Privacy and cookie policy

Shift2 respects your privacy and handles your personal data with care. We treat and secure your data with the utmost care and process it exclusively in accordance with applicable laws and regulations.

What personal data we process 

We record personal data as soon as you contact us, for example when you: 

  • enters into an agreement with us;
  • you subscribe to our newsletter;
  • attends one of our events;
  • is undergoing training;
  • uses our services;
  • express your interest via a form or contact moment. 

Personal data that we (may) process: 

  • First and last name
  • Gender
  • Address details
  • Phone number
  • Email address
  • IP address
  • Other personal data that you actively provide (for example, by creating a profile or contacting us by phone)
  • Location details
  • Activities on our website
  • Browsing behavior across different websites
  • Web browser and device type 

Use of photo and video material during events 

During events that we organize, photos or video recordings may be made. We sometimes use this visual material in our communications, such as on social media, our website, or in newsletters. We always do so with respect for your privacy. If you do not want to be (recognizably) photographed or filmed, please let one of our colleagues know in advance or during the event. In some cases, we also ask for explicit permission, for example via a registration form or consent list on site. 

Special and/or sensitive personal data 

Our website and/or service does not intend to collect data about visitors under the age of 16 without parental consent. Are you convinced that we have collected personal data from a minor without consent? Please contact us at contact@shift2.nl, and we will delete this information. 

For what purpose we process personal data 

We process your data for: 

  • sending our newsletter;
  • the ability to call or email for our services;
  • informing about changes to services/products;
  • improving the website through behavior and preference analysis. 

Use of anonymized data for advice and improvement 

 In order to provide you with better advice and continuously improve our services, we analyze anonymized usage data from our services. We use this data, for example, to provide advice on optimizing usage and performance, and for internal quality improvement. The data does not contain any personal information and cannot be traced back to specific individuals. 

Automated decision-making 

We do not make decisions based on automated processing that affects individuals. We do use CRM systems for customer management and personal contact. 

How long we retain data 

  • As long as you are a customer + 7 years (due to administrative obligations)
  • Direct marketing: as long as you are active or have given your consent 

Sharing data with third parties 

We only share your data with third parties if this is necessary for our services or to comply with legal obligations. We enter into agreements with processors for your security. 

International data processing 

If data is processed outside the EEA, we ensure appropriate safeguards, such as model contracts in line with the requirements of the European Commission. 

Cookies 

We use: 

  • Functional cookies (required, no consent needed)
  • Analytical cookies (such as Analytics – anonymized, no consent required)
  • Social Media cookies (only with consent)
  • Tracking cookies (only with consent) 

See also the explanation at veiliginternetten.nl (What are cookies?) or the explanation from the Information Security Service for Municipalities (Cookies on municipal websites - Information Security Service). 

Rights of data subjects 

You have the right to access, correct, delete, object, data portability, and withdraw consent. To do so, please contact us at contact@shift2.nl.  

Security 

We take appropriate measures against misuse, loss, unauthorized access, and alteration. Do you suspect a leak or misuse? Please email our CISO at contact@shift2.nl.  

Responsible Disclosure 

We take the security of our systems and users very seriously and attach great importance to improving it. Despite all precautions, it remains possible that a weak spot in the systems may be found. To stay one step ahead of malicious parties, we would like everyone who finds a vulnerability in our systems to report it to us. Please refer to our Responsible Disclosure at: https://www.shift2.nl/responsible-disclosure  

Unsubscribe & Complaints 

You can always unsubscribe from communications via the unsubscribe link or contact@shift2.nl. For complaints, please contact the Dutch Data Protection Authority via autoriteitpersoonsgegevens.nl. 

Changes 

We reserve the right to modify this policy. Please check this page regularly for updates.