2 Why do we process personal data?
3 Which data do we collect?
4 How do we obtain personal data?
5 How long do we keep personal data?
6 Do we make personal data available to third parties?
7 What rights do you have as a data subject?
8 How do we protect personal data?
9 Which cookies does our website use?
10 What is profiling?
11 How can you contact us?
Via the services of Coney Assurance bv, its trade name Coney Minds, and its affiliates (hereinafter “Coney Minds” or “we”), privacy-sensitive data (hereinafter “personal data” or “data”) are processed. By processing we mean all the use of your personal data, such as storing, adjusting, forwarding or (partially) deleting these data. We process personal data, for example, because you use our services via the website. The controller is Coney Minds, located at Van Nelleweg 1212, 3044 BC Rotterdam. You can ask privacy questions via email@example.com.
The affiliated companies of Coney Minds are:
We think it is important that your data is handled carefully and ensure that the personal information you provide is treated confidentially. In this statement we will let you know what personal information we collect, why we collect this information and what we do with it.
We use your data for the following purposes:
We will not use your data for purposes other than those described above.
We may use the following information for the purposes mentioned in this policy:
It is not that we always use all of your data. Often this is only limited to a number of the above types of data. The data we use depends on the purpose for which we process the data (see also ‘2 Why do we process personal data?’), such as requesting a name, email address and telephone number when filling out the contact form on our website. This information is used to contact you at your request.
We have consciously chosen not to use special personal data such as race, ethnic origin, political opinions, religious convictions, trade union membership, orientation, health or criminal data. Some of the above types of data can be seen as sensitive data, for example location data. We also combine the above data to build up personal profiles of you so that we can show you targeted content and make personalized offers (see also: ’10 what is profilling?)Because these sensitive data may have an impact on your privacy, we try to handle these with extra care.
The main way we obtain data is to ask for it from you. You can choose to provide us with this information or you can choose not to do so. For example, the data that you enter on our website. For some (additional) services it is mandatory to provide certain data before you can use these services. For example your name and email address when registering an account. When entering personal data, we indicate which data are necessary and which can be provided optionally.
In addition, there are also data that we obtain automatically. For example the detailed (technical) data about the browser you use. This information is obtained by us through cookies and similar techniques. See also ‘9 Which cookies does our website use?’ and t’9. Profiling’.
We strive not to store personal data any longer than strictly necessary for the data processing purposes. There is no simple answer to the question as to what storage term would apply to all sorts of data. We store your data for at least as long as you use our services. We will remove your data when an applicable amount of time has passed after the moment storage doesn’t seem to serve the original processing purpose anymore. An exception to this occurs in case the law demands we hold on to certain data for a longer period of time. For example, for payment data Dutch Tax Law requires us to keep this data for a period of 7 years.
When processing your personal data we sometimes use third parties that occasionally get access to your data. If possible, we require these third parties to act in the capacity of processor. This means that we determine the purpose and means for the specific processing operations and that the processor is only allowed to handle your data in accordance with our instructions and our (security) standards. We manage these agreements with each processor in so-called processor agreements.
Furthermore, we will only make personal data available to third parties if we have your permission or if we are required to do so on the basis of applicable law and regulations. The latter can, for example, be the case when audited by the tax authorities, the FIOD or the AFM, organizations that have a legal power of investigation.
You have the right to view, correct, take with you or remove your personal data. You also have the right to object to the processing. Finally, we would like to point out the right to file a complaint with the Dutch Data Protection Authority.
We strive to ensure that you can exercise these rights yourself as much as possible. For example, in our newsletters the possibility is given to state (‘register resistance’) that you no longer wish to receive future messages.
You can also, at any time, request us to review, correct or delete your data. You can do so by sending an email to firstname.lastname@example.org. Specify to which personal data your request applies as much as possible in your request and, if possible, provide proof that it actually is your personal data. We strive to respond to your request within four weeks.’
We handle personal data with care and do our utmost to protect it to the best of our abilities. We do so by taking organizational and technical security measures that, in view of the current technical standards, prevent someone from gaining unauthorized access to the data, being able to adapt it, disclose it or ensure that the data is lost.
If we use so-called processors, we commit them to handle your data according to our instructions and our (security) standards. See also ‘6 Do we make personal data available to third parties?’
If despite our efforts a security incident with personal data (data leak) occurs, we will take the necessary measures to prevent damage. As required by law, a data breach that can have serious consequences is reported to the Dutch Data Protection Authority and to the relevant stakeholder(s).
We can use profiling on our website. Profiling means: collecting, analyzing and combining (personal) data with the goal of allocating you into a certain (interest) category. To build profiles, the profiling algorithm can theoretically include all kinds of relevant data that are listed in ‘3 What data do we collect?’. See: ‘4 How do we obtain personal data?’ And ‘9 Which cookies does our website use?’ for more information about how the data is obtained.
After obtaining the data, automatic analyses are performed for us to assign certain (interest) categories to you in your profile. These are called taxonomies. We have consciously excluded categories that could be seen as vital personal data. The importance of profiling is that we can deduct from the profile and related interests in which content you may be interested and which products or services would suit you best.
Profiling can have an impact on your privacy. For example if false (interest) categories are linked to you on the basis of incorrect or outdated data. If you believe that this is the case, please contact email@example.com.
If you have any questions, comments or complaints regarding the way we handle your personal data, please contact us via firstname.lastname@example.org. You can also send us a letter at the following address:
Coney Assurance bv
Van Nelleweg 1212
3044 BC Rotterdam
Last change: 13-01-2022