Privacy statement

We know you care about your personal data and so does 2theloo. Within our privacy statement you will find the details about how 2theloo uses your personal data carefully, according to the General Data Protection Regulation (GDPR).

1. Who are we?
This website is owned, controlled and operated by 2theloo Holding B.V. (hereinafter referred to as ‘2theloo’ or ‘we’), whose registered office is at Jan Evertsenstraat 759, 1061 XZ, The Netherlands.

2. Who does it concern?
This privacy statement concerns all people involved, for example but not limited to:
a. (potential) clients/vistors of 2theloo;
b. (potential) partners of 2theloo;
c. (potential) suppliers of 2theloo;
d. visitors of the 2theloo website;
e. applicants of 2theloo;
f. other persons who contact 2theloo or whom 2theloo processes personal data of, with the exception of 2theloo’s own employees.

3. Processing your personal data
2theloo processes personal data, which:
a. a person provided him/herself (during a meeting or event), by phone, digital (via e-mail or online form), for example his/her contact details;
b. is requested by 2theloo at external parties with prior consent of the personal data provider;
c. is collected during a 2theloo website visit, for example the IP address and the visitor’s browsing behavior regarding the first, recent and current website visit;
d. is recorded as camera images while visiting a 2theloo store. The cameras are positioned in the public areas of the 2theloo locations with the purpose to assist during emergency situations and to guarantee safety for both 2theloo customers and employees. 2theloo operates according to the legal guidelines for camera images.

4. Purposes of processing personal data
2theloo processes personal data for the following purposes:
a. relation management; for example the newsletter, invitations for company events, special deals or information the person involved requested him/herself or gave his/her consent for;
b. improvement of the company website [www.2theloo.com];
c. user statistics regarding the amount of website visitors per day, the duration of the visit and the visitor’s browsing behavior. It concerns generic reports, which do not include traceable data to an individual person;
d. recruitment of (potential) candidates for vacancies within 2theloo;
e. necessity for compliance with a legal obligation to which 2theloo is subject.

5. Lawful basis for processing
2theloo processes personal data according to one of the following lawful basis of the General Data Protection Regulation (GDPR):
a. consent of the personal data provider. Consent may be withdrawn at any time, without influencing legality of processing personal data during the period of time the consent by the personal data provider was given;
b. performance of a contract, for example a cooperation between 2theloo and an external partner or supplier;
c. legal obligation, for instance recording personal data for compliance with local law and legislation;
d. legitimate interests, for instance the use of contact details for company events, newsletter, always with a voluntary opt-in by the personal data provider.

6. Protection of your personal data
2theloo takes the protection of your personal data very serious and takes every effort to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure. Our systems and software are secured and we operate with internal procedures to make sure only authorized persons have access to your personal data. Our employees have signed a confidentiality clause within their employment agreement.
You should be aware that you are responsible for the security of your computer and/or phone and your own internet connection, and that it is never 100% secure. The transmission of personal data through the internet is therefore at your own risk.

7. Subprocessing personal data
2theloo makes use of external partners for certain business processes which involves personal data. These external partners processes your personal data according to the (legal) guidelines 2theloo instructed them with, which are captured in a data processing agreement according to the General Data Protection Regulation (GDPR).

8. Sharing personal data
2theloo shares personal data with third parties in case it concerns a legal obligation. 2theloo does not use your personal data for any commercial purposes.

9. Transmitting personal data outside EEA
2theloo does not transmit personal data to or store personal data in a country outside the European Economic Area (EEA) or makes personal data accessible for a non-EEA country, unless the country ensures an adequate level of protection or if an applicable provision of the General Data Protection Regulation (GDPR) requires it to process the relevant data.

