an individual. Examples of this are your name, address, telephone number and account number; photos and biometric data are also personal data.
Are you obliged to provide personal data?
In some instances, we may be required by law to retain or provide certain personal information about you, for example to the tax authorities.
In many cases, it is necessary to use a number of your personal details in order to be able to offer you the service or product you are purchasing from us. In that case, the use of your data is necessary for the contract or the pre-contractual phase.
In these instances, you are required to provide us with personal data because otherwise, we could not meet our legal and/or contractual obligations.
Data collected by others?
Mayfran does not collect data provided by third parties. The only data we process are those which we receive from the data subjects themselves.
Which categories of personal data do we use?
For the sake of simplicity, personal data can be divided into categories. We can use the following categories of your personal data:
Category of personal data
Personal identification data
Name, title, adress (private, work), phone number (private, work), e-mail adress (private, work).
Age, gender, date of birth, place of birth, marital status, nationality.
What do we use your data for?
We use the personal data mentioned below for the purposes outlined below:
- Delivering and improving our services;
- Recruitment and selection of new employees;
- Managing customer relations;
- Sales and marketing.
On what legal grounds do we use your data?
Personal data may only be used if there are good reasons for this. Mayfran uses your personal data mainly on the basis of 'necessary for the performance of a contract' and 'necessary for the purposes of the legitimate interest'. This means that we process your personal data because it is necessary for the performance of a contract between you and Mayfran, or for the purposes of a legitimate interest.
Existence of automated individual decision-making
Mayfran doest not make use of automated individual decision-making because it is not necessary for our services. This means that Mayfran does not do profiling, for example.
Do we share the data with other parties?
We do not share the (personal) data you provide with other parties unless it is necessary in the context of the implementation of an agreement or to comply with a legal obligation.
Will your data be transferred outside the EU?
Mayfran’s starting point is only to process personal data within the EU. Because the GDPR is applicable within the EU, it thereby, in principle, always ensures an adequate level of protection. But it is possible that your data may be brought outside the EU, for example when sharing with procesessors outside the EU. Mayfran is responsible for ensuring an adequate level of protection and compliance with the GDPR.
How do we secure your data?
Because the security of personal data is very important, Mayfran has ensured we have various appropriate technical and organisational measures in place to make sure that the personal data cannot be misused or otherwise end up in the hands of the wrong person. We assure you that if we transfer your personal data to other organisations, such as processors, these organisations adhere to the same standards.
How long to we retain your data?
We do not retain your data for longer than is necessary to achieve the purposes stated in this privacy statement.
What are your rights?
Mayfran considers it important that you are able to exercise the rights you are granted by law. Therefore, it is very easy to contact us via email@example.com.
You can exercise the following rights:
- The right of inspection: you have the right to inspect any of your personal data that we process.
- The right of rectification: if the personal data we process about you is incorrect, you have the right to have it corrected.
- The right to erasure: if we no longer need your personal data for the purpose for which we received them, you have the right to ask us to delete them. There are a number of exceptions to this, such as our obligation to retain certain data for tax authorities.
- The right to restriction of processing: during the time in which we are in the process of determining whether your data should be rectified, determining the (un)lawfulness of data processing, determining whether data have to be deleted, or if you have lodged an objection to its processing, you have the right to request the restriction of its processing.
- The right to data portability: upon your request, we must transfer any personal data we have about you to you or to any other organisation of your choice. You can only exercise this right if the data is processed on the basis of consent or agreement.
- The right to object: if we process data on the grounds of legitimate or public interest, it is possible to object, after which a weighing of interests will follow. In the case of direct marketing, you always have the right to object.
Filing a complaint with the competent authority: the Dutch Data Protection Authority
Mayfran believes it is important to have satisfied customers. Even when we do everything we can to achieve this, it could be that you are not satisfied. If this concerns the protection of personal data, it is possible to lodge a complaint with the Personal Data Protection Authority. You can do this via:
How to contact us?
If you have any questions, comments or complaints concerning your privacy and how we safeguard it, you can contact us via firstname.lastname@example.org.