1. Scope

1.1 This privacy statement provides you with information about how First European Data Rep B.V. (“we” or “FEDR”) collects and processes personal information. We process personal information in connection with our website and our general and marketing communications. This Statement provides details on how we do that.

1.2 We also collect and process personal information in the course of our service provision for non-European data controllers and data processors that we represent. However, as the latter data processing primarily takes place in our role of representative of and data processor to our clients, these processing operations are not in scope of this Statement.

1.3 If you have any concerns or questions that cannot be answered in this statement, please contact us using the below contact details.

2. Data we collect via our website and general communications

2.1 We collect personal data that is necessary to make available our website and offer the services we offer through our website. We also process information in the course of additional services we provide via our website, for which we need personal data, such as a contact form, our newsletter , self assessment tools and other publications.

3. Who is responsible for processing your personal data?

3.1 First European Data Rep B.V. is the data controller in respect of the personal data processing activities set forth in this statement. The registered office address of First European Data Rep B.V. is at Schiphol Boulevard 195, 1118 BG Schiphol, the Netherlands.

4. Which data do we collect?

4.1 FEDR mainly collects personal data when you provide your personal data through our contact form, subscribe for an event or newsletter or download certain restricted publications. In these cases, we exclusively collect the following data:

(4.1.a) Individual contact details (name, address, e-mail, phone);(4.1.b) Company details (address, tax number, chamber of commerce number);
(4.1.c) Account details (if applicable), such as username and password;
(4.1.d) Details we exchange in the course of proposing our services, assessing prospective clients for eligibility (if applicable);
(4.1.e) Personal data you share by communicating with us;

4.2 We may also collect your personal data if we receive such data from a client or prospective client (e.g. the contact details of the staff involved) and from people who contact us in our capacity as representative of a non-European data controller or processor. In the latter case that data will be processed for the account of the relevant client, FEDR only processes such data for and on behalf of such client. We may, however, also keep copies of communications we receive where this is necessary for the preservation of our rights, for instance when we keep record and copies of the fact that we forwarded a message in accordance with our task and duty as designated representative.

4.3 We also use data from public sources for marketing purposes, for instance when we are trying to identify a group of data protection professionals and other business representatives to whom we wish to bring our services to their attention.

5. For what purposes is personal data collected?

5.1 Personal data collected through our website(s) are only used for the purposes for which they were provided. If you provide your contact details when requesting a proposal, we will only use your details to contact you in relation to that request. Similarly, if you make use of our contact form or provide your data to get downloads, we will use the data provided to respond to your query, send the content you asked for and for any other purposes we communicate upon collection of the data at hand.

6. Legal bases

6.1 When processing personal data we rely on the following legal bases:
(6.1.a) Because the processing is necessary for executing a contract
(6.1.b) Because we need to keep or provide data because we are so required on a legal obligation
(6.1.c) Because we have established that the processing of the personal data is in the legitimate interest of FEDR or third parties, which is not overridden by data privacy rights of the individuals involved
(6.1.d) On the basis of the permission we have obtained for a given processing (for instance your consent to send us marketing communication and newsletters).

7. Data sharing with third parties in and outside the EEA

7.1 Sharing data related to the communication between our clients and their data subjects and authorities is inherent to what we do. As the clients we represent are located outside the EU, any queries or complaints you send us in relation to such client will be forwarded to recipients in countries whose privacy laws are not considered ‘adequate’, including the U.S., Canada, Mexico, Australia and Mainland China, inter alia (all depending on who the clients is that designated us as representative and is involved in a given communication).

7.2 In accordance with this privacy statement and as permitted by law, FEDR may use third parties for certain services. As far as third parties use your personal data for carrying out their services, they have the permission of FEDR and FEDR took all the necessary technical and organizational precautionary measures to ensure that your personal data is only used for the purposes mentioned before

7.3 FEDR works together with the following third parties:
(7.3.a) For analyzing the effectiveness of our website: Google Analytics
(7.3.b) For sending our newsletters: MailChimp

7.4 FEDR does not sell personal data to third parties, nor will it give your personal data to third parties, other than as specified above or on the basis that we are obligated by law (e.g. in the event of a lawful request by a court or law enforcement authorities).

8. Data retention

8.1 Your personal data will be deleted or made anonymous when the data is no longer needed for the processing purposes as mentioned in this privacy statement.

8.2 Communications that we receive and send in our capacity of data protection representative will be kept for seven years, and, in case certain communication is needed for a legal claim or other legal issue, as long as that issue is ongoing.

8.3 If you make use of our contact form, we will keep your data as long as we deliver our services to you or as long as we are in a service-relation.

9. Data security

9.1 FEDR highly values your privacy. Therefore, we take measures to protect your data from being stolen, lost or used in any way that is not in line with the purposes for which the data was collected. We work with secured networks and use encryption as appropriate.

10. Data subjects’ rights

10.1 At any given time, you can file a request to view your personal data, to correct or to destroy such data. Furthermore it is your right to request limitation of data processing, and, if applicable, to object against further processing of your personal data and / or request porting of your data. You can exert your rights by contacting us via info@eudatarep.com. In order to verify your identity, we ask you to attach a copy of your ID (please redact your social security number before sending) so that we can verify your identity and protect you and us against the risk of providing personal data to the wrong parties.
10.2 When you have given us permission to use your data, you can withdraw this permission at any time. Do note that withdrawing your permission is not retroactive.
10.3 You can also file a complaint with the Netherlands’ Supervisory Authority (Autoriteit Persoonsgegevens).

This privacy statement was lasted updated on 24 May 2018

Cookie Statement

11. Introduction

11.1 In this document we inform you about the use of cookies on the FEDR website(s). It concerns processing of all personal data by FEDR B.V. through www.eudatarep.com, www.firsteuropeandatarep.com and www.datarep.eu
11.2 We use cookies (or comparable techniques like pixels and javascript (after this: “cookies”)) for optimizing the website(s) and to analyze website traffic. If you wish to know more about cookies, the way we us them and how to delete cookies, please read our cookie statement.11.3 If you have any questions or concerns about the use of cookies by FEDR, please contact us via info@eudatarep.com.

12. Cookies and “similar techniques”

12.1 Cookies are small files which are stored on a user’s computer or mobile device. They are designed to hold a modest amount of data specific to a particular client and website (such as language preferences) and can be accessed either by the web server or the client computer. FEDR uses multiple cookies. Below you can read more about how FEDR is processing cookies.

13. How do we use cookies?

13.1 FEDR B.V. uses the following cookies
(13.1.a) Functional cookies
(13.1.b) Analytical cookies
13.2 We us these cookies for analytical purposes only. To install these cookies we do not need your permission because the impact of these cookies on your privacy are very limited.
13.3 FEDR also used pseudonymized statistics about you. The following data will be processed about your visit to our website(s):
(13.3.a) IP address and technical details about your browser, device used and the resolution of your computer/mobile screen;
(13.3.b) The website you visited before visiting our website;
(13.3.c) Where and how long you have been visiting our website, and which parts of the website you visited;
(13.3.d) The functionalities of the website you used;
(13.3.e) more detailed information regarding all cookies and comparable techniques that are being used on our website(s) can be found below.

Cookie Purpose Further details
Google analytics

These are cookies set by the Google Analytics service which enable us to track visitor behaviour and measure site performance.




14. The right to withdraw permission

14.1 The easiest way to delete cookies, is through the settings of your internet browser. If you do not wish to use cookies on any device anymore, you need to change your browser settings. Please take into account that this can change your online experiences.

This Cookie statement was last updated on 28 May 2018