Privacy policy

Studio Caro
https://studiocaro.be

About our privacy policy
Studio Caro cares a lot about your privacy. We therefore only process data that we need for (improving) our services and we handle the information we have collected about you and your use of our services. We never make your details available to third parties for commercial purposes. This privacy policy applies to the use of the website and the services provided by Studio Caro. The commencement date for the validity of these conditions is 13/04/2018, with the publication of a new version the validity of all previous versions is canceled. This Privacy Policy describes what information about you is collected by us, where this data is used and with whom and under what conditions this information may be shared with third parties. We also explain to you how we store your data and how we protect your data against misuse and what rights you have with regard to the personal data you provide us. If you have any questions about our privacy policy, please contact our privacy contact person, you will find the contact details at the end of our privacy policy.

About the data processing
Below you can read how we process your data, where we save it, what security techniques we use and for whom the data are transparent.

Webshop software
Our webshop was developed with software from WooCommerce, we opted for One.com for our web hosting. Personal data that you make available to us for the benefit of our services will be shared with this party. One.com has access to your data to provide us (technical) support, they will never use your data for any other purpose. One.com is obliged to take appropriate security measures based on the agreement we have made with them. These security measures consist of the application of SSL encryption and a strong password policy. Backups are regularly made to prevent data loss. Our webshop is developed with software from WooCommerce, we host our web store on a server under our own management. We have taken appropriate technical and organizational measures to prevent abuse, loss and corruption of data as much as possible. These security measures consist in any case of the application of SSL encryption and a strong password policy. Backups are regularly made to prevent data loss.

Cookies
To keep track of cart data, WooCommerce makes use of 3 cookies:
woocommerce_cart_hash
woocommerce_items_in_cart
wp_woocommerce_session_

The first two cookies contain information about the cart as a whole and helps WooCommerce know when the cart data changes. The final cookie (wp_woocommerce_session_) contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies.

Webhosting
We take web hosting and e-mail services from One.com. One.com processes personal data on our behalf and does not use your personal data for its own purposes. However, this party can collect metadata about the use of the services. These are not personal data. One.com has taken appropriate technical and organizational measures to prevent loss and unauthorized use of your personal data. One.com is obliged to observe secrecy on the grounds of the agreement.

E-mail and mailing lists
We send our e-mail newsletters with MailChimp. MailChimp will never use your name and e-mail address for your own purposes. At the bottom of every e-mail sent automatically via our website you will see the 'unsubscribe' link. You will no longer receive our newsletter. Your personal data is stored securely by MailChimp. MailChimp uses cookies and other internet technologies that make it clear whether e-mails are opened and read. MailChimp reserves the right to use your data for the further improvement of the service and to share information with third parties.

Payment processors
For the handling of (part of) the payments in our webshop, we use the platform of Mollie. Mollie processes your name, address and residence details and your payment details such as your bank account or credit card number. Mollie has taken appropriate technical and organizational measures to protect your personal data. Mollie reserves the right to use your data to further improve the service and to share (anonymised) data with third parties. All the above-mentioned safeguards with regard to the protection of your personal data also apply to the parts of Mollie's services for which they engage third parties. Mollie does not store your data for longer than permitted by the legal terms.

Shipping and logistics 
If you place an order with us, it is our job to have your package delivered to you. We use the services of bpost for the execution of the deliveries. It is therefore necessary that we share your name, address and residence details with bpost. bpost uses this information only for the purpose of executing the agreement. In the event that bpost engages subcontractors, bpost will also make your details available to these parties.

Invoicing and accounting
For our records of our administration and accounting we use the services of Harpoon LLC. We share your name, address and residence details and details regarding your order. This data is used for managing sales invoices. For our records of our administration and accounting we use the services of Harpoon LLC. We share your name, address and residence details and details regarding your order. This data is used for managing sales invoices. Your personal data is sent and stored protected. Harpoon LLC is obliged to observe secrecy and will treat your information confidentially. Harpoon LLC does not use your personal data for purposes other than those described above.

General purpose of the processing
We only use your data for the benefit of our services. That is, the goal of the processing is always directly related to the assignment you provide. We do not use your information for (focused) marketing. If you share information with us and we use this information - other than your own request - to contact you at a later time, we ask you explicit permission. Your data are not shared with third parties, other than for accounting and other administrative purposes fulfill obligations. These third parties have all been kept confidential on the basis of the agreement between them and us or an oath or legal obligation.

Automatically collected data
Data that is automatically collected by our website is processed with the purpose our to further improve services. This data (for example your IP address, web browser and operating system) are not personal data.

Participation in tax and criminal investigation
In some cases Studio Caro can be held to a legal obligation sharing your data in connection with government tax or criminal investigation. In such a case we are forced to share your data, we will be within the possibilities that the law offers us
to oppose this.

Retention periods
We keep your information as long as you are our client. This means that we keep your customer profile until you indicates that you no longer wish to use our services. If you indicate this to us, we will do this also see as a forgetting request. We serve on the basis of applicable administrative obligations. To keep invoices with your (personal) data, we will therefore keep this information for as long as applicable period of time. However, employees no longer have access to your client profile and documents
we have produced on the basis of your order.