10. Retention period
2theloo collects personal data according to the legal retention periods:
a. personal data from temporary workers and contractors, other than financial administration, maximum 2 years after the end of employment/contract of agreement;
b. personal data of applicants: maximum of 4 weeks after the application procedure ended or maximum 1 year in case of prior and clear consent of the applicant;
c. website visitors: maximum 5 years after the last website visit, unless a request to delete the personal data has been initiated before;.
d. financial administration: at least 7 years after registering the financial figures.

11. The use of cookies
In general, you will visit the 2theloo website without registration of personal data taking place. However, our website will collect certain personal data automatically, for instance the Internet Protocol (IP)-address of your computer and web statistics. The technical information is used for the website and system management and to improve the usability of the website. Cookies are small text files that will be stored in your device via your browser, primarily to enhance the convenience of using the site, to make visiting our website attractive and to enable certain functions. You can read more about this in our cookie statement below.

12. Amendments to privacy statement
2theloo will update this privacy statement when necessary to reflect customer feedback or in case of changes in our products or services. The most recent version will be published at the 2theloo website. Therefor it is recommended to read through our privacy statement on a regular basis, to make sure you are aware of potential changes.

13. Rights, questions, (suspicion of) data breach or complaints
This is how you withdraw your consent:
a. You have the right to send a request to check, rectify, transfer or delete your personal data, or to limit/to oppose processing your personal data. Please send your request to info@2theloo.com using ‘privacy’ as the subject of your message.
b. You can prevent cookies from being placed through your browser settings, but you can also change or delete your cookie settings from your device at any time through the browser settings.
c. In case there is a (suspicion of) a data breach, for example, if you suspect loss or unauthorized access to personal data, please let us know immediately by sending an email to info@2theloo.com.
d. In case of questions or a complaint, you may contact us by sending an e-mail to info@2theloo.com. We will do our ultimate best to handle your complaint to your fullest satisfaction. However, in case you are not completely satisfied, you may contact the Dutch Data Protection Authority to assist you further.

14. Supervisory authority
The supervisory authority on the General Data Protection Regulation (GDPR) within the Netherlands is the Dutch Data Protection Authority. Contact details can be found on their website: www.autoriteitpersoonsgegevens.nl.

© 2theloo Holding B.V.
November 2020

Cookie statement 

You are at www.2theloo.com, the website of 2theloo Holding B.V., hereinafter referred to as ‘2theloo’ or ‘we’.

Our website uses cookies. Cookies are small text files that will be stored in your device (computer, tablet or mobile phone) via your browser primarily to enhance the convenience of using the site, to enable certain functions and to make visiting our website attractive. The information in the cookies relates to your device, your browser and to the way you flip through our content and is not linked to your name, address or email address.

To the extent personal information may be collected using cookies, such information will only be processed in accordance to our Privacy statement.

What kind of cookies do we use and why?
Cookies can be placed directly by our website or by third parties with whom we cooperate to help us diagnose technical problems, analyze the traffic to our website and observe and measure how our visitors engage with our website. Overview of cookie types:

Default cookies
Our website uses Google Analytics, provided by Google, Inc. These cookies are essential to provide you a seamless browser experience. They provide us with information on how you use the website and allow us to test various parts of the website
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

Functional cookies
We want to offer you a well-functioning website. These cookies are necessary to provide you with the services available through this website and to use certain functions of the website, for example the map function to find your nearest 2theloo. This data is automatically collected when you visit the website and that information is stored in log files. These cookies have a small/no impact on the privacy of the visitor.

You can prevent your browser to store cookie and/or delete the cookies from your device at any time via the browser settings. Please consult the ‘Help’ section on your internet browser for instructions on this.

Most of the cookies we use will be deleted when you end the browser session (so-called session cookies). Other cookies will remain stored in your device longer, for a period of 2 years, with the exception of the web analytics cookies which can be stored in your device maximum of 10 years.

Changes to the cookies statement.
We may update the Cookies Statement from time to time. You can see the date on which the last change was made below in this statement. We advise you to review our Cookies Statement on a regular basis so that you are aware of any changes.

This statement was updated last: November 2020