Privacy statement Imbema Holland B.V.

Imbema Holland B.V., and its affiliated (subsidiary) companies process personal data and use cookies and similar technologies.

We aim to use your personal data carefully and securely within the limits of the law. In this privacy statement, we describe who we are, how and for what purposes we process your personal data, how you can exercise your privacy rights and anything else you might be interested in knowing.

To keep the information clear, each topic is divided into two layers of information. First, you will see an outline summary. If you want more detailed information, you can find it by clicking on the 'more details' link.

We have done our best to write down all the information clearly and legibly. If, after reading the privacy statement, you still have questions about our use of your personal data, you can of course always contact us. Further on in this declaration you can read how to do so.

We recommend that you also read our separate cookie declaration. This statement describes our use of cookies and similar technologies.

Finally, we would like to inform you that our service is evolving and so is our privacy statement. We therefore recommend that you regularly check this statement for changes, so that you know exactly where you stand.

At the very bottom of this statement you can read when it was last amended. In the event of substantial changes, we will notify you by e-mail.

Who are we?

This privacy statement applies to all activities, including those taking place on our websites, of companies and trade names of Imbema-Holland B.V, and its affiliated (subsidiary) companies.

Imbema Holland B.V. is located in Haarlem (The Netherlands), 2031 CN at Nijverheidsweg 5-7.

Imbema Holland B.V. is 'Controller' within the meaning of the law for the processing of personal data described in this privacy statement, including the processing of personal data by:

  • Imbema B.V.
  • Imbema Asset Solutions B.V.
  • Imbema Belgium N.V.
  • Imbema Cleton B.V.
  • Imbema Controls B.V.
  • Imbema Denso B.V.
  • Imbema Denso N.V.
  • Imbema Rhiwa B.V.
  • Imbema Rhiwa N.V.
  • Imbema Surface Treatment B.V.
  • Imbema Surface Treatment N.V.
  • SBS Security Safety Products B.V.
  • Imbema Holland B.V.

What personal data does Imbema collect?

Imbema collects different categories of personal data:

  • Personal data (e.g. name, address, place of residence, e-mail address, telephone number)
  • Company data (for example, postal address and Chamber of Commerce number)
  • Account data (for example username and password)
  • Purchase data (e.g. on which date you purchased a certain product)
  • Marketing preferences (e.g. whether you subscribed or unsubscribed to email offers)
  • Participation behaviour (e.g. whether you have participated in promotions and fairs in the past and if so, which ones)
  • Interaction data (e.g. your contact with customer service or digital and/or written correspondence)

If you proceed to purchase a product via our webshop, you will be asked to provide your payment details. These personal data will be directly collected and processed by a third party called Mollie. This third party is responsible for processing your payment details in accordance with the law. Mollie does not have access to your payment details and these will therefore not be collected and/or processed by us. This privacy statement therefore also does not apply to this processing. To learn more about how Mollie collects and processes your payment data, please refer to the privacy statement on Mollie's website.

We receive the categories of personal data described above both directly from you and via third parties to the extent that this is in accordance with the law.

Personal data you provide directly to us

This may include, inter alia:

  • personal data you provide when you create an account and/or other information you enter and provide through our website
  • personal data you provide by purchasing or showing interest in a product or service.
  • personal data that you provide as a result of your surfing behaviour on our website
  • personal data you provide in the context of (among other things) correspondence, feedback, help (Q&A), dispute resolution, etc.

Personal data about others that you provide directly to us

You may share other people's personal data with us. For example, the address or contact details of other persons within your company. We draw your attention to the fact that it is your own responsibility to check whether these persons agree to provide Imbema with their personal data.

Personal data we receive from third parties

Among other things, we may receive additional personal data, such as through social media websites or third-party services, to the extent that this is in line with the law, for example because you have given your consent.

For what purposes does Imbema process your personal data?

Imbema collects and processes personal data for the performance of the agreement(s) concluded with you, administration, communication, marketing (personalised or otherwise), fraud research and to comply with legal obligations.

For the performance of quality and management purposes, Imbema uses anonymous data as much as possible and therefore does not use personal data.

The various purposes, as described above, are described in more detail below.

In the context of a contract. For the preparation, conclusion, execution and possible termination of the agreement(s) between you and Imbema.

Administration. For the execution and control of Imbema's administration in a broad sense.

Communication, marketing and personalisation purposes. For the performance of customer service, for making (possibly personalised) offers, and/or for providing and exchanging information about Imbema's activities.

Quality and management purposes. For investigating and improving the quality of the services, processes and systems, for informing management and (having) internal audits carried out.

Legislation and regulations. For identification, combating fraud, ensuring internal control and business security and compliance with laws and regulations.

On what legal bases does Imbema base the processing(s) of personal data?

The law contains an exhaustive list of bases justifying the processing of your personal data. Imbema relies on three of these legal bases. Namely, our processing(s) of your personal data is done in execution of the agreement, and/or based on a legitimate interest of Imbema or your consent.

Execution of the agreement. We use your personal data to execute the agreement you have with us.

Legitimate interest. We also use your personal data for Imbema's legitimate interests. You can read more about these legitimate interests of Imbema under the following heading.

