De Graaf Bakeries Privacy Statement
Privacy Statement De Graaf Bakeries
In this privacy statement, we (De Graaf Bakeries BV) explain which personal data we collect and use, and for what purpose. We recommend that you read this statement carefully. Below, De Graaf Bakeries is referred to as ‘we’, ‘us’, or ‘our’.
Updated on: 10 June 2025
CONTENTS:
Use of personal data
Disclosure to third parties
Security and retention
Third-party websites
Minors
Changes to this privacy statement
Access to and modification of your data
Data Protection Authority
Entry into force
Privacy policy
Through our website, we offer various services to customers and non-customers. In doing so, we process personal data, which we handle with care and in accordance with applicable privacy laws. This policy is intended to inform you about the processing of your personal data.
Use of personal data
We process personal data when you visit our website or use our services. We only process the data necessary for the purposes for which they are collected.
We collect and process personal data such as:
Technical data from your device, such as IP address, MAC address, cookies, and browsing behavior on our website. This is based on our legitimate interests (e.g., to improve the website and for marketing purposes).
Depending on the services you use, we may process additional personal data. For certain services, it may be necessary to obtain your explicit consent, for example, for the use of cookies that are not strictly necessary.
Disclosure to third parties
We only disclose your personal data to third parties when necessary for the performance of an agreement, such as the delivery of ordered products or services. We share data with other parties only when we are legally obliged to do so or when we have received your explicit consent.
In cases where data must be shared with third parties, we ensure that agreements are made regarding the processing of personal data to guarantee data security. This may also apply to external service providers such as IT support or marketing companies.
Security and retention
We take appropriate technical and organizational measures to protect your personal data against loss or unauthorized access. These measures are proportionate to the risks of processing.
We do not retain personal data longer than strictly necessary for the purposes for which they were collected, or longer if required by law. Data that is no longer necessary is carefully destroyed.
Third-party websites
Our website may contain links to external third-party websites. We are not responsible for the privacy practices or content of these websites. We recommend that you read the privacy statements of these websites before providing any personal data.
Minors
Our services are not intended for persons under the age of 16. We do not process personal data of minors unless this is done with the consent of a parent or legal guardian.
Changes to this privacy statement
We may amend this privacy policy from time to time. Any changes will be published on this page. We recommend that you consult this privacy statement regularly to stay informed of the most recent version.
Access to and modification of your data
You have the right to access the personal data we process about you, as well as the right to correct or delete this data. To prevent misuse, we ask you to include a copy of a valid ID with your request for access. Please be sure to mask your Citizen Service Number (BSN) and photograph on this copy.
Data Protection Authority
If you have any complaints about the processing of your personal data, you can contact us. If you are not satisfied with the handling of your complaint, you have the right to file a complaint with the Data Protection Authority, the privacy supervisory authority in the Netherlands. You can submit a complaint via the Data Protection Authority’s website.
Entry into force
This privacy statement enters into force on 24 April 2018 and applies to all processing of personal data carried out after this date.