Privacy Policy according General Data Protection Regulation (GDPR)

Privacy and Cookie statement

This Privacy and Cookie Statement applies to SMIT Thermal Solutions B.V., and its affiliates (to the extent that they perform – jointly or not – the same processing activities), hereafter “SMIT”.

We set great store by the protection of your privacy. We therefore handle your personal data with the utmost care. In this Privacy and Cookie Statement we will inform you about the manner in which we handle your personal data. It applies to the processing of personal data of our customers, suppliers and interested parties, as well as their employees, and of visitors to our website https://www.smitthermalsolutions.com/.

What personal data do we process?

We process your personal data, for instance, in relation to the offering of goods or services. The personal data that we may collect include:

  • name
  • (business) contact details, such as email address and phone number
  • location information via Google Maps

When do we process your personal data?

We process your personal data in the following cases:

  • When processing is necessary for the performance of a contract or prior to entering into a contract

We may process your personal data when it is necessary for the performance of a contract or prior to entering into a contract. Such processing takes place for at least one of the following purposes:

  • taking and processing orders, including delivery of goods
  • invoicing and possible actions to recover a debt
  • When processing is necessary for the purposes of our legitimate interests

We may process your personal data when the processing is necessary for the purposes of our legitimate interests, for instance:

  • maintaining a customer database
  • to handle or resolve disputes

We will always weigh our legitimate interest against your privacy interest in this processing. Processing on this basis takes place only if our legitimate interest overrides yours.

  • When processing is necessary for compliance with a legal obligation

We may process your personal data when it is necessary for compliance with a legal obligation, such as complying with tax laws when processing your order.

  • Consent

We may process your personal data on the basis of your consent. If the processing is based on consent, you may withdraw that consent at any time. You may do so by contacting us using the contact details at the bottom of this page.

If you do not provide us with certain data (despite a request to that effect) or if you withdraw your consent, we may not be able to perform an agreement entered into with you or we may not be able to comply with our legal obligations. We will of course inform you in good time in that case.

To whom do we disclose your personal data?

We may disclose your personal data to third parties. That will always be done in accordance with this Privacy and Cookie Statement and with the applicable laws and regulations. We will ensure that that is done correctly.

We may disclose your data to the following recipients:

  • a hosting service engaged by us
  • a cloud service for data storage
  • a service provider for developing and maintaining our applications and platforms
  • a supported service provider for sending marketing messages and optimising the website
  • carriers of our products
  • public authorities that have the right and authority to do so
  • external advisors (such as tax and legal advisors)

We have opted to name categories of recipients rather than individual companies, to avoid the need to frequently update this Privacy and Cookie Statement. Please contact us if you wish to receive more information on the specific recipients of your personal data.

How do we handle the transfer of your personal data to parties outside the EEA?

We and our data processors primarily process your personal data on secure servers located within the European Economic Area (“EEA”). However, it is possible that your personal data will be processed outside the EEA. In both cases we and our data processors have provided safeguards in accordance with European and Dutch privacy laws to process your personal data in a lawful manner.

In light of the continuous developments regarding the appropriate safeguards for international transfer of personal data, the safeguards provided by recipients may be subject to changes. We therefore refer to the privacy statements of those recipients for up-to-date information on the safeguards.

The following parties may process data outside the EEA:

Please contact us for further information on our specific safeguards when transferring your personal data outside the EEA.

How long do we store your personal data?

We do not store your personal data any longer than is necessary for the purpose for which they were collected and processed. Our storage periods are based on the following factors:

the scope, nature and sensitivity of the personal data

the potential damage as a result of unauthorised use or unauthorised disclosure of your personal data

the purposes for which we process your personal data

the possibilities of achieving those purposes in another manner

the applicable legal requirements

Data that must be stored for tax reasons are deleted after seven years.

How are your personal data protected?

We take all reasonable organisational and technical security measures to secure your personal data and protect them against loss, improper use and other unlawful processing. These security measures are described in our Baseline Security Document. This document, including the mitigation measures listed in it, is constantly evolving. In any case, we apply the following security measures:

  • password and access code via an authenticator
  • access to certain files on a need-to-know basis
  • splitting of authorisation into read access and user rights

Please contact us for further information on our current security measures.

What are your rights regarding your personal data?

You have the right to request access to your personal data. If you file such a request, we will provide you with a list of all your personal data in our possession, unless that is impossible due to overriding third-party interests.

You may furthermore request us:

to rectify or complete your personal data if you suspect that they contain inaccuracies or have been processed incorrectly

  • to erasure your personal data if you withdraw your consent, the data is no longer necessary or has been incorrectly processed

to restrict or object to the processing of personal data

to transmit your personal data to another controller

A request may be submitted in writing, by e-mail or by post, using the contact details at the bottom of this page. We may then request you to provide additional information in order to verify your identity. In accordance with the law, we will process the requests within one month after receiving them. We will then inform you whether we will comply with the request or of the reasons, if any, for rejecting it.

What should you do if you have a complaint about the way we handle your personal data?

If you have a complaint or a question about the way we handle your privacy, you may contact us. Please provide us with as much relevant information as possible about your complaint or question.

We will consider your complaints and questions and respond to them within four weeks. We will make every effort to be of service to you. If you are nevertheless dissatisfied with the handling of your complaint, you may contact the supervisory authority (the Dutch Data Protection Authority) and file a complaint there if you wish.

How do you contact us?

If you have any questions about this Privacy and Cookie Statement or about the way we handle your privacy, you can reach us in the following ways:

By telephone:

+31 40 2581500

Per e-mail:

info@smit-ts.nl

Per post:

Smit Thermal Solutions B.V.

Luchthavenweg 10

5657 EB Eindhoven

Amendments to this Privacy and Cookie Statement

We reserve the right to amend this Privacy and Cookie Statement from time to time by placing a new version on our website. In the event of significant changes, we will of course inform you in advance.

This Privacy and Cookie Statement was most recently updated in June 2023.