From whom do we process personal data and how do we get this data?
We process the personal data from anyone who has had direct or indirect contact with Morphotonics B.V. such as customers, partners, employees or any other stakeholders.
We get the data directly from you, when you visit our website, create an account and fill in some data or when you contact us. In some cases, we receive your data from third parties but only when you authorize those parties to share certain information with us.
How we use your personal data
General categories of personal data that we may process:
Usage data: We may process data about your use of our website and services. These data may include your IP address, geographical location, browser type and version, operating system, length of visit, page views and website navigation paths but also information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. We process these data for the purpose of analyzing the use of the website and services.
Service data: We may process your personal data that you provide to us in the course of the use of our services. The source of this data is you or your employee. This applies to our customers and all other stakeholders to which we provide services.
Enquiry data: We may process information contained in any enquiry you submit to us regarding our products and services.
Customer relationship data and customer service: We may process information related to our customer relationship including customer contact information. You can contact us 24/7. You can call or email us or send us a message via social media. We will help you in the shortest time possible. The notes about the customer contact will be kept as long as you are an active customer. We have a legitimate reason to retain this data such as improving our services. When you send us a private message via social media, your message will be shared with the third-party through which you send us the message (e.g. YouTube, LinkedIn). To ensure your data stays safe, always protect your accounts with strong passwords and keep these safe. We cannot prevent a data leak which happens due to your indiscretion. Customer relation data may also be collected for the purpose of managing our relationships with our customers, communication with the customers, keeping records of the communication between us and our customers and promoting our products and services.
Information for marketing: We have arranged listings, special promotions and news that we want to share with you. We share that through email. If you agree, we will email you offers, personal recommendations and information. If you prefer to not receive this type of information you can opt out of newsletters immediately. At the bottom of each email we send, we give you an option to opt out. Please use this option if you wish to not receive emails from us anymore.
Data from customer surveys: We are always working on improving our services and better match our customer’s requests. Therefore, we will need your data (customer ID, email address, and/ or telephone number) to invite you in customer or market research. Participation is entirely voluntary. You decide yourself if you want to join the investigation. The length of the time we keep the data varies per research. We delete all information that can identify you as soon as the investigation is completed.
Data to prevent fraud: To avoid security incidents and fraud we use your data. The data we use are IP address and search behavior. This enables us to prevent unauthorized access and to prevent, counter and investigate fraud.
In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Please do not supply any other person’s personal data to us, unless we prompt you to do so.
Where we store the data
We store your data within the European Economic Area. However, it may happen that certain information we collect are transmitted to destinations outside the EEA, for example, because one of our external service providers is established there. When this is the case, we make sure that this happens in a safe and lawful manner.
How do we secure your data?
We take a lot of measures to ensure your personal data is secure at both organizational as well and technical level. Out IT service provider ensures that our systems are secure and not vulnerable to threats. Through rigorous access controls, we ensure that your personal data are only accessible to employees that are authorized to use the data. If we give your information to other external service providers, then we ensure, through contracts, that they deal with your data as serious as we do.
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.
We will notify you of significant changes to this policy by email or through the private messaging system on our website.
Your principal rights under data protection law are:
The right to information: You have the right to confirmation as to whether we process your personal data and, where we do, access to the personal data;
The right to inspect: You have the right to inspect at any time. We will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee;.
The right to correct: You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
The right to object to: You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.
The right to data portability: You have the right to transfer the information that you have given to us in the framework of the agreement that you have entered into with us. You have the right to receive a machine-readable format, so you can save this data in a database of yours or another party. This includes your name, address and residence information. To obtain this information, please send an email via the contact form.
The right to restrict processing: In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful, but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
The right to be forgotten/request for account delete: In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
The right to complain to a supervisory authority: If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. When you have a complaint, please contact us via the contact form.