We make every effort to ensure your privacy and therefore handle personal data with care. Kantjil Amsterdam B.V. adheres to applicable laws and regulations in all cases, including the General Data Protection Regulation. This implies that we:
- Processing of your personal data is limited to only the data that is minimally required for the purposes for which they are;
- Ask for your explicit consent if this is necessary for the processing of your personal data;
- Have taken appropriate technical and organizational measure to ensure the security of your personal data;
- Will not pass on personal data to other parties in any way, unless this is necessary for carrying out the purposes for which they were originally provided;
- Op de hoogte zijn van uw rechten omtrent uw persoonsgegevens, u hierop willen wijzen en deze respecteren.
Information we gather
In order to be able to provide you with optimal service, it is possible that we collect personal information. In principle, we use Google Analytics, for which a processor agreement with Google has been concluded. We do not share any data with Google and all data is anonymised before being processed. The collected data is not used for advertising purposes.
For reservations using the website, your name, telephone number, e-mail address and gender are processed. These are collected by an external webhost and shared with us. We save this data as long as necessary for the reservation, after which they can be stored up to 7 years in the reservation data as part of the financial administration, as required by law.
For caterings and groupreservations, we can ask for additional data: your address. This is stored until the assignment is carried out, after which they can be stored up to 7 years in the financial administration.
For employees, we are required by law to gather and save more personal data. This includes name, address, telephone numbers, e-mail addresses but also gender, date and place of birth, marital status, social security number (BSN), bankinformation and salary data. This information will only be used as required by law and for communication purposes, and will be stored for a maximum of 7 years in the financial administration if required by law.
All gathered information is stored and processed within the EU.
Provision to third parties
The data you provide to us can be shared with third parties in case this is required for our business operations and for carrying out the before mentioned goals. We use third parties to:
- Assist us with the (financial) administration;
- Analyse our website;
- Take care of reservations;
- Assist us in making the timetables for our staff.
We never pass on personal data to third parties with whom we have not entered into a processor agreement. With these parties (processors) we make the necessary arrangements to ensure the security of your personal data. Apart from this, we will never pass on the information provided by you to other parties, unless this is legally required and permitted. An example of this is a police warrant for personal data in the context of an investigation. In such a case we must cooperate and are therefore obliged to provide this information. We may also share personal data with third parties if you give us permission in writing.
It is possible that you share information with us unsolicited, for example in a suggestion or review. We regard this information as non-personal and are therefore free to use and distribute this information without limitations.
To our knowledge, we do not collect and process personal data of minors (under the age of 16).
Kantjil Amsterdam B.V. does not store personal data longer than strictly necessary for the purpose for which is was provided, unless when required by law.
We have taken appropriate technical and organizational measures to protect your personal data against unlawful processing. Our precautions include, but are not limited to:
- All individuals that have access to your data are kept to confidentiality;
- We use a username/password policy on all of our systems;
- We secure access to physical documentation of personal data;
- We pseudonymise and encrypt personal information if there is a reason to do so;
- We make back-ups of personal data to recover in case of physical or technical incidents;
- We test and evaluate our protocols and measures regularly;
- Our employees are well informed about the importance of the protection of personal information.
Rights concerning your personal data
You have the right to inspect and rectify the personal data we have received from you, and the right to request deletion. You can also object to the processing of your personal data (or a part thereof) by us or by one of our processors. Furthermore, you have the right to have the data provided by you transferred by us to yourself or by order of you directly to another party. We can ask you to identify yourself before we can comply with the aforementioned requests.
In case you have given us permission to process your personal data, you always have the right to withdraw your consent.
If you have a complaint about the processing of your personal data, we ask you to contact us directly. In case we cannot come to consensus, we sincerely regret that. You always have the right to submit a complaint with the Dutch Data Protection Authority, this is the supervisory authority in the field of privacy protection.
Kantjil Amsterdam B.V.
1012 VS Amsterdam