ElevatorCards.com is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We recognize our obligations in updating and expanding this program to meet the demands of the GDPR and the Dutch Data Protection Act.
Principles for Processing Personal Data
Our principles for processing personal data under the GDPR are:
- Lawfulness, Fairness, and Transparency: Data is processed legally, fairly, and transparently.
- Purpose Limitation: Data is collected for specific, explicit, and legitimate purposes.
- Data Minimization: We only collect the data that is necessary for the purposes stated.
- Accuracy: We ensure personal data is accurate and up-to-date.
- Storage Limitation: We will not store personal data longer than necessary.
- Integrity and Confidentiality: We ensure that personal data is kept secure.
Rights of the Data Subject
The GDPR provides the following rights for individuals, which our company respects and adheres to:
- The right to be informed about how personal data is used.
- The right to access one’s personal data.
- The right to rectify inaccurate data.
- The right to erase data (“right to be forgotten”).
- The right to restrict processing.
- The right to data portability.
- The right to object to the use of data.
- Rights in relation to automated decision-making and profiling.
Data Subject Access Requests (DSARs)
We ensure that individuals can enforce their data protection rights through data subject access requests (DSARs) to ElevatorCards.com. We provide individuals with tools to access, update, or to delete their personal data that we process.
Data Protection Measures
ElevatorCards.com has implemented appropriate technical and organizational security measures designed to protect personal data against unauthorized processing and against accidental loss, destruction, or damage. We perform regular audits and reviews of our data protection policies and procedures to ensure they meet the standards set by the GDPR.
Data Breach Notification
We have procedures in place to detect, report, and investigate personal data breaches. In the unlikely event that a situation arises where personal data has been compromised, we will notify competent supervisory authorities and, if applicable, affected individuals without undue delay.
Changes to This Statement
We may update our GDPR Compliance Statement from time to time by posting a new version on our website. We will provide notice of significant changes through our website or through other means, such as email.
Contact Us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@elevatorcards.com using the details provided below:
ElevatorCards.com
Ediosnstraat 51, 5621HK Eindhoven
The Netherlands