Welcome to the Privacy Statement of Studio Palea (“we”, “our” and “us”). Studio Palea is committed to protect your personal information and acts in accordance with applicable data protection laws, including the General Data Protection Regulation 2016/679 (GDPR). This Privacy Statement contains information about the personal information we collect and use and why we need your information and sets outs your rights in relation to your personal information. This Statement is designed to inform both our Website visitors (“Visitors”) and our client (“Clients”). By “Website” we mean the URL www.studio-palea.com.
Under data protection laws, we need to disclose the details of the entity responsible for your personal information. Studio Palea is the data controller. Studio Palea is based in the Netherlands and registered under number 63193299 at the Dutch Chamber of Commerce (KvK). Our contact details are: Weissenbruchstraat 29-2, 1058KL Amsterdam, The Netherlands firstname.lastname@example.org
Which personal data do we process?
What counts as personal information or personal data? Personal data is any information from which a person (a data subject) can be identified or potentially identified from.
How do we obtain your personal data?
When you contact us and when you become a Client, you will give us some personal information. When you visit our Website, we collect certain information about you in the background using technologies such as cookies. We have set out the personal data we process below in more detail. Please note that not every piece of personal data is collected or processed in each case. This will depend on the actions you take.
When you contact us, for example when you book a call or a meeting on our Website, the following personal data will be processed: - your first and last name
- your e-mail address
- your phone number
When you become our client we will need the following personal data from you:
- your first and last name
- your company name
- your address
- your e-mail address
- your phone number
When you visit our Website, we may collect the following data from you:
- information about your browser, network and device
- information about the website you visited prior to our Website
- information on how you navigate our Website, including clicks and pages visited
The above information is collected via technologies such as cookies. If you would like to know more about the cookies we use on our Website, please refer to our Cookie Statement.
When you sign up for our newsletter the following personal data are collected:
- your first and last name
- your e-mail address
The purposes we use your personal data for
Why do we need personal data from you and what’s the purpose of processing these data?
When you contact us, we need the personal data in order to be able to know who we are dealing with and to communicate with you (for example, we need to know that we have to call (your name) on (your telephone number)).
When you visit our Website the data collected are necessary for us to analyse your browsing behaviour and to put together user statistics. Such information is used by us to improve our services and our website.
When you become a Client we need your personal data in order to:
- properly perform our contract with you
- communicate with you about the services you hired us for
- enable us to send you an invoice
When you sign up for our newsletter we need your personal data because without such information we would not be able to send it to you.
The lawful bases we rely on when we process your personal data
We can only process your personal data when we have a lawful basis to do so. We rely on one of the following lawful bases when we process the personal data set out above:
- your consent (e.g. when you sign up for our newsletter)
- the performance of a contract
- comply with a legal obligation
- our legitimate interest
Sharing your personal data
We only share your personal information with third parties if this would be necessary in relation to the performance of our services.
We also work with third-party service providers who, on our behalf and at our instruction, process certain personal data from you. Some examples of such providers include our accounting software provider (MoneyBird), our client booking system provider (Calendly) and our file storage provider (Dropbox). The processing of your personal data by those service providers is subject to data processing agreements or clauses to ensure that the required level of protection of your personal data is safeguarded.
Some of these third-party service providers may be based outside of, or may have personnel or servers outside, the European Economic Area (EEA). That means that certain personal data may be transferred outside of the EEA, which is, according to the GDPR, only allowed if an adequate level of protection of personal information can be guaranteed. The third parties we work with who transfer personal data outside of the EEA meet that requirement.
We may also share your personal information with law enforcement or similar authorities if required by applicable law. We will never sell your personal information to anyone!
Social media buttons
Our website contains buttons/icons giving you quick access to our profiles or pages on social media networks such as LinkedIn and Instagram. We are not responsible for their processing of personal information. Your use of these third-party media is at your own risk. Please refer to their privacy policies if you want to learn more about how they use your personal information.
Opting out of marketing messages
You can ask us to stop sending you marketing messages, including our newsletter, at any time by following the opt-out link on any marketing message sent to you or by contacting us at any time via e-mail.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We do not hold your personal data for any longer than necessary for the purposes your data were collected for, as explained in this Privacy Statement, unless we are under a legal obligation to retain your personal information for a longer period. Your rights Data protection laws give you a set of rights you can enforce against us for free. If you wish to exercise any of the below rights, please let us know your request by e-mail.
You have the right to:
- fair processing of information and transparency over how we use your use personal information;
- access to your personal information and to certain other supplementary information;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object in certain other situations to our continued processing of your personal information;
- otherwise restrict our processing of your personal information in certain circumstances.
To avoid misuse of your personal information we may ask you to provide us with adequate identification (such as a passport copy with your photo blurred) before we process your request. We can only process requests from data subjects about their own data. We will get back to you about your request within two weeks after we received it.
If you have any questions about this Privacy Statement or if you have a complaint about the way we deal with your personal data, please contact us and give us a chance first to solve your question or complaint. You also have the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state if you work, normally live or if any alleged infringement of data protection laws occurred in that relevant state. In the Netherlands, the supervising authority is the Autoriteit Persoonsgegevens.
Changes to this statement
We may make changes to this Privacy Statement from time to time, for example to reflect amendments to legislation or a change in the way we do business. We have the right to make such changes without giving you prior notice. You can always find the most recent version of this Privacy Statement on our Website.
Updated: 1 March 2021