Privacy
Privacy Policy – Oedipus Brewing
Last update: April 2019
Who are we and what do we do?
We are Oedipus Brewing B.V. (“Oedipus”). We produce and deliver special beers to cafés, restaurants, liquor stores and supermarkets throughout the Netherlands and also internationally. In the tasting room of the brewery we organize cultural events where we introduce our beers to a diverse group of people. With our team we further often attend national and international beer events. Besides that we organize our own festivals. You can find more information about our services on the website: oedipus.com(“Website”).
- What is this?
This is a Privacy Policy. In this document we explain which personal data we process via our Website and in case you contact us via one of our e-mail addresses. We also explain for which purposes we use the personal data, how we protect them and how we store them.
- Privacy and the Relevant Legislation
Your privacy is important to us. We comply with the new General Data Protection Regulation (“GDPR”), which legislation has replaced the various privacy laws in European member states as per 25 May 2018. This legislation will hereinafter be referred to as the “Relevant Legislation“.
- What are ‘personal data’?
Personal Data means all information that could be used to directly or indirectly identify you. This definition is in accordance with the Relevant Legislation.
- Our role as Data Controller
We collect and process the personal data in the context of our services. We determine the purposes and means of these processing activities. This means we act as “Data Controller” within the meaning of the Relevant Legislation.
- Which Personal Data do we process and for which purposes do we use them?
By providing our services, we receive Personal Data from you. These are mainly personal data that you send to us via one of the e-mail addresses on our Website.
We may process the following personal data for the purposes mentioned below:
Via messages sent to info@oedipus.com:
(Personal) data: | Purpose(s): | Legal basis: |
Your e-mail address and other (personal) data you share with us in your message. | We use these data to:
– Contact you about your message. |
We may process these personal data, because we have a legitimate interest to process these data. We need these data to contact you about your message. |
Orders via bestel@oedipus.com:
(Personal) data: | Purpose(s): | Legal basis: |
Contact information:
Your e-mail address and other contact information of the contact person (i.e. name, phone number, address and/or invoice address). |
We use these data to:
– Contact you about your message; – Keep contact with you about your order. |
We may process these personal data, because we need these personal data to perform our contract with you, i.e. to process and deliver your orders. |
Payment details of our clients:
Invoice details. |
We use these data to:
– handle, check and administer payments from our clients for their orders; – maintain our list of accounts receivable and outstanding invoices. |
We may process these personal data, because we need these personal data to perform our contract with you.
We are also obligated to share (some of) these date with the national tax authorities. |
Bookings via tasting@oedipus.com:
(Personal) data: | Purpose(s): | Legal basis: |
Contact information:
E-mail address and other contact information of the contact person (i.e. name, phone number, address and/or invoice address). |
We use these data to:
– Contact you about your message; – Book a tasting for you; – Keep in contact with you about your booking. |
We may process these personal data, because we need these data to perform our contract with you, i.e. to book a beer tasting and keep you updated about it. |
Payment details:
Invoice details. |
We use these data to:
– handle, check and administer payments from our clients for their orders; maintain our list of accounts receivable and outstanding invoices. |
We may process these personal data, because we need these personal data to perform our contract with you.
We are also obligated to share (some of) these date with the national tax authorities. |
Newsletters:
(Personal) data: | Purpose(s): | Legal basis: |
Your e-mail address. | We use these data to:
– Send you newsletters about our products and services. |
We may send newsletters to existing clients about similar products and services, because we have a legitimate interest to keep you updated about such products and services.
If you’re not an existing client, we will only send you a newsletter if you have given your consent for this by registering for our newsletter on the Website. You can always unsubscribe for the newsletter via the link at the bottom of each newsletter. |
Social media:
(Personal) data: | Purpose(s): | Legal basis: |
Information you make public, when you leave a comment or otherwise post something on our social media pages. | We use these data to:
– Contact you via our social media page; – Process your feedback left on our social media pages. |
We may process these personal data, because we have a legitimate interest to process these data and you voluntarily made public such information.
Our social media pages are also controlled by the social medium itself. Please check their own privacy policy’s, to see how each social medium handles your Personal Data: Instagram: Privacy Settings & Information Facebook: Data Policy Twitter: Privacy Policy |
- How long do we keep the personal data?
We store Personal Data for as long as we need it for the above purposes:
- Personal Data in our records for the tax authorities: This data is stored for seven (7) years, unless we are legally obliged to retain the data for a longer period;
- Personal Data of clients| This data is stored as long as we have a contract for our services which the client and for a maximum period of 6 months after, unless we are legally obliged to retain the data for a longer period;
- Other information: We store other Personal Data only for as long as necessary for the purposes. This means that other Personal Data will be deleted as soon as it is no longer necessary for the purposes for which we processed it.
- Do we share your Personal Data with others?
We use “Processors” to assist us in our Services. Within this context these Processors receive personal data from us which they process by our order. We use Processors, for instance, to host our e-mail and to store (Personal) Data. Our use of Processors is always in accordance with the Relevant Legislation.
Apart from the above, we will not share your Personal Data with third parties, unless we are legally obliged to do so.
- Export of data outside the European Union
- We may transmit personal data to parties outside the European Union, if one of our Processors is established outside the European Union. The Personal Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the European standards.
- The transmission of data outside the EU will always happen in conformity with the Relevant Legislation (chapter 5 of the GDPR).
- How do we protect the Personal Data?
We protect all personal data we process from unauthorized and unlawful access, change, disclosure, use and destruction. For instance, we take the following technical and organizational measures to protect the personal data:
- Internally, Personal Data is only available in a protected environment, which is only accessible by any employee with a password;
- (Personal) Data can only be accessed via a two-step verification;
- Our employees only have access to the data on a need-to-know basis;
- Our employees have their mobile devices, such as laptops, mobile phones and tablets, secured with a password;
- A back-up is made regularly of the protected environment containing (Personal) Data.
- Amendments to this Privacy Policy
We aim to constantly improve our Website and services. That is why from time to time we can update this Privacy Policy. If we change our Privacy Policy significantly, then we will state so on our Website together with the revised Privacy Policy.
- Your rights and our contact data
As laid down in the Relevant Legislation, you have the right to:
- Ask us to rectify or update your Personal Data;
- Ask us to remove your Personal Data from our systems;
- Ask us for a copy of the Personal Data we process of you. We can also transmit such copy to another data controller at your request;’
- Withdraw your consent to process your Personal Data. This only affects the processing activities that are based on your consent and does not affect the validity of such processing activities before you have withdrawn your consent;
- Object to the processing of your personal data;
- File a complaint with the Dutch Data Protection Authority, if you believe that we process your personal data unlawfully.
If you have any questions, comments or concerns regarding the manner in which we handle your personal data, please contact us through the contact data below:
Oedipus Brewing B.V.
Gedempt Hamerkanaal 85
1021 KP Amsterdam
T: 020 2441673
W: oedipus.com
KvK-nummer: 62369512