PRIVACY NOTICE TO BUSINESS CUSTOMERS - Art. 13 EU Regulation 2016/679
This privacy notice is published on this web page for information purposes only and only applies to B2B sales. This does not apply to any purchase of consumer products on this website.
Data Controller (re. operation of the website): VF INTERNATIONAL S.A.G.L. – BRAND DIVISION, Via Laveggio 5, 6855 – Stabio, Switzerland (represented in the EU for purpose of personal data protection compliance by VF Europe BVBA, with registered office at Fountain Business Park, C. Van Kerckhovenstraat 110, 2880 Bornem, Belgium, VAT BE 0405.039.138 RPM Antwerp Division Mechelen)
Data Controller (re. contractual relationship, commercial transactions and others): the VF local subsidiary responsible for B2B sales in your country. The relevant VF subsidiary is also identified on the invoice, in case of a purchase of goods from VF. For more information, you can contact the Data Protection Officer.
Data Protection Officer (DPO) reachable at email@example.com.
Legal basis and purposes of the processing (contractual relationship and others): Kipling collects and processes personal data of the customer, i.e. the natural person and/or the contact person and/or employee of the customer, such as his or her name and surname, contact details, fiscal and banking data, products purchased as part of the contractual relationship between the us, and only for the following purposes: to execute the contract and fulfill the obligations it entails, for administrative and accounting purposes (this processing is necessary for the contract you enter with us and for our legitimate business interest in managing our customer relationships), to fulfill our legal obligations, and to send the customer (or the customer's contact person or employee) discounts, promotions and other marketing communications (subject to the individual's consent when required by law).
Categories of recipients: The aforesaid personal data may be solely disclosed for the purposes identified above to determined third parties, among others, legal consultants and accountants, banks, credit insurance companies, transport service providers, auditing firms or debt collection companies, affiliated companies, subsidiaries and parent companies, within the limits of the aforesaid processing purposes or for reasons of internal organization. An updated list of the data recipients, including of affiliated companies, subsidiaries and parent companies of the VF group, is available upon request.
Authorized persons and Data Processors: Other subjects may become aware of the personal data in their capacity as persons authorized to process personal data, as is the case for our employees assigned to the necessary tasks for the performance of the contract You have subscribed, and the data processors appointed by the Controllers and instructed according to specific data processing agreement. An updated list of the data processors is available upon request. Under no circumstances, the processed personal data will be disseminated. Therefore, the provision of the above indicated personal data is necessary for enabling compliance with legal and contractual obligations and failure to provide such personal data shall hinder the execution and management of Your contractual relationship with the Controllers.
Processing methods and storage period: The customer's personal data are processed through electronic and manual means for the purposes indicated above. Such personal data are stored by the Controllers and by data processors only for the time strictly necessary to comply with the legal obligations of the Controllers and to fulfil the purposes for which the data is collected. All data is kept under appropriate technical and organizational security measures to ensure the integrity and confidentiality of the data. Where the necessity to process the customer's personal data ceases, his or her data will be erased or will adequately be rendered anonymous, unless their storage becomes necessary for longer periods for reasons of public interest.
Transfer to third countries: Some of the third parties to whom we disclose the customer's personal data may be established outside the European Union ("EU"). If the recipient of the persona data is established in a country which does not ensure an adequate level of protection, the Controllers will adopt all appropriate safeguards to ensure that the personal data transfer outside the EU be adequately protected as required by the applicable personal data protection law (e.g. the EU Standard Contractual Clauses). A copy of these appropriate safeguard, including relevant EU Standard Contractual Clauses, is available upon request.
Data Subjects' Rights: Individuals can at any time exercise their rights pursuant to Art. 15 ff. of Regulation (EU) 2016/679, e.g. to access to the personal data, to verify the source, the accuracy, to request their completion, update, rectification, cancellation, portability and the restriction of and opposition to their processing. Individuals also have the right to lodge a complaint with the competent supervisory authority. Data subjects' rights, and any request of additional information, can be exercised, with no formalities, by contacting the Controllers at the following email address: firstname.lastname@example.org or by contacting us or our representative at our addresses above.