Data protection is of utmost importance to the management of Hexaris Equestrian. You can access the website of Hexaris Equestrian without providing any personal information. However, if a user wishes to utilize specific services offered by our website, it may be necessary to process personal data. In cases where there is no legal basis for processing this data, we generally obtain consent from the individual.
The handling of personal information, such as names, addresses, email addresses, or phone numbers, will always be in accordance with the General Data Protection Regulation (GDPR) and the relevant data protection laws applicable to Hexaris Equestrian. Through this privacy policy, we aim to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Additionally, individuals are made aware of their rights under this policy.
As the data controller, Hexaris Equestrian has put in place various technical and organizational measures to ensure the highest level of protection for personal data processed through this website. Nonetheless, it is important to note that internet-based data transfers may have security vulnerabilities, and absolute protection cannot be guaranteed. Therefore, individuals are free to transmit personal data to us using alternative methods, such as by phone.
Definitions
The data protection policy of Hexaris Equestrian is based on the terminology established by the European legislator for the enactment of the General Data Protection Regulation (GDPR). Our policy is designed to be clear and understandable to the general public, as well as to our customers and business partners. To achieve this, we will first clarify the terminology used.
In this privacy policy, we use, among others, the following terms:
a) Personal Data
Personal data refers to any information related to an identified or identifiable natural person (“data subject”). An identifiable person is one who can be identified, directly or indirectly, particularly by reference to an identifier like a name, identification number, location data, online identifier, or other specific factors concerning that individual's identity.
b) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing encompasses any operation or set of operations performed on personal data, whether automated or not, including collection, recording, organization, structuring, storage, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure, or destruction.
d) Restriction of Processing
Restriction of processing involves marking stored personal data to limit its future processing.
e) Profiling
Profiling refers to the automated processing of personal data to evaluate certain aspects related to an individual, particularly to analyze or predict characteristics regarding their work performance, economic status, health, preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that it cannot be attributed to a specific individual without the use of additional information, which is kept separately and protected by technical and organizational measures.
g) Controller
The controller is the natural or legal person, public authority, agency, or other entity that determines the purposes and means of processing personal data.
h) Processor
A processor is a natural or legal person, public authority, agency, or body that processes personal data on behalf of the controller.
I) Recipient
A recipient is any natural or legal person, public authority, agency, or body to which personal data is disclosed.
j) Third Party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, or those authorized to process data under the direct authority of the controller or processor.
k) Consent
Consent of the data subject is any freely given, specific, informed, and unambiguous indication of their wishes, signifying agreement to the processing of their personal data.
Name and Address of the Controller
The controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:
Hexaris Equestrian – Middelie 3A, 1472GN, Middelie (The Netherlands)
Website: www.hexarisequestrian.com
Cookies
The website of Hexaris Equestrian uses cookies. Cookies are text files placed on a computer system via an internet browser.
Many websites and servers utilize cookies, with many containing a unique identifier known as a cookie ID. This ID allows websites and servers to identify the specific browser in which the cookie is stored, enabling them to differentiate between users. A specific browser can be recognized and identified through its unique cookie ID.
By using cookies, Hexaris Equestrian can offer users a more efficient and tailored experience. Cookies help optimize information and services on our website, allowing us to recognize users and simplify their experience. For instance, cookies can save login information so users don’t have to re-enter it each time they visit, and they can also keep track of items in an online shopping cart.
Users may prevent the setting of cookies at any time through their browser settings and can delete existing cookies via their browser or other software. This is possible in all popular browsers. If users disable cookies, not all features of the website may function properly.
Collection of General Data and Information
When a user or automated system accesses the Hexaris Equestrian website, various general data and information are collected and stored in server log files. This may include (1) the types and versions of browsers used, (2) the operating system of the accessing system, (3) the website from which the accessing system reached ours (the referrer), (4) sub-websites, (5) the date and time of access, (6) an IP address, (7) the internet service provider of the accessing system, and (8) other similar data that could be useful in the event of cyberattacks.
Hexaris Equestrian does not draw any conclusions about the individual from this data. Instead, this information is necessary to (1) ensure proper delivery of our website content, (2) optimize our website and its advertising, (3) maintain the long-term viability of our IT systems and website technology, and (4) provide necessary information for law enforcement in case of cyber incidents. The anonymous data collected is analyzed statistically to enhance our data protection and security measures.
Registration on Our Website
Individuals have the option to register on the Hexaris Equestrian website by providing personal data. The specific data transmitted depends on the input form used for registration. The personal data collected is stored solely for internal use by the controller and for its own purposes. The controller may request the transfer of data to processors (e.g., delivery services) that also use personal data for internal purposes.
