Privacy Statement

Koti Industrial and Technical Brushes B.V., located at Celciusstraat 18, 6003 DG Weert, The Netherlands, is responsible for the processing of personal data as described in this privacy statement. Hereafter, Koti Industrial and Technical Brushes B.V. will be referred to as ‘Data Controller’.

The term ‘Data Subject‘ hereafter refers to any natural person whose personal data is processed by the Data Controller.

1. General

This Privacy Statement describes how the Data Controller and its affiliated operating companies process the personal data of their Data Subjects/categories of data subjects, such as (potential) customers, job applicants, business partners, suppliers, and intermediaries.

2. Personal data

Personal data refers to information about an identified or identifiable natural person. The Data Controller may process the following data of Data Subjects, because the Data Subject uses the services of the Data Controller and/or because the Data Subject provides these themselves:

First and last name
Address details
Phone number
Email address
IP address
Other personal data that you actively provide for example by creating a profile on this website, in correspondence and by telephone
Data about your browsing behavior across different websites (for example, because this company is part of an advertising network)
Internet browser and device type

The Data Controller collects personal data of a Data Subject in the following way(s):

when the relevant Data Subject has provided such personal data to the Controller through the website;
by Data Subject contacting Processor with a request for information about Processor’s services or products;
by Data Subject placing an order with Processor; or
by being generated from Data Subject’s use of the Controller’s services or website, including through cookies; or
Through third parties, such as recruitment agencies in the context of recruitment and selection.

If a Data Subject is required to provide certain data, the Data Subject will be informed about the possible consequences when these are not provided. A Data Subject is never obligated to provide personal data. If a Data Subject refuses to provide his or her personal data, it is possible that the Data Controller cannot provide its services to the Data Subject.

Our website and/or service does not intend to collect data about website visitors who are younger than 16 years old, unless they have permission from parents or guardians. However, we cannot check if a visitor is older than 16. We encourage parents to be involved in the online activities of their children, to prevent data about children being collected without parental consent. If you are convinced that we have collected personal information about a minor without this permission, please contact us via privacy@koti-eu.com, and we will delete this information.

3. Purposes and bases for processing personal data.

The Data Controller processes the personal data of the Data Subject based on a legal basis under the General Data Protection Regulation:

a. Permission
b. Execution of an agreement with Data Subject.
c. Compliance with a legal obligation
d. Performance of a public interest task
e. Legitimate interest of Processor or a third party

The Data Controller processes certain personal data to pursue its legitimate interests. The legitimate interests of the Data Controller include, among others: marketing, advertising, research of own products or services, IT management and security, and sharing with parties affiliated with the Data Controller.

The Data Controller processes personal data for the following purposes:

Sending our newsletter and/or advertising flyer from Processor;
Offering products or services or maintaining a vendor relationship, including providing customer service or technical support and processing requests related to the products or services;
To establish and maintain a customer relationship with Data Subjects, for example, to send informational messages about products or services or to respond to questions and requests from Data Subjects;
Recruiting personnel, processing applications received through the Website or otherwise, screening the applicant as needed;
Informing you of changes to our services and products;
Offering you the opportunity to create an account;
Providing targeted advertisements based on the interests of Data Subject, using cookies and similar technologies to collect the relevant information about Data Subject;
To deliver goods and services to you;
Ensuring security (of IT systems), including data collected through use of access passes and sound and image data such as CCTV or images;
Koti Industrial and Technical Brushes B.V. analyzes your behavior on the website in order to improve the website and tailor the offer of products and services to your preferences.

4. Access to personal data and sharing with third parties

In principle, the Data Controller will not provide personal data to other parties. However, this may occur if:

the personal data is provided to processors engaged by Processor with whom a processor agreement is in place or independent processors, e.g. IT, hosting, HR or other service providers, external consultants, accountants or lawyers; or
Controller is required by a legal obligation to disclose personal data to competent authorities, for example, regulators or other public authorities; or
the personal data is provided to a company belonging to the group of Processor or another department within the company of Processor.

The provision of personal data to the aforementioned parties will only take place for the purposes mentioned in this privacy statement, and to the extent permitted under this privacy statement and applicable laws and regulations, or if the Data Controller has a legal obligation to provide personal data to a competent authority. Parties to whom personal data are provided are themselves responsible for compliance with privacy legislation. The Data Controller is not responsible nor liable for the processing of your personal data by these parties.

To provide the services, the Data Controller may be required to transfer personal data to countries outside the European Economic Area. When this is the case, the Data Controller will take appropriate safeguards to lawfully transfer personal data to such countries.

5. Cookies, or similar techniques

The Data Controller uses so-called ‘cookies’. With these cookies, the Data Controller automatically collects certain data about the history of activities of the Data Subject on its website and on third-party websites and apps, in accordance with the preferences specified by the Data Subject. This way, personal data of the Data Subject can be collected while the Data Subject uses the Data Controller’s website, other websites or apps, or when these are running in the background on the Data Subject’s device. This data can be combined by the Data Controller with other data about the Data Subject’s device, such as an IP address. If the Data Subject’s consent is required for this, the Data Controller will ask for it in advance.

The Data Controller’s Cookie Policy, which can be found here, contains further information about the use of cookies, including the purposes for which the Data Controller uses cookies.

6. Rights of Data Subjects.

The Data Subject has the right to access, rectify and delete his or her personal data, in accordance with the provisions of the General Data Protection Regulation. The Data Subject also has the right to object to the processing of his or her personal data.
Data Subject may request Processor to restrict processing and data portability. The latter means that Data Subject has the right to receive the personal data that Processor holds about him or her in a structured, common and machine-readable form and, if necessary, to have Processor transfer it to another Processor.
If the Data Subject has consented to the processing of their personal data, the Data Subject has the right to withdraw such consent at any time.
If the Data Subject wishes to exercise any of these rights, or if the Data Subject has any questions regarding this Privacy Statement, the Data Subject may reach Processor at privacy@koti-eu.com.
Data subjects may unsubscribe from the newsletter by sending an e-mail to marketing@koti-eu.com.
Data subjects have the right to file a complaint with the Personal Data Authority at: www.autoriteitpersoonsgegevens.nl//.

7. Retention period

The Data Controller retains personal data for a period of 12 months after the end of providing services to the Data Subject, unless the Data Controller is obliged by law to retain personal data for a longer period.

8. Changes to the Privacy Statement.

Controller reserves the right to modify this Privacy Statement. Controller shall announce such modification in accordance with the law. Any modification will be announced on this page and a clear notification will follow in case of a material change to the Privacy Statement. Controller therefore advises Data Subject to regularly check this page to see if any modifications have been made.
If Data Subject continues to use the Website and/or services of Processor once the changes are in effect, it means that Data Subject accepts the changes. If Data Subject does not agree to these changes, it should terminate its use of the Website and/or services.
The current Privacy Statement was last updated on 19-12-2024.

9. Contact

For questions or comments about this Privacy Statement and/or the processing of personal data, please contact the Data Controller via:

https://www.koti-eu.com
Celciusstraat 18, 6003 DG Weert, The Netherlands
+31 495 880 880
privacy@koti-eu.com

The Data Controller takes the protection of the data of Data Subjects seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized modification. If a Data Subject has the impression that data is not properly secured or there are indications of misuse, please contact privacy@koti-eu.com.