Privacy Statement
Privacy statement
This Privacy Policy applies to Thermotraffic B.V. and Thermotraffic Ltd. The Privacy Policies found on the websites of other suppliers, for example, those referred to by links on our website www.thermotraffic.com, shall apply to those suppliers/companies. When you visit one of our websites, purchase products or services from us or when you interact with us, we collect personal data from you. We do this in the manner and for the purposes described below.
Controller
The party accountable for the processing of personal information of this website is:
Thermotraffic B.V.
Abel Tasmanstraat 1
3165 AM Rotterdam
Netherlands
Our appointed representative in the UK is:
Thermotraffic Ltd
Northern Industrial Estate,
Bury St Edmunds
Suffolk, IP32 6NL
England
The Data Protection Officer for Thermotraffic B.V. and Thermotraffic Ltd. can be contacted at – compliance@thermotraffic.com
I. General Information about Data Processing
1. Extent of the processing of personal information
Principally, we collect and utilize our users’ personal information only to the extent necessary for the processing of contracts and inquiries related to them. After the contractual obligations have been fulfilled, personal information shall be processed only after consent for this has been granted. Exceptions apply in such cases, in which prior consent cannot be obtained for factual reasons or if the processing of this information is permitted by law or when we have a legitimate interest in processing the personal data.
Personal data means any information that can be used to identify an individual.
We may collect, use, store and transfer different kinds of personal data about you, such as:
- Identity Data: Your name, last name, username or online identifier, password, your employer and gender.
- Contact Data: Your email address, work address, direct telephone number.
- Technical data: domain you visited, IP address, the time you accessed our site and your time zone setting, browser type and version, search status code, number of bytes passed and operating system and other technology on devices you use to access this website (this information is not stored together with other personal data of the user)
Requests and inquiries can be directed to us using the E-mail addresses found on our homepage. The information submitted in these E-mails shall only be used to fulfill your request or inquiry and any legal provisions resulting therefrom. In doing so, it might be necessary to share personal information with a third party.
You may disclose personal data to us in a variety of ways, such as when you:
- visit or interact with our website;
- directly or indirectly purchase services from us;
- visit one of our branches;
- register for an event;
- apply for a job or internship.
We may also collect personal data about you from third parties, for example where you are contacting us on behalf of your employer or as part of your employment duties, we may receive information about you from your colleagues.
We may use camera surveillance at our physical locations to ensure the safety of our guests and employees and to comply with our legal obligations. These images are automatically deleted after 14 days, unless there is an incident, in which case the period is extended under strict conditions. Only a limited number of employees have access to the images and recordings and this data is well secured.
We process personal data covered by this Privacy Statement for the following purposes:
- Business operations, including providing, researching, developing, and improving services; concluding and executing agreements with customers and suppliers; managing relationships and marketing, such as maintaining and promoting contact with existing and potential customers, account management, customer service, and development;
- Organization and management of the company, including financial management, performance of controls, internal audits and investigations; or
- Compliance with laws and/or regulations, including compliance with legal or regulatory requirements.
We may also process your personal data for a secondary purpose to which it is closely related, such as:
- storing, deleting or anonymising your personal data; or
- fraud prevention, audits, investigations, dispute resolution or insurance purposes, and claims defense.
2. Legal basis for the processing of personal data
The law requires us to have a legal basis for collecting and using your personal data. These legal basis are:
- We receive consent for the processing of personal data from the data subject.
- The processing of personal data is necessary for the fulfillment of a contract, (we may rely on this basis where we have entered into a contract such as Contracts of Carriage and the User Agreement set out at my.thermotraffic.com, when the data subject (or its employer) is a party to the contract). This shall also apply to the processing of personal information necessary for the execution of pre-contractual measures.
- The processing is necessary for the fulfillment of a legal obligation to which our company is subject or in the context of a court order or other written form execution from, for example, the police or the judiciary.
- The processing of data is necessary for the preservation of our enterprise’s legitimate interests or those of a third party, and these override the interests, fundamental rights and freedoms of the data subject.
In particular, we rely on the following legal bases:
- To communicate with you with the purpose of discussing our services and entering into a contract with you or your employer, we rely on fulfilment of a contract as the legal basis. The data processed for this purpose may include your Identity and Contact Data.
- When you contact us with a query or concern or we need to correspond with you), we rely on legitimate interests as the legal basis (our legitimate interest is to maintain a good relationship with our clients, or where we are contacting with a debt issue, to protect the income of the business). We may process your Identity and Contact Data for these purposes.
- When you access our website, we rely on legitimate interests when we collect Technical Data from you. Our legitimate interest is to ensure our website is working correctly and that users can access the features on the website.
- When you sign up for an account on our website, we rely on fulfilment of a contract as the legal basis. The data processed for this purpose may include your Identity and Contact Data.
