Privacy Policy

Last updated: December 2024

Introduction

shintomejw B.V. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you visit our website or use our business consulting services. We are based in Rotterdam, Netherlands, and operate under Dutch and European Union data protection laws, including the General Data Protection Regulation (GDPR).

As the Data Controller, shintomejw takes responsibility for ensuring your personal data is processed lawfully, fairly, and transparently in accordance with GDPR requirements.

Data Collection

The data we collect includes personal information such as your name, email address, phone number, company details, and any information you provide when contacting us through our website forms, email, or phone. We also collect technical information about your visit to our website, including your IP address, browser type, device information, and pages visited.

We collect this information through various means including:

  • Contact forms on our website
  • Email correspondence
  • Phone conversations
  • Meeting notes and consultation records
  • Website analytics and cookies
  • Business cards and networking events

All data collection is based on legitimate legal grounds as defined by GDPR, including consent, contractual necessity, and legitimate business interests.

How We Use Your Information

We explain how we use your information to provide and improve our business consulting services, respond to your inquiries, and maintain our business relationship with you. The use of your data is always proportionate and relevant to our business purposes.

Specifically, we use your personal data for the following purposes:

  • Providing business consulting services and responding to your inquiries
  • Managing our business relationship and contract performance
  • Improving our services and website functionality
  • Sending relevant business communications and updates
  • Complying with legal obligations and regulatory requirements
  • Protecting our business interests and preventing fraud

The Legal Basis for processing your data includes your consent, performance of contracts, compliance with legal obligations, and our legitimate business interests as permitted under GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Generally, we retain client data for the duration of our business relationship plus seven years for tax and legal compliance purposes as required by Dutch law.

Specific retention periods include:

  • Contact inquiries: 3 years from last contact
  • Client project data: 7 years after project completion
  • Financial records: 7 years as required by Dutch tax law
  • Marketing communications: Until consent is withdrawn
  • Website analytics: 26 months maximum

After the retention period expires, we securely delete or anonymise your personal data in accordance with our data destruction policies.

Your Rights Under GDPR

As a data subject under GDPR, you have several important rights regarding your personal data. These rights are fundamental to data protection and we are committed to facilitating their exercise.

Your rights include:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within one month as required by GDPR.

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following limited circumstances:

  • With trusted service providers who assist us in operating our business (e.g., IT support, accounting services)
  • When required by law or to comply with legal processes
  • To protect our rights, property, or safety, or that of our clients or others
  • With your explicit consent for specific purposes

All third-party service providers are required to maintain appropriate security measures and are prohibited from using your data for their own purposes.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training
  • Secure backup and recovery procedures
  • Incident response and breach notification procedures

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

Cookies and Website Analytics

Our website uses cookies and similar technologies to improve your browsing experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

You can control cookie settings through your browser preferences and our cookie consent banner. Some cookies are essential for website functionality, while others require your consent.

International Data Transfers

As shintomejw operates primarily within the European Union, your data is generally processed within the EU/EEA. If we need to transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable
  • Your explicit consent for specific transfers

We will always inform you of any international transfers and the safeguards in place to protect your data.

Children's Privacy

Our services are designed for businesses and professional use. We do not knowingly collect personal information from children under 16 years of age. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email or through a prominent notice on our website.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. The "Last updated" date at the top of this policy indicates when it was last revised.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please contact us using the following information:

Data Controller: shintomejw B.V.

Address: Nieuwstraat 238, 3068 XV Rotterdam, Netherlands

Phone: +31 707767192

Email: privacy@shintomejw.top

General Inquiries: contact@shintomejw.top

Business Hours: Monday - Friday, 9:00 AM - 6:00 PM (CET)

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe your data protection rights have been violated. Contact information for the supervisory authority is available at autoriteitpersoonsgegevens.nl.