Consent. With your consent, we may use your personal data for certain marketing activities. You can of course withdraw your consent at any time. Under the heading "Can you still withdraw your permission later"? Read how you can do this.

What is Imbema's legitimate interest in processing your personal data?

The processing of your personal data is necessary to maintain a good relationship between Imbema and you as a customer, or for Imbema's own reasonable business interests. For example, to inform you about new products, services and activities, or to defend Imbema's interests in any legal proceedings.

As much as possible, we will apply and add the so-called 'opt-out arrangement' to our communications. This way, you can easily notify us if you no longer wish to receive communication from Imbema. Alternatively, you can of course always contact us for this purpose at [email protected].

To whom does Imbema provide your personal data?

Imbema may provide your personal data to third parties in accordance with this privacy statement and the law. Without your explicit consent, Imbema will not disclose your personal data to third parties for their marketing purposes.

Your personal data may be received by the following categories of recipients:

Group companies. We may share personal data with our group companies to jointly provide content and products and/or services (such as registration and customer support), to help develop products, websites, applications, services, tools and communications, and to prevent, detect and investigate potentially illegal activities, violations of our policies, fraud and/or data security breaches.

Authorities. For example, regulators, tax authorities, police and other legal authorities. We may share your personal data:

  • to comply with legal obligations or a court order; or
  • if it is necessary to prevent, detect or prosecute criminal offences (such as fraud, deceit or prosecution); or
  • if it is necessary to enforce our policies or protect the rights and freedoms of others.

Business service providers. For example, a mail order company engaged by Imbema to deliver the product you have purchased, or an organisation engaged by Imbema to provide a maintenance service.

Other. Any third party for which we have received your consent to share your personal data (e.g. in the context of a cooperation), and/or of which Imbema is or will be part as a result of a reorganisation, merger or acquisition. 

Will your personal data be processed outside the EU?

No. Your personal data will only be processed within the borders of the European Union. All European countries must comply with the same rules in the law, which aims to ensure a consistent level of protection in the processing of personal data at European level.

How long will your personal data be kept?

We will keep your data for no longer than is necessary to achieve the purposes set out in this privacy statement. This means that your personal data will be deleted after a specific period of time.

We keep your personal data in accordance with legislation. Your personal data will be deleted or anonymised when it is no longer strictly necessary to achieve the purposes for which it was collected.

How can you manage your personal data?

You have the right to access, rectify and/or delete Imbema's collection of your personal data. You may also exercise your following rights with Imbema: the right to restrict your personal data processing, the right to the portability of your personal data and the right to object. Below you can read where and how to exercise these rights.

If you have your own account at Imbema, you have access to part of the personal data registered about you. You can rectify or delete some data yourself at any time, such as making changes to your account data.

If you wish to have access to your entire personal data processing and/or correct or delete data (insofar as admissible) that you cannot change yourself, please contact [email protected].

If you do not have your own account, you can contact [email protected] for your right to access, rectify or delete personal data registered about you.

To exercise your right to limit your personal data processing, to transfer your personal data or to object, you can also send your request to [email protected].

Please note that Imbema may request additional information to verify your identity.

Can you later withdraw your consent?

If you have consented to certain processing of your personal data, you can withdraw your consent at any time. Please note that the withdrawal of your consent is not retroactive and that withdrawing consent is only possible if you have first given your consent.

You can notify the withdrawal of your consent at [email protected].

Can you file a complaint?

You can file a complaint with the Dutch Data Protection Authority if you have a complaint about Imbema's use of your personal data. For example, because you think Imbema does not handle your personal data carefully, or because you have requested access to or rectification of your personal data but are not satisfied with our response.

You can submit your complaints to the Dutch Personal Data Authority via the website www.autoriteitpersoonsgegevens.nl.

Are you obliged to provide personal data to us and what if you do not want to provide personal data?

For Imbema, providing your personal data is necessary in some cases. For example, to enter into an agreement with you or to provide a service. Information fields not marked with an * request personal data the provision of which is not necessary.

If the provision of your personal data is necessary for us, we will draw your attention to this by using an *. If you choose not to provide the requested personal data, we will not be able to conclude or provide the relevant agreement or service. When you complete information fields that are not marked with an *, you thereby consent to Imbema processing this personal data.

How does Imbema deploy the use of profiling?

Imbema uses profiling and/or other automated decision-making.

We would like to approach you in a personal and relevant way. To make that possible, we link, combine and analyse personal data in order to determine the most relevant target groups and segments, content, advertisements, information, moments and channels and reduce contact pressure. In doing so, we also use external sources. No special (sensitive) personal data are processed in profiles.

For our profiling purposes, the following personal data, in varying compositions, may be combined, analysed and segmented:

  • Demographic data.
  • Transaction data.
  • Interaction data; personal data that follows from contact between Imbema and you. For example, which apps you use, what kind of devices you do so with and other cookie identifiers. This also applies to offline interactions.
  • Behavioural data; personal data Imbema processes about your behaviour, such as your preferences, opinions, wishes and needs. We may derive this data, for example, from your browsing behaviour on our website or because you have linked to a social media account. We collect and use information via tracking cookies only with your consent.

If you prefer not to receive marketing tailored to you, you can inform us at [email protected].

When was this privacy statement last modified?

This privacy statement was last amended on 26 October 2023 and effective 25 September 2018.