3. Data erasure and duration of storage
We do not store personal data longer than is necessary for the purpose of the processing. For example:
- Order information: When you place an order for the provision of our services, we will retain that information for a period of at least seven years after the end of the financial year in which you placed your order. This is in accordance with our legal obligation to keep records for tax purposes;
- Correspondence and enquiries: When you make an enquiry or contact us via email, we will retain your data for such time as is reasonably required after the complete resolution of your enquiry.
In all other circumstances, we will not keep your data for longer than necessary, taking into account the following:
- The purposes and use of your data, now and in the future (such as whether it is necessary to continue to retain that data in order to continue to perform our obligations under a contract with you or to contact you in the future);
- Whether we have a legal obligation to continue processing your information (such as any archiving obligations imposed by relevant laws or regulations);
- Whether we have a lawful basis to continue processing your information (such as your consent);
- Any relevant practices regarding how long information should be retained.
II. Protection and sharing of personal data
We have taken appropriate technical and organisational measures to protect your personal data against loss and unlawful processing. We protect your personal data in a variety of ways, including secure storage. We cannot guarantee the security of your information when transmitting this to our website as transmission via the internet cannot be completely secured.
Our starting point is that we do not share your personal data with third parties. Sometimes it is necessary to pass on your data to third parties, for example in the context of the performance of a contract or the sending of marketing messages. These are usually external service providers, such as marketing or IT and development companies. We agree on a processing agreement with these parties that meets all the requirements of the (in the EEA) General Data Protection Regulation and (in the UK) the Data Protection Act 2018 and UK GDPR.
Furthermore, we may provide your personal data to third parties in order to comply with laws and regulations or in the context of legal proceedings, a court order or other subpoena.
We do not transfer data to businesses outside of the EEA or UK. If we do, we will ensure that the third country we are transferring data to has a similar degree of protection in place, or that safeguards (such as Standard Contractual Terms) are put in place to protect the personal data being transferred.
III. Rights of the Data Subject
In the event that your personal data is processed, you are the data subject within the meaning of the GDPR and UK GDPR, and you shall have the rights as mentioned here below with respect to the controller. You can preferably make your request by e-mail to compliance@thermotraffic.com If you do not have an e-mail address or do not wish to make the request by e-mail, you can send a letter, signed and with a copy of your proof of identity, to the postal address: Abel Tasmanstraat 1, 3165 AM Rotterdam, the Netherlands.
- Right of access
You may request information about the personal information which has been processed by us. In your request for information to the email address mentioned above, you should be as precise as possible in order to facilitate the compilation of the required information.
- Right to rectification
You shall have the right to rectification and/or completion with respect to the controller, provided that the processed personal data concerning you is incorrect or incomplete. The controller shall undertake the rectification without undue delay.
- Right to restriction of processing
You shall have the right to obtain restriction of the processing of your data. This enables you to ask the controller to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the data’s accuracy;
- Where our use of the data is unlawful but you do not want us to erase it;
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Right to erasure.
You shall have the right to obtain the erasure of your personal data. Your right to erasure depends, among other things, on whether we still need the information concerned for the fulfillment of our legal obligations.
- Right to data portability
You shall have the right to request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Right to object
You shall have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object.
You have an absolute right to object at any time to processing of your personal data for the purpose of sending you direct marketing communications.
- Right to lodge a complaint with a supervisory authority
If you have reason to believe that we have failed to comply with the data protection provisions while processing your personal information, you shall have the right to lodge a complaint with the competent data protection authority. The UK regulator for data protection issues is the Information Commissioner’s Office (the ICO, www.ico.org.uk), and EU data subjects can find their relevant data protection authority in this list published by the European Data Protection Board https://www.edpb.europa.eu/about-edpb/about-edpb/members_en. They will examine the complaint. We would appreciate it if you would report your complaint to us first so that we have the opportunity to solve the problem.
IV. Cookies
When you visit our website, we use so-called “cookies” to facilitate your visit. Cookies are small text files that are stored on your computer’s hard drive or memory. We use cookies, among other things, to record the preferences you have set for a particular service or web page, so that you do not have to enter them again the next time you visit our site.
Privacy Statement for the use of LinkedIn
Our website uses functions of the network LinkedIn. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you request a page containing LinkedIn functions, a connection is established to LinkedIn’s server. LinkedIn is informed that you have visited our website with your IP address. If you click on the Recommend button from LinkedIn and you are logged in to your account with LinkedIn, LinkedIn can assign your visit to our website to your user account. Please note, that we, as the page’s provider, have no knowledge of the contents of the transmitted information nor of its use by LinkedIn.
More information regarding this can be found in LinkedIn’s privacy policy under: https://www.linkedin.com/legal/privacy-policy
V. Changes to the Privacy Policy
We may amend this Privacy Policy from time to time. We encourage you to check regularly to ensure that you have the most recent version of this Privacy Policy, and in any event at the time you provide personal data to us.
This privacy statement was last amended on 23 July 2024.