During the registration process, the IP address assigned to the user by their ISP, along with the date and time of registration, is also recorded. This data is necessary to prevent misuse of our services and, if necessary, for investigating offenses. This data is not shared with third parties unless required by law or for criminal prosecution.
Registration allows users to access content or services that can only be offered to registered users. Registered users can update their personal data or request complete deletion at any time.
Users can request information about the personal data stored about them at any time. Additionally, they may request corrections or deletions of their personal data, provided there are no legal obligations for retention. Employees of the controller are available to assist individuals in these matters.
Newsletter Subscription
The website of Hexaris Equestrian offers users the opportunity to subscribe to our newsletter. The input form used determines the personal data collected and the timing of the subscription.
Hexaris Equestrian provides regular updates to customers and partners through newsletters. To receive our newsletter, individuals must have a valid email address and register for the service. A confirmation email will be sent for verification purposes through a double opt-in process. This confirmation email serves to verify that the email address belongs to the individual who registered.
During newsletter registration, we also store the IP address used at the time of registration, along with the date and time. This data is collected to prevent misuse of the email address.
Personal data collected for the newsletter will exclusively be used for that purpose. Subscribers may also receive emails regarding essential updates to the newsletter service. Personal data will not be shared with third parties. Individuals can unsubscribe from the newsletter at any time, and consent for data storage can be revoked via a link in each newsletter or directly on the website.
Newsletter Tracking
The Hexaris Equestrian newsletter may include tracking pixels. A tracking pixel is a small graphic embedded in HTML emails that allows us to monitor and analyze engagement. This enables us to evaluate the effectiveness of our marketing campaigns. Through tracking pixels, we can determine if and when an email was opened and which links were clicked.
Personal data collected through tracking pixels is analyzed to improve newsletter delivery and tailor future content to user interests. This data will not be shared with third parties. Individuals can revoke their consent to tracking at any time, and upon revocation, their personal data will be deleted.
Contact Options on the Website
The Hexaris Equestrian website includes information for quick electronic communication, including an email address. If a user contacts us via email or a contact form, the personal data provided will be stored automatically for processing purposes. Personal data shared voluntarily will not be disclosed to third parties.
Routine Deletion and Blocking of Personal Data
The data controller processes and stores personal data only for as long as necessary to achieve the intended purpose or as required by law.
If the purpose of storage no longer applies or the statutory retention period expires, the data will be routinely deleted or blocked in accordance with legal requirements.
Rights of the Data Subject
a) Right to Confirmation
Each individual has the right to confirmation from the controller regarding whether their personal data is being processed. To exercise this right, they can contact any employee of the controller.
b) Right of Access
Individuals have the right to request free information about their stored personal data at any time, along with a copy of this information. They are also entitled to information about the processing purposes, categories of data, recipients, storage duration, rights to rectification or erasure, and information about automated decision-making.
c) Right to Rectification
Individuals have the right to request the rectification of inaccurate personal data without delay. They can also request the completion of incomplete data. To exercise this right, they can contact any employee of the controller.
d) Right to Erasure (Right to be Forgotten)
Individuals have the right to request the erasure of their personal data without undue delay under certain circumstances. If they wish to exercise this right, they can contact any employee of the controller, who will ensure compliance with the request.
e) Right to Restriction of Processing
Individuals can request the restriction of their personal data processing in specific situations. To do so, they may contact any employee of the controller.
f) Right to Data Portability
Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller without hindrance. To assert this right, they can contact any employee of Hexaris Equestrian.
g) Right to Object
Individuals have the right to object to the processing of their personal data at any time based on their particular situation. If they wish to exercise this right, they can contact any employee of Hexaris Equestrian.
h) Automated Individual Decision-Making, Including Profiling
Individuals have the right not to be subject to decisions based solely on automated processing. If they wish to exercise their rights in this area, they may contact any employee of Hexaris Equestrian.
I) Right to Withdraw Data Protection Consent
Individuals can withdraw their consent to the processing of their personal data at any time. To do so, they can contact any employee of Hexaris Equestrian.
Legal Basis for Processing
Article 6(1)(a) of the GDPR provides the legal basis for processing operations where consent is obtained. Other legal bases may include the necessity for contract performance or compliance with legal obligations.
Legitimate Interests
Where processing is based on Article 6(1)(f) of the GDPR, our legitimate interest is to operate our business in the best interests of our employees and stakeholders.
Storage Period for Personal Data
The retention period for personal data is determined by statutory retention requirements. Once this period expires, data is routinely deleted if no longer necessary.
Provision of Personal Data
We clarify that providing personal data may be required by law or contractual obligations. If personal data is not provided, it may hinder the ability to conclude a contract.
Automated Decision-Making
As a responsible organization, we do not engage in automated decision-making or profiling.
