Are you under the age of sixteen?
If you are younger than sixteen years old, you cannot use our Website, App and Services without the permission of your parents or legal guardian.
We will not process your data without your consent, unless we are legally obliged to do so.
What data do we collect and how do we use your data?
To use our Website, App and Services, we need the following data:
- Your e-mail address
- Your IP-address
We can also store the following non-personal data if you use our Website or App:
- The type of your browser
- The operating system that you use
- The internet service provider
Sound B.V. offers newsletters. That way, you are fully informed of (discount)offers and other news. We use an double opt-in system to be sure of your permission. This means that you verify your permission for any new confirmation. We ask you for this verification via an e-mail that we send to the address you gave us. Every time we send you a newsletter you have the possibility to unsubscribe from the newsletter.
We will only use your personal data for the purposes listed above or any other purpose that is connected thereto. This way, your data will never be used by us in an unexpected way.
We work hard to protect your personal data from unauthorized or unlawful access, alteration, disclosure, use or destruction. That way, unauthorized persons do not have access to your data. We take the following measures to protect your personal data:
- Encryption of digital files that contain personal data
- Secure network connections with Secure Socket Layer (SSL) technology or a technology that is similar to SSL
- The access to the data is limited to the persons that need the data
- The access of the data is secured with two-step verification
- We use generally accepted security standards on its systems and networks.
- We use of the services of third parties with guaranteed services through SLAs, safety and continuity guarantees.
- We have physical security and security of equipment. IT facilities and equipment are physically protected against unauthorised access and against damage and malfunctions. The protection provided is in line with the identified risks.
- We will only transport digital personal data via an SSL-encrypted connection.
- All systems that are in use are protected by user names and complex passwords and / or biometric login protection. In addition, all data on PCs, workstations, notebooks and USB sticks are stored in encrypted form by means of encryption technology (FileVault and Bitlocker).
- We have two-factor authentication policies in place for used (internal) e-mail and network services
- We have a strict policy regarding the access of new employees to its infrastructure. There are also binding agreements and processes for the transfer of data upon termination of employment and all employees and users are contractually informed of existing data and safety regulations upon commencement of employment.
- We regularly check and evaluate whether the security measures within the organisation have actually been taken care of and are being observed by its employees. It also periodically assesses whether the security level still fits the risks involved in the processing and the nature of the data to be processed and whether the security measures are still satisfactory.
- We have the following measures applied in place regarding assigned responsibilities for information security within the organisation:
- All employees and, where applicable, hired staff and external users receive suitable training and regular training on the information security policy and the information security procedures of the organisation, as far as relevant for their function. Within the training and further training, explicit attention is paid to dealing with (special or otherwise sensitive) personal data.
- We have procedures to allow authorized users to access the information systems and services they need for the performance of their tasks and to prevent unauthorised access to information systems. The procedures cover all phases in the lifecycle of user access, from the initial registration of new users to the final opt-out of users who no longer need access to information systems and services (entry and exit). Where applicable, special attention is paid to managing access rights for users with extra-wide powers, such as system administrators.
- Activities that users perform with personal data are recorded in log files. The same applies to other relevant events, such as attempts to gain unauthorised access to personal data and disruptions that can lead to mutilation or loss of personal data. The log files are periodically checked for indications of unauthorised access or unauthorised use of the personal data and where necessary action is taken.
- We guarantee that the technical and organisational measures are effective. If an explicitly described security is lacking, we will ensure that the security will comply with a level that, in view of the state of the art, the sensitivity of the personal data and the costs associated with securing the security, is not unreasonable. How long do we store your data?
We shall store your personal data for as long as necessary to fulfil the purposes listed above.
We will only process your data within the European Union. We will only process your data outside of the European Union if the country has an effective protection level for your data.
We will never transfer your data to other countries or other parties then described above.
You may find advertising or other content on our Website and in our App that link to other websites. We do not control the content on these websites and are not responsible for the content or the privacy protection of these websites. We advise you to read the privacy policies of those websites.
Cookies are little (text)files which are stored on your computer. Your web browser stores these cookies when you visit our Website. These cookies will be retrieved when you visit our website again. This allows our Website to recognise you as a previous visitor.
You can change your cookie settings in your browser, if you don’t want cookies to be sent to your device. We will not save cookies if you visit our Website. Please note that some Website features or services of our Website may not function properly without cookies.
The data we collect is personal. Therefore, you have the following rights:
- You may request access to the personal data we process about you;
- You may request us to correct, update, shield or delete your personal information in our records;
- You may request a copy of the personal data we have processed about you. We can – on your request – send this copy to another party, so you don’t have to send the data yourself;
- You may file a complaint against processing your data;
- You may file a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), if you are under the impression that we process your data unlawfully;
- You may always withdraw your consent to process your data. We cannot process your data from the moment you withdraw your consent.
Fred. Roeskestraat 115 / 3.23
1076 EE Amsterdam
+31 20 717 34 99
Data protection officer