Privacy policy

Introduction

  1. This is the privacy statement of the webshop “Babylatte”, a trade name of the private limited company Babylatte.

Postal address:           
Ambachtsweg 85, 2641 KW, Pijnacker, Netherlands
Chamber of Commerce number:                               
8605554
Email address:                                 
klantenservice@babylatte.nl
The website:                                   
https://www.babylatte.nl
Telephone number:                        
+31 (0)15 2024380

  1. This privacy statement is on our website and is available for download.
  2. Babylatte attaches great importance to privacy and therefore considers it essential that the personal data collected and processed by Babylatte is protected as well as possible.
  3. In this privacy statement, we would like to explain which personal data we collect from you through our contacts with you and through our products. We also explain how we collect the data, what we use the personal data for, with whom we share the personal data, how long we retain personal data, how you can view and adjust the personal data we store, how your personal data is secured with us, and which cookies we use.

How do we receive and collect personal data?
Certain personal data you actively provide to us, for example by creating a customer account on our website, in correspondence, and by phone. Some personal data are collected automatically and other personal data we receive from external sources.

The table below shows how we receive and collect personal data.

Which categories of personal data are processed by us and what is the purpose of that processing? 
In addition to business data (such as company name, address, postal code, city, Chamber of Commerce number, company phone number, bank details), we collect and process various personal data for different purposes.

 The table below indicates which categories of data are processed by us and for what purpose.

How does Babylatte receive the data?

These data belong to:

Categories of Personal Data:

Purpose of processing:

By visiting our website

Website visitor or customer

IP address

To inform you about our products, offer you the possibility to order our products and/or create a customer account, to download information.

By placing an order on our website

Customer

First name, last name,

email address, delivery address (optional: baby's name)

To deliver the ordered products to you, execute the purchase agreement, handle the payment, process your order, and inform you about its progress.

By creating a customer account

Customer

Name, email address, delivery address, phone number, overview of ordered products

To register and store orders, to be able to place subsequent orders faster.

Download buttons on our website

Website visitor

Name, email address

To send you a download if you have requested it via our website.

Via the contact form on our website, or by phone, email, or correspondence

Everyone

Name, (mobile) phone number, email address (optional: your address)

To respond when you submit a request, question, or complaint to us.

If you are logged in to a third-party service (such as Meta or Google) and you visit our website

Website visitor

The published information provided by you

For linking the information you want to share.

If you leave a review on the website of Webwinkelkeur

Customer

Name, city of residence, and email address (email address will not be published)

To be able to post the review. The data is processed by Webwinkelkeurshared with us so that we can link the review to your order.

If you subscribe to our newsletter

Website visitor

Name and email address

To send you the newsletter, including discount codes.

When redeeming a discount code

Every newsletter reader

Name and email address

To allow you to use the discount offered by Babylatte on the order.

  
Special personal data

  1. Our website and/or service does not intend to collect special personal data or data about website visitors under 16 years old without their parents' or guardians' consent.
  2. However, we cannot verify whether a website visitor is older than 16. We therefore advise parents to be involved in their children's online activities to prevent data about children from being collected without parental consent.
  3. If you are convinced that we have collected personal data about a minor without that consent, please contact us via the contact address above, and we will remove this information.

Basis of the processing

  1. We may only process personal data if there is a legal basis. Which basis applies depends on the data we use and what we use it for.
  2. In our processing register, we have listed the applicable basis(es) for each processing.
  3. At least one of these situations always applies:
  • The use of personal data is necessary for the performance of a contract. This can be a contract between you and Babylatte or to be able to do something at your request to conclude a contract.
  • There is consent for the use of personal data. We have explicitly asked you for permission.
  • There is a legal obligation to use the personal data.
  • The use of personal data is necessary for the protection of our legitimate interest.

Cookies

  1. We use cookies and trackers. Cookies are small files that our website places on the device (for example, computer, tablet, or phone) of a website visitor. This allows us to recognize the website visitor (and/or your device) on a subsequent visit.
  2. Cookies can collect or store information about the website visit or about the (device of the) website visitor. We also record information for the purpose of compiling usage statistics and for the security of our website.
  3. The data collected through cookies and trackers is used to get a better understanding of our website visitors and to develop and tailor our services and website to their personal preferences.
  4. We use the web analytics services Google Analytics and Meta Pixel Analytics. These services use cookies to help us analyze how visitors use the website. This means that with the help of the software, combined with the cookies, we keep track of how many visitors the website gets and which pages are viewed the most. This allows us to improve the content and quality of our website.
  5. We have taken measures to protect your privacy in connection with the use of Google Analytics and Meta Pixel Analytics. This way, we have agreements with both Google as with Meta a processor agreement has been concluded. In it, we have agreed, among other things, that they only use the collected information and statistics for the benefit of our website and not for their own purposes. Additionally, we have configured the software so that the last part of your IP address is removed before the IP address is processed by Google or Meta is stored. This further limits the risks to your privacy.
  6. To make optimal use of the functionalities of our website, we advise you to configure your internet browser to accept cookies.
  7. We ask the website visitor in advance to give us permission to place cookies.
  8. Any cookies placed can be deleted immediately after your visit to our website. Please consult the privacy or settings menu of your internet browser.
  9. By disabling or refusing cookies, you may not be able to use all the features of our website.

