- Introduction
Welcome to Branded Bakery, the premiere destination for high-quality cupcakes, caramel waffles, brownies, macarons, biscuits, and donuts. This Privacy Policy is designed to inform you about how we collect, use, store, and protect the personal information of our customers and website visitors. As a business operating in the Netherlands, we are committed to complying with the General Data Protection Regulation (GDPR) and any applicable local privacy laws. Our policy is crafted to ensure transparency and empower you with choices about your personal data.
- Who We Are
Branded Bakery, a culinary delight based in the Netherlands, specializes in crafting high-quality cupcakes, caramel waffles, brownies, macarons, biscuits, and donuts. Our website, www.brandedbakery.nl, serves as a platform for our customers to explore our offerings and engage with our services. For any questions or concerns regarding your privacy and data protection, please contact us at privacy@brandedbakery.nl. We are dedicated to addressing your inquiries promptly and effectively.
- What Personal Data We Collect
To provide you with our services and a personalized experience, we collect various types of personal data, including but not limited to:
- Identity Information: Such as your name, username, or similar identifier.
- Contact Data: Including your billing address, delivery address, email address, and telephone numbers.
- Transaction Data: Details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data: Information about how you access and use our website, including your IP address, browser type, and version, time zone setting and location, browser plug-in types and versions, operating system, and platform.
- Usage Data: Information about how you use our website, products, and services.
- Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties, along with your communication preferences.
This data helps us to improve our services, fulfill your orders, and comply with our legal obligations.
- How We Collect Data
Our data collection methods include:
- Direct interactions: You may provide us data by filling in forms on our site or by communicating with us via post, phone, email, or otherwise.
- Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data and Usage Data. We collect this data by using cookies, server logs, and other similar technologies.
- Third parties or publicly available sources: We might receive personal data about you from various third parties and public sources as set out below.
- Use of Collected Data
We use your personal data to:
- Fulfill our contract with you: Including processing and delivery of your orders.
- Improve our website and services: By analyzing how our services are used and how effective our marketing campaigns are, and identifying usage trends.
- Communicate effectively: Providing you with information, products, or services that you request from us or which we feel may interest you.
- Compliance and prevention of fraud: To meet our legal compliance requirements and for the purposes of fraud prevention and protection.
- Legal Basis for Processing
Our legal basis for processing your personal data includes:
- Contract performance: Processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Legal compliance: Processing your data where it is necessary for compliance with a legal obligation that we are subject to.
- Legitimate interests: Processing for the purposes of our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests.
- Consent: Specifically for certain types of processing such as certain marketing activities.
- Data Sharing and Disclosure
We may have to share your personal data with the parties set out below for the purposes outlined in section 5:
- Service providers: Acting as processors based who provide IT and system administration services.
- Professional advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
- Regulatory and government bodies: Authorities requiring reporting of processing activities in certain circumstances.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
- Data Transfer Outside the EU
We may transfer, store, and process your data outside the European Economic Area (EEA) under certain conditions. When we do, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- Transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track the activity on our website and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. You have the option to accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of our service. Our Cookie Policy provides detailed information about the types of cookies we use, their purposes, and how you can manage your preferences.
- Data Subject Rights
Under GDPR, you have rights regarding your personal data, including:
- The right to access your personal data.
- The right to have your data corrected or erased.
- The right to object to processing and the right to data portability.
- The right to withdraw consent at any time where we are relying on consent to process your personal data.
- The right to lodge a complaint with a supervisory authority. We provide mechanisms for you to exercise these rights easily.
- Data Retention Policy
We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies. The retention period for personal data varies depending on the type of data and the purposes for which we process it.
- Security Measures
The security of your data is paramount to us. We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. Despite our efforts, no method of transmission over the Internet or method of electronic storage is 100% secure; therefore, we cannot guarantee its absolute security.
- Protection of Minor’s Information
Our website and services are directed to people who are at least 16 years old or older. We do not knowingly engage in the collection of personal information from individuals under the age of 16 without obtaining parental consent. Should we learn that such information has been collected without verifiable parental consent, we will take the necessary steps to delete the information.
- Third-Party Links and Services
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
- Changes to Our Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
- Your Consent
By using our site, you consent to our website’s privacy policy. If you do not agree to the policy, please do not use our site. Submitting your personal information is not mandatory, but it may affect your ability to use certain services or features.
- How to Contact Us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at privacy@brandedbakery.nl. Our dedicated team is committed to ensuring your queries and concerns are addressed.
- Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third-party data processors to all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
- International Data Transfers
For international data transfers from the European Union to countries not deemed by the European Commission to provide an adequate level of personal data protection, we implement specific contracts approved by the European Commission that give personal data the same protection it has in Europe.
- Automated Decision Making and Profiling
We do not use your personal data for the purposes of automated decision-making. However, we may use it to analyze and improve the user experience on our website, which includes providing you with personalized services and content based on your usage patterns.
- Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of the Netherlands. Any disputes relating to this policy will be resolved through the Dutch legal system, acknowledging the applicability of certain EU regulations, including GDPR, to our operations.
- Processing Activities Record
In compliance with GDPR, we maintain a record of processing activities under our responsibility. This record contains all the necessary information about the personal data processing activities, reflecting our commitment to transparency and accountability.
- Data Protection Impact Assessment
For processing activities that are likely to result in a high risk to the rights and freedoms of individuals, we conduct Data Protection Impact Assessments (DPIAs). These assessments help us to identify, understand, and mitigate any risks associated with personal data processing.
- Cooperation with Supervisory Authorities
We commit to cooperate fully with the relevant supervisory authorities, specifically the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), in any inquiries, advice requests, or investigations related to our data processing activities or compliance with GDPR.
- Notification of Privacy Policy Changes
Should there be any changes to our privacy practices or this policy, we will update this document to reflect those changes and ensure you are informed of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
- Consent Management
We provide clear mechanisms for you to manage your consent preferences regarding the use of your personal data, including how to withdraw your consent. This is part of our commitment to ensure you have control over your personal information.
- Contacting the Regulator
If you feel that your concerns have not been adequately addressed by us, you have the right to contact and file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your respective EU national supervisory authority.
- Version Control and Policy Review
This privacy policy is subject to regular review and updates. Each version is dated and archived, allowing users to access previous versions for reference. This ensures our privacy policy remains up-to-date with legal requirements and best practices.
- Data Protection Officer (DPO) Contact Information
For any inquiries related to your personal data, exercising your rights, or any other questions related to privacy and data protection, you can contact our Data Protection Officer (DPO) directly at privacy@brandedbakery.nl.
- Final Statement
At Branded Bakery, we are dedicated to protecting your privacy and ensuring the security of your personal data. We appreciate your trust in us and commit to continuous improvement of our privacy and data protection practices.