Terms and Conditions

Privacy Policy

Privacy Policy

General

This privacy statement applies to the processing of personal data of website users, customers (both consumers and businesses) and suppliers by Vlisco Netherlands B.V. and its subsidiaries and affiliates, if any, hereinafter jointly to be referred to as “Vlisco”.

If you are a Vlisco employee, please refer to the employee privacy statement, which you will find on the Vlisco Intranet.

Processing of personal data by Vlisco

Vlisco commits to being open, fair and transparent to its external relations about the processing of personal data. In that respect, Vlisco highly values providing you with exact information as to what personal data Vlisco collects and what the purposes are for which it will use such personal data. This privacy statement provides as structured a description thereof as possible. Vlisco warrants the careful collection, use and deletion of personal data, in compliance with laws and regulations.

Access, change, deletion or restriction of personal data

As an external relation, you have the right to access your registered data as well as to receive a copy thereof. In addition, you have the right:

  • to rectify your personal data (if you have good reason to do so);

  • to erasure/to be forgotten. Based on this right, you may request that Vlisco erases your data if:

    • their processing is no longer needed to realise the purpose;

    • the purpose of the processing is based on your consent and you withdraw such consent;

    • you have good grounds to object to the processing;

    • there is no legal basis for the processing.

You may send a request for access, rectification, deletion, objection or data portability to [email protected]. A response to your request will be given within four weeks.

Should you have a complaint about the way in which Vlisco processes your personal data, you may also submit that to [email protected]. Absent satisfactory results, you may submit a complaint to the national supervisor, the Dutch Data Protection Authority, using the following link: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons

Website users

You come under the category of ‘website users’ if you visit Vlisco websites to obtain information, to submit a question and/or to subscribe to a newsletter. You may subscribe to a newsletter if you are aged 16 or over. If you also intend to order items, the additional forms of data processing as described under customers will apply.

For what purposes does Vlisco use your personal data?

Vlisco collects a limited amount of data on its website users, which Vlisco uses to improve its website and to manage its services. Such data include information about the way in which you use the Vlisco websites, the frequency with which you visit such websites, and the most popular times to visit the Vlisco websites. For further details, please refer to annex 1.

If you have contacted us on the website to submit a question or to subscribe to a newsletter, Vlisco will use, among other things, your name, email address, telephone number and address to answer your question or to send you email newsletters of Vlisco or its subsidiaries.

What legal bases apply?

Vlisco solely processes personal data with your prior consent, as required by the General Data Protection Regulation (GDPR).

With whom does Vlisco share your data?

Vlisco does not provide your data to third parties. In certain cases, however, Vlisco makes use of the services of third parties who process data under its responsibility, such as sending mailings and analysing the use of the website. In order to safeguard your privacy, Vlisco has entered into data processor agreements with such third parties.

For how long will Vlisco retain your personal data?

Vlisco will not retain your data any longer than is necessary to realise the purposes referred to in this privacy statement. The data will be retained until such time as you unsubscribe or 28 days after answering your question.

Customers – Consumers

You come under the category of ‘consumers’ if you purchase items from Vlisco Group as a private individual, either at Vlisco’s physical store(s) or at its webshop(s). You must be aged 16 or over to place orders at a Vlisco webshop.

For what purposes does Vlisco use your personal data?

For purposes of making purchases at the webshop, Vlisco registers your name, email address, telephone number, address, data about your order and payment data. These data are used to deliver your order, to send an invoice, to settle payment and for communication about the order.

For purposes of making purchases at a Vlisco store, the necessary data, such as your name, email address and address will be registered only if you indicate that you wish to receive email offers and/or wish to reclaim VAT.

What legal bases apply?

Vlisco processes personal data solely with your prior consent, if this is necessary to complete your order and/or if there is a legal obligation for purposes of a VAT refund, as also required by the General Data Protection Regulation.

With whom does Vlisco share your data?

Vlisco does not provide your data to third parties. In certain cases, however, Vlisco makes use of the services of third parties who process data under its responsibility, such as handling payments via the webshop and dispatch of goods purchased.

For how long will Vlisco retain your personal data?

Vlisco will not retain your data any longer than is necessary to realise the purposes referred to in this privacy statement. Your purchase data will be retained for a period of 7 years in line with the retention obligation for tax purposes. The other data will be deleted as soon as you unsubscribe or at your request.

Customers – Businesses

You come under the category of ‘businesses’ if you are acting as a contact for an organisation purchasing items from Vlisco Group at the Wholesale channel, either using the web Portal or otherwise.

For what purposes does Vlisco use your personal data?

Vlisco collects business contact data, such as your name, email address, telephone number and company data. Such data are used to maintain a business relationship with you with a view to the delivery and invoicing of your orders and to bring offers to your attention.

In addition, Vlisco may require a copy ID and an ‘Ultimate Beneficial Owner’ (“UBO”) statement from you for purposes of the Dutch Anti-Money Laundering and Anti-Terrorist Financing Act [Wet ter voorkoming van witwassen en financieren van terrorisme (“Wwtf”)]

What legal bases apply?

Vlisco processes personal data solely with your prior consent, if this is necessary to handle your order and/or if Vlisco is under a legal obligation to do so for purposes of a VAT refund, as also required by the General Data Protection Regulation (GDPR).

With whom does Vlisco share your data?

Vlisco does not provide your data to third parties. In certain cases, however, Vlisco makes use of the services of third parties who process data under its responsibility, such as despatch of goods purchased and management of contact data. In order to safeguard your privacy, Vlisco has entered into data processor agreements with such third parties.

For how long will Vlisco retain your personal data?