Provision to third parties
With whom can the personal data be shared?

  1. We only provide your data to third parties if this is necessary for the execution of our agreement or to comply with a legal obligation.
  2. With companies that process your data on behalf of Babylatte, we have concluded a processor agreement to ensure the same level of security and confidentiality of personal data. We record these processor agreements in our processing register. We remain responsible ourselves for the processing of the provided personal data.
  3. For marketing purposes, we use external marketing parties. We only accept data that they have demonstrably obtained after explicit consent from the data subject.
  4. Personal data may be shared with:
  • The companies contracted by us, such as the marketing company, the IT company (web hosting), webshop software, administration and accounting, the parcel delivery service (carrier), the email service provider, and the external payment services and sales channels;
  • The social media companies, if you use them.
  1. Further information about this can be found later in this privacy statement.

Transfer of personal data to countries outside the EEA.

  1. In principle, we do not transfer personal data outside the Netherlands or the European Economic Area (EEA).
  2. If we do transfer personal data outside the Netherlands or the EEA, we will only do so to the extent permitted by law. This means that we require those processors to maintain an appropriate level of protection and to implement the European model contract clauses.
  3. For technical and operational reasons, it may also be necessary to transfer your personal data (to servers in) to other countries where privacy protection regulations may offer less protection than in the EEA. Even in that case, we will always take appropriate measures to ensure that your personal data is protected as well as possible.

Shipping and logistics

  1. When you place an order with us, it is our responsibility to have your package delivered to you. We use the services of the carrier DHL for the execution of deliveries. It is necessary for us to share your name, (delivery) address, and place of residence data with the carrier.
  2. The carrier uses this data only for the purpose of executing the agreement. In case they engage subcontractors, they also provide your data to these parties.

Newsletters, email, and mailing lists

  1. If you subscribe to our newsletters, in which you can find our discount codes among other things, you explicitly consent to the collection of your data.
  2. Each newsletter indicates how you can unsubscribe again.
  3. Our website uses Shopify, a third party that handles the email traffic originating from our website and the sending of newsletters.
  4. All confirmation emails you receive from our website and web forms are sent via the servers of Shopify. Shopifywill never use your name and email address for its own purposes.
  5. At the bottom of every email sent automatically via our website, you will see the ‘unsubscribe’ link. If you click on it, you will no longer receive emails from our website. This may seriously reduce the functionality of our website!
  6. Your personal data is processed by Shopify securely stored. Shopify uses cookies and other internet technologies that provide insight into whether emails are opened and read. Shopify reserves the right to use your data to further improve the service and, in that context, to share information with third parties.
  7. For our regular business email traffic, we use the services of Shopify Mail. This party has taken appropriate technical and organizational measures to prevent misuse, loss, and corruption of your and our data as much as possible. Shopify Mail has no access to our mailbox and we treat all our email traffic confidentially. 

Reviews Webwinkelkeur

  1. We collect reviews via the platform of Stichting WebwinkelKeur. If you leave a review there, you are required to provide your name, place of residence, and email address. WebwinkelKeur shares this data with us so that we can link the review to your order. WebwinkelKeur also publishes your name and place of residence on its own website.
  2. In some cases, it may WebwinkelKeur contact you to provide an explanation of your review. In the event that we invite you to leave a review, we share your name and email address with WebwinkelKeur. They use this data solely for the purpose of inviting you to leave a review.
  3. WebwinkelKeur has taken appropriate technical and organizational measures to protect your personal data.
  4. WebwinkelKeur reserves the right to engage third parties for the purpose of providing the service; for this, we have given WebwinkelKeur given consent. All of the above-mentioned guarantees regarding the protection of your personal data also apply to the components of the service for which WebwinkelKeur engages third parties.

