Privacy Policy

Last updated: December 2024

1. Who We Are

affixdyor B.V. is a Dutch limited liability company registered under number 58274391, with VAT number NL249867315B114. We provide vehicle maintenance services and operate from our address at Marktplein 3, 3063 AY Rotterdam, Netherlands.

For the purposes of data protection law, affixdyor B.V. is the data controller of your personal information.

2. Information We Collect

2.1 Information You Provide

• Contact Information: Name, email address, phone number, and postal address when you contact us or request services
• Service Information: Details about your vehicle, service requirements, and maintenance history
• Communication Records: Records of communications between you and us, including emails, phone calls, and service appointments
• Payment Information: Billing details and payment records for services provided

2.2 Information Automatically Collected

• Website Usage Data: IP address, browser type, device information, pages visited, and time spent on our website
• Cookies and Tracking Technologies: Information collected through cookies and similar technologies (see our Cookie Policy for details)
• Location Data: General location information based on IP address

3. How We Use Your Information

We use your personal information for the following purposes:

• Service Provision: To provide vehicle maintenance services, schedule appointments, and manage your service requirements
• Communication: To respond to your inquiries, provide customer support, and send service-related communications
• Business Operations: To process payments, maintain records, and manage our business operations
• Legal Compliance: To comply with legal obligations, including tax and regulatory requirements
• Website Improvement: To analyse website usage and improve our online services
• Marketing: With your consent, to send promotional communications about our services

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to perform our service contract with you
• Legitimate Interests: Processing for our legitimate business interests, such as improving services and maintaining customer relationships
• Legal Obligation: Processing required to comply with legal or regulatory obligations
• Consent: Processing based on your explicit consent, particularly for marketing communications

5. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist in our operations (e.g., payment processors, IT services)
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Transfers: In connection with a merger, acquisition, or sale of business assets
• Protection of Rights: To protect our rights, property, or safety, or that of our customers or others

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Secure data transmission using encryption technologies
• Access controls and authentication procedures
• Regular security assessments and updates
• Staff training on data protection and security practices

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including:

• Service Records: Maintained for the duration of our business relationship and for a reasonable period thereafter
• Legal Requirements: As required by applicable laws and regulations (typically 7 years for business records)
• Website Data: Automatically collected data is typically retained for 2 years unless deleted sooner

8. Your Rights

Under GDPR and Dutch data protection law, you have the following rights:

• Access: Request access to your personal data and information about how it's processed
• Rectification: Request correction of inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data in certain circumstances
• Restriction: Request restriction of processing in certain circumstances
• Portability: Request transfer of your personal data to another controller
• Objection: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the details provided below.

9. Cookies and Tracking

Our website uses cookies and similar tracking technologies. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party websites you visit.

11. International Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

12. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal information, please contact us:

15. Supervisory Authority

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):