Vlisco will not retain your data any longer than is necessary to realise the purposes referred to in this privacy statement. Your company’s order data will be retained for a period of 7 years in line with the retention obligation for tax purposes. The data required for purposes of the Wwtf will also be retained in accordance with the statutory period of 7 years. The other personal data will be deleted as soon as you unsubscribe or at your request.

Suppliers

You come under the category of ‘suppliers’ if you are acting as a contact for an organisation that provides goods/services to Vlisco. This also includes any private individuals engaged who are not paid through Vlisco’s payrolling administration.

For what purposes do we use your personal data?

Vlisco collects business contact data, such as your name, email address, telephone number and company data. Such data are used to maintain a business relationship with you with a view to the provision of goods and services.

In the event of engaging private individuals, the following additional data may be collected: copy ID, bank data, performance, assessment and training data (for temporary agency workers only) data on assets made available by Vlisco (for temporary agency workers only), presence and absence data (including business travel and lodging), logs of activities in ICT systems and CCCT footage. The data will be used for purposes of performance of the agreement and to comply with a legal obligation.

What legal bases apply?

Vlisco solely processes personal data if necessary for the performance of agreements, if there is a legal obligation to do so (such as the retention obligation for tax purposes, the Foreign Nationals Employment Act [Wet Arbeid Vreemdelingen], and the Compulsory Identification Act [Wet op de Identificatieplicht]), and/or where Vlisco has a legitimate interest (to protect its goods and its persons), as also required by the General Data Protection Regulation (GDPR).

With whom does Vlisco share your data?

In principle, Vlisco does not share your data with others. It only does so if this is necessary for purposes of performance of Vlisco’s services or if there is a legal obligation to do so. In such event, Vlisco will share the data with:

1. Vlisco’s own employees

Vlisco will share the data with employees where the purpose of processing is in line with their positions. These may be employees of branches outside the EEA. In such event, Vlisco has implemented appropriate measures to safeguard your privacy. For example, access to personal data is restricted on a need-to-know basis, formal arrangements are made with the relevant branches, processing activities are recorded, data are encrypted, and the security of the relevant branches is periodically tested.

2. Service providers working for Vlisco

Vlisco works with various service providers, including contractors that build and administer our ICT systems. Proper arrangements are made with such service providers as to their obligations and powers, which are contractually recorded in data processor agreements.

For how long will Vlisco retain your personal data?

Vlisco will not retain your data any longer than is necessary to realise the purposes referred to in this privacy statement. The following retention periods will apply:

  • Statutory retention periods, e.g. for transactions with your company. These will be retained for a period of 7 years in line with the retention obligation for tax purposes.

  • CCTV footage may be retained up to 28 days, after which it will be destroyed, unless there is a good reason to retain the footage for a longer period (e.g. if it is relevant to a police investigation).

Statement is subject to change
  • Vlisco reserves the right to change or modify this privacy statement, for example if the processing method or the regulation is changed. In case of a significant amendment, Vlisco will notify you. 

Annex 1: Cookies and surfing behaviour

Vlisco websites use so-called cookies. These are small text files which are stored on your computer when you visit the website and which can be read out at a later point in time. These cookies and similar techniques are used to facilitate navigation on our website. They can also be helpful in making the Vlisco websites more user-friendly. They make sure, for example, that you can stay logged in during your visit and that the contents of your shopping cart are stored during your visit. If you wish, cookies can also be used by Vlisco to store personal information, such as your login name, language preferences and the contents of your shopping cart for next visits, so that you need not enter them again each time.

 

Cookies are also used to facilitate interaction with social media such as Facebook, Twitter and Pinterest, if and for as long as you are logged into these media.

 

Vlisco websites do not use any cookies to register or monitor your individual surfing behaviour to other websites.

 

Vlisco websites do, however, use Google Analytics cookies to collect aggregated and anonymous information about surfing behaviour on our websites and to tailor the general contents of the websites to user preferences. The information generated by Google about your use of this website (including your IP address) is sent to and stored on a Google server in the US. We understand that Google endorses the US Safe Harbor principles and is registered with the Safe Harbor programme of the US Department of Commerce. We do not allow Google to use analytics cookies for third parties.

 

Cookies from the Vlisco websites can be recognised by the domain of vlisco.com and will automatically be deleted after a fixed period:

1001: will be deleted 5 years after your last visit to the relevant website.

 ASP.NET_SessionId: will be deleted as soon as you close your browser.

 CurrentCountryId: will be deleted 360 days after your last visit to the relevant website.

 CurrentLanguage: will be deleted 360 days after your last visit to the relevant website.

 InterfaceLanguage: will be deleted 1 year after your last visit to the relevant website.

 _atuvc: will be deleted 2 years after your last visit to the relevant website.

 firstVisit: will be deleted 365 days after your last visit to the relevant website.

 nonShippingcountryId: will be deleted 360 days after your last visit to the relevant website.

 projekktor_controlbar: will be deleted 356 days after your last visit to the relevant website.

 tca: will be deleted 360 days after your last visit to the relevant website.

 vatVersion: will be deleted 100 years after your last visit to the relevant website.

 popup: will be deleted 10 days after your last visit to the relevant website.

 

 Google Analytics cookies can be recognised by the following names and will automatically be deleted after a fixed period:

 _utma / utmv / utmx : will be deleted 2 years after your last visit to the relevant website.

 _utmz : will be deleted 6 months after your last visit to the relevant website.

 _utmb : will be deleted 30 minutes after your last visit to the relevant website or at the end of a day.

 _utmc : will be deleted as soon as you close your browser.