External payment services

  1. Payments on our website are handled via an external payment service and a secure link. The data you enter for the payment will therefore not be visible or accessible on our servers. We only receive a positive or negative message indicating whether the payment was successful. We refer you to the website of that external payment service for their own privacy statement.
  2. For handling (part of) the payments in our web store, we use the platform of Shopify Payments(ShopPay). Shopify Payments processes your name, address and place of residence data, and your payment details such as your bank account or credit card number.
  3. Shopify Payments has taken appropriate technical and organizational measures to protect your personal data.
  4. Shopify Payments reserves the right to use your data to further improve the service and, in that context, to share (anonymized) data with third parties.
  5. Shopify Payments shares personal data and information regarding your financial position with credit assessors in the case of an application for deferred payment (credit facility).
  6. All of the above-mentioned guarantees regarding the protection of your personal data also apply to the components
    of Shopify Payments's services for which they engage third parties.
  7. Shopify Payments does not keep your data longer than allowed by the statutory periods.
  8. If you choose the pay later or installment payment options of Klarna to offer, we must pass on your personal data (contact and order details) to Klarna Bank AB (publ), Stockholm, Sweden.
  9. In addition, processes Klarna then your first name, last name, date of birth, salutation, gender, and phone number. This way Klarnaassess whether you qualify for their payment methods and Klarna can apply those payment methods.
  10. The personal data transferred by us and the personal data provided by you are then processed in accordance with Klarna's own privacy statement and it can be found on the website of Klarna

Rights of data subjects

  1. European privacy legislation grants its citizens certain rights regarding their personal data. If you are located in Europe, you can ask us to take the following actions regarding the personal data we hold about you:
  • Access. To provide you with information about our processing of your personal data and to give you access to your personal data.
  • Accuracy. To update or correct inaccuracies in your personal data.
  • Delete. To delete your personal data. Deletion of personal data may only be possible if the data is no longer relevant. We will weigh our interests against your privacy interest upon a deletion request. In case of a decision to delete, we will inform you of the consequences.
  • Transfer. To transfer a machine-readable copy of your personal data to you or to a third party of your choice.
  • Restrict. To restrict the processing of your personal data.
  • Objection or withdrawal. To object to our reliance on our legitimate interests as the basis for our processing of your personal data that affects your rights. In addition, you have the right to withdraw any consent you have given for data processing.
  1. You can submit these requests via the contact details above. We will respond to your request as soon as possible, but within four weeks. We may ask you for specific information to help us confirm your identity and process your request. Applicable legislation may require or allow us to refuse your request. If we refuse your request, we will tell you why, subject to legal restrictions.
  2. You can always view and, if necessary, change your own data and personal settings by logging into your customer account.
Retention periods
How long do we keep personal data?
  1. We will not retain your personal data longer than strictly necessary to achieve the purposes for which your personal data is collected or as long as required by law.
  2. The retention periods we apply are recorded in our internal privacy policy. Some parts of it are:
  • in the case of a completed order: until the warranty period expires, with a maximum of 24 months after the order;
  • in the case of a customer account: until the customer cancels the account or the account has otherwise expired. Inactive customer accounts are deleted 24 months after the last action.
  1. After the retention period expires, we delete your data or anonymize your data. If we anonymize your data, we remove all data that refers to you. The data can no longer be linked to you. The anonymous data helps us get a better picture of our products and services.

Storage
How is personal data stored with us?

  1. Personal data is stored by us, among other places, in the following secure databases:
  • cloud storage;
  • a CMS.
  1. This list of the main databases is based on the situation at the time of drafting this privacy statement and may change in the meantime. 

Protection
How do we protect personal data?

  1. We take the protection of personal data seriously and take appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized alteration.
  2. Our website is secured with SSL, we have a strong password policy, and we ensure that comprehensive virus protection is always up to date.
  3. Our employees have a confidentiality clause in their contract. We have made clear agreements about the protection and confidentiality of personal data. In addition, we invest in raising awareness among our employees regarding information security and data privacy.
  4. If you feel that your data is not properly secured or there are indications of misuse, please contact us via the above contact address.

External links and social media

  1. Our website contains links to other external websites. We cannot be responsible for the content of those websites and how your personal data is handled there.
  2. We strive to keep the external links up to date and to refer to the correct websites.
  3. On our websites, there may be buttons and links from social media providers, such as Facebook, YouTube, or Instagram.
  4. Our privacy statement does not apply to these social media channels. The use of social media is your own responsibility.
  5. We recommend that you carefully read the privacy policies of the respective companies so that you know what happens to your data.
  6. Many social media providers are also located outside the EEA and store personal data there. As a result, it is possible that personal data is not protected at the same level as we are used to within the EEA.
  7. If we have a page on one of the social media channels (such as Facebook), our privacy statement does apply to the content of that page.

Questions and complaints

  1. If you have questions about this privacy statement or about (the exercise of) your rights, you can contact us via the contact address above.
  2. If you have complaints about how we handle privacy, you have the right to file a complaint with the Data Protection Authority. For the Netherlands, that is: Autoriteit Persoonsgegevens, Postbus 93374, 2509 AJ The Hague.
  3. In that case, we ask you to contact us first. Of course, we will do everything reasonable to resolve it together with you. 

Change of our privacy statement

  1. From time to time it may be necessary to adjust our privacy statement to current events and updated insights on data protection.
  2. We will inform you in a timely and reasonable manner of such changes. Changes will be announced on our website.
  3. Using our services means that you accept our privacy statement.
  4. We recommend that you read the most recently updated version of our privacy statement.

This privacy statement was last updated on: 10.01.2023.