This Privacy Statement Derby Cycle governs the collection, use and other forms of processing of personal data by Derby Cycle Holding GmbH (“Derby Cycle”) related to our services, our Derby Cycle products and this website.
Who is responsible for collecting and processing of your personal data?
Derby Cycle (Siemensstraße 1-3, 49661 Cloppenburg, Deutschland) is the legal entity responsible for all collection and all processing of your personal data in connection with the products, services and websites of Derby Cycle.
Derby Cycle is part of Pon Holdings B.V. its affiliates and its subsidiaries (“Pon”). Derby Cycle and Pon are committed to respecting and safeguarding your privacy and the security of your personal data you share with us.
Why do we process your personal data?
Personal data is information that identifies you as an individual or relates to an identifiable individual. When you choose to register your personal data, contact us, or visit our websites, we will process some personal data about you. We process these personal data for the following purposes:
communicate with you in a personal way or to inform you about Derby Cycle products or services; consistent with your choices;
provide customer service, including service around the purchase of services and products, fulfil warranty obligations and product recalls for our own services and those of related companies, and to deal with any enquiries or complaints;
administer and fulfil your purchases of Derby Cycle products including the financial and logistic handling;
administer your account;
administer your participation in any contests, promotions, surveys or website features;
perform market research and improve our business, services and Derby Cycle products; or to develop new business, services and products;
perform statistical analyses and reporting;
providing services on the Internet;
communicating with participants and offering a loyalty program;
provide app functionality, including providing relevant commercial messages;
to communicate future promotional and marketing information including direct marketing purposes and retargeting;
to aggregate and/or anonymize personal data in order to generate other data for our use;
to comply with our legal obligations, resolve disputes, or enforce our agreements;
as otherwise stated at or about the time information is collected.
Which personal data we collect?
Which personal data we exactly collect, depends on the which websites, products or services you use. We process the following personal data:
Personal data you provide
This is the personal data that you enter when you use our websites, products or services. This data includes e.g. your name, address, gender, email address, phone number, age, birth date, Derby Cycle products you bought, the account name and password that you create, bank details for buying Derby Cycle products etc.
This is data that is collected or generated automatically when you use the websites, products or services of Derby Cycle. Metadata is often collected or generated when using a computer or device when you send data via a computer network, such as the Internet. This data contains data that may be used by the user interface or device activities, as well as IP addresses, unique device identifiers, MAC addresses of Wi-Fi and Bluetooth devices, cookies and data from computer activities itself.
Data collected via sensors
Many products are equipped with one or more sensors or use the sensors of the devices on which the products are provides. Examples of sensors are GPS receivers, Wi-Fi or Bluetooth receivers, a camera and touch screens. In accordance with the purposes for processing the via the sensors collected data about you and the used devices will be send to Derby Cycle and other third parties that need the data for providing the agreed services to Derby Cycle.
Our legitimate interests include: marketing, advertising, security, (crime) prevention, IT management, research and analysis of our products or services, business management, legal affairs, internal management.
You have the right to withdraw your consent which you may have given to the processing of your personal data at any time by sending your withdrawal request to firstname.lastname@example.org
How do we share or transfer your personal data?
You should be aware that Derby Cycle is part of a business group within Pon and that departments (like IT, Marketing) can be located in Pon companies around the world. As a consequence your personal data may be shared within and/or transferred to other business group companies or other Pon companies around the world. You can consult the list and location of our companies here: www.pon.com/en/our-business/bedrijven.
Derby Cycle may share your personal data also with third parties to perform certain processing activities on behalf of Derby Cycle and to facilitate services they provide to us. These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
Derby Cycle may also share your personal data to third parties, to permit them to send you marketing communications, consistent with your choices. Derby Cycle requires these third parties to process and protect your personal data diligently. Derby Cycle will not sell your personal data to third parties.
Derby Cycle or Pon might reorganize, merge or in any other way sell or dispose (part of) a business company to another company. Where such business relates to Derby Cycle, such transfer of ownership may include the transfer of your personal data to the new owner and its advisors. We will otherwise only disclose your personal data if so required or authorized by law, where necessary for preventing or combating fraud, where necessary for dispute resolution, or for any other pressing legitimate need which under the circumstances must outweigh your privacy interests, such as the security of our business and the safety of our staff.
How do we protect your personal data?
Derby Cycle will take appropriate technical and organizational security measures against loss or unlawful processing of this data. This may include using secure registration forms, encryption of data, and restricting access to your personal data.
Please note that some third countries do not provide for an adequate level of protection for your personal data. However, you can be assured that Derby Cycle will take appropriate safeguards for the confidentiality and protection of your data. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, standard contractual clauses adopted by the European Commission, to protect your personal data. You may obtain a copy of these measures by contacting email@example.com
How long do we retain your personal data?
We retain personal data for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.
The criteria used to determine our retention periods include:
The length of time we have an ongoing relationship with you and provide our services to you (for example, for as long as you have an account with us or keep using our services);
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Cookies, web beacons and similar techniques
If you would like to request to review, correct, update, suppress, restrict or delete personal data, object to the processing of personal data, or if you would like to request to receive an electronic copy of your personal data for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us via firstname.lastname@example.org
We will respond to your request consistent with applicable law. In your request, please make as clear as possible what personal data your request relates to. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event within any applicable legally required timeframes.
We may change this Privacy Statement from time to time. Any changes will become effective when we post the revised Privacy Statement. If necessary, we will inform you when we change the Privacy Statement. This statement was last modified on date: January 16th, 2020.
Contact, questions, feedback and Data Protection Officer
If you have any questions about this Privacy Statement, please contact us at email@example.com
You may also contact our Data Protection Officer (DPO) via firstname.lastname@example.org You have the right to lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs.