Privacy Policy

Privacy Policy

Whenever you enter our website, only our committee, Save A Bike, of student association Enactus reads and manages your personal data. As a bike shop we are required to register the customers first- and last name as well as their ID number (ID card/passport/driving licence) in the police database (opkoopregister) when selling and/or buying a bike to/from the customer. The purpose of this is to prevent the fencing of stolen goods and so the police can determine the rightful owner of a bike in case of theft

Who we are

Save A Bike

KVK number: 17252195 

IVA number: NL820769459B01

Contact details

Professor Verbernelaan, 80a
5037AJ Tilburg

Netherlands

saveabikestore@gmail.com

What Do We Do With Your Data?

You provide and we use your following personal data: name, surname, address, telephone number, last 4 digits of IBAN,We use these to ensure that you/we can:

  • Buy or rent a bike and other products on our website
  • Pick up chosen products at our store after having your identity checked
  • Deliver bikes and other products to the location of your choice
  • Deal with refunds or repairs that are covered by our warranties after having confirmed your identity and purchase history
  • Help the police to combat the sale of stolen goods

Data Storage

We conserve your personal data on our database for 5 years. After this your personal data will be delete

For our fiscal processing we will use the amounts for which we have sold/bought (a) bike(s) to/from the customer.

Data Security

We strive to maintain your data secure and close to our association at all times. Only members of our organisation have the right to consult your personal data to carry on with the transaction processes.

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

We use our google drive which only project members have access to as a security system. The receipts for our in-store sales are managed in Izettle which only project members have access to. Online sales are conducted by the use of WooCommerce with Mollie to process payments on the website. The order data related to WooCommerce is stored within our website’s wordpress database.

If you have any question about the system we use, you can contact them here:

Google drive: https://workspace.google.com/faq/ -> Security

Izettle: https://www.zettle.com/gb/payments/security

WordPress: https://wordpress.org/about/security/ 

Mollie: https://www.mollie.com/en/features/security

In Case Of Fraud

We are allowed to give your personal information to government agencies if we suspect that a case of fraud is occurring to conduct an investigation on the matter. You will be warned when that happens. 

In Case of Online Purchases

In case our partner WooCommerce was to conduct a validity investigation on a customer, we are obligated to provide these information. You can contact our partner at these coordinates:

1-877-273-3049

Woocommerce: https://woocommerce.com/contact-us/

Modify Or Delete Your Own Personal Data

Please email us if you wish to have some of your personal data deleted or if have any further questions on how your data is being used by our association.

Your Rights On The Matter By The General Data Protection Regulation

Art 15, GDPR: users have the right to ask the information controllers about the purpose, process, category and recipient of personal data, and even request a copy of gathered information.

Art 16, GDPR: users have the right to contact the controller and demand corrections of personal data if necessary.

Art 17: Users have the right for all personal data gathered to be deleted and to be informed of the process progress.

Art 18: users have the right to demand a limitation of information processing whenever it is proven to be: unlawful, inaccurate, the controller no longer needs the personal data for the purposes of the processing, or in contrast with article 21.

Art 19: The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16Article 17(1) and Article 18 to each users that requests it.

Art 20: users have the right to receive the personal data concerning him or her, after contacting the controller.

Art 21: users have the right to object, about the personal data processing concerning him or her which is based on point Article 6.

Art 22: Users have the right not to be subject to a decision based solely on automated processing.

Art 77: Users have the right to lodge a complaint with a supervisory authority especially in a EU member state if the he or her  considers that the processing of personal data relating to him or her infringes The GDPR.