With your explicit permission, we may send you newsletters about our store, new products, and other updates. The following information is collected in context of the newsletter:First & last nameE-mail addressWhy? To send newsletters and promotions, and we use your name to personalize these emails. You can always opt out of these emails through the unsubscribe link in the bottom, or by contacting us at [email protected]
1.3 Comments, reviews, job applications, etc.
We collect the Personal Data that you explicitly provide when you submit comments, feedback, questions, product reviews or job applications, and when you complete a survey or quiz or enter a contest on our website.Why? To respond to these events whenever necessary. We will not use this data to contact you for marketing purposes.
1.4 Customer service
When you email us or send us something via postal service, we collect your Personal DataWhy? To respond to you and keep a record of our correspondence.
When you place an order on our website, we require you to create an account. You can also choose to create an account without placing an order. When you create an account, we collect the following data that you explicitly provide us:First & last nameAddressPhone numberIP addressE-mail addressPayment detailsPasswordWhy? To ship you your order, to be able to provide you with customer service, and to save you time if you want to place another order in the future. You can close your account at any time by contacting us at [email protected]
, High Thoughts Seeds processes Personal Data for the following purposes:the performance of the agreement (for example: fulfilling your order),compliance with a statutory obligation (for example: keeping invoices for tax purposes),the promotion of legitimate interests of High Thoughts Seeds (for example: fraud prevention),after obtaining permission from the customer (for example: you explicitly subscribe to our newsletter),based on another reason included in Article 6 (1) of the General Data Protection regulation (EU 2016/679).We do not intentionally or knowingly collect sensitive personal information about you, meaning, any information that reveals your race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information used to identify you, and any information concerning your health, sex life or sexual orientation. If you share sensitive personal information with us, we process it and may delete it with the understanding that you explicitly consented to its deletion.
How we use Personal Data
We use your Personal Data to provide you with a rich and interactive experience on our website.Your data is used to market and sell our products, to provide customer support, to fulfil your order requests and provide invoices, confirmations and updates, to improve and develop our products and website, to make product recommendations, and to send you promotional communications, targeted advertising and relevant offers.We use your Personal Data to respond to your comments, feedback and questions, to notify you about changes to our website, and to provide you with emails, alerts or updates if you have consented to receiving these from us.The Personal Data we collect can tell us a lot about how users interact with our website and other marketing communications. We perform various data analytics to deepen our understanding of our website users, and we anonymize this data whenever possible (for example: IP anonymization in Google Analytics). We can improve our websites and marketing activities when we better understand usage behaviour.When legally required to do so, we will use Personal Data to comply with our legal obligations and any applicable laws and regulations.
Where we store and process Personal Data
We are located in the Netherlands, with a global reach. To market and sell our products online, we use third party service providers that collect and process certain Personal Data on our behalf. These third parties have servers located in Canada and the U.S., and they may use servers located in other regions – see section “Who we share Personal Data with and why”, below, for more information.If you live in the European Economic Area (“EEA”), your Personal Data is transferred outside the EEA. We ensure appropriate safeguards are in place whenever we transfer your data outside the EEA. Third parties who transfer your Personal Data outside the EEA on our behalf comply with the principles of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. For more information, see www.privacyshield.gov.
Who we share Personal Data with and why
How long we retain Personal Data
We will not retain your Personal Data for longer than necessary for the purposes set out in this policy, or longer than is required by (tax) law. Different retention periods apply for different types of data, but the longest we will hold any Personal Data is 10 years.Account information: We store your account-related data as long as you keep the account active. When an account is closed, the related data will be deleted within a reasonable period. Requests regarding inspection or correction of stored Personal Data, or the removal of an account can be sent to: [email protected]
information: We keep your data in our newsletter database as long you don’t revoke your consent. Consent can easily be revoked by using the unsubscribe option below each email, or by contacting us at [email protected]
How we keep your Personal Data secure
We use a range of measures to keep your Personal Data safe and secure:We have appointed a security manager, who is responsible for periodical checking and improving of security measures.We and our third-party service providers use secure servers to store your Personal Data. Secure Sockets Layer (“SSL”) technology is used to encrypt transfers of data to and from our servers and to encrypt payments you make on or via our website.We follow all PCI-DSS requirements and implement additional, generally accepted industry standards.Account-related information is shielded with a hashing method. This method transforms information into a generated hash. As a result, sensitive information is secured, and is even invisible to us.Our databases are exceptionally protected against unauthorised persons. For example, access to the database is only possible and permitted by approved IP addresses (such as High Thoughts Seeds offices). Other attempts and addresses are refused at all times.We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards including obligations to protect Personal Data when using and transferring such data. All third parties mentioned in “Who we share Personal Data with and why” are screened, GDPR compliant, and are provided with a processor agreement.Staff only has access to personal information that is strictly needed for their jobs. Only staff of High Thoughts Seeds who are employed in the departments Sales & Marketing, Customer Service, Logistics & Procurement, E-commerce, ICT and Management Team have access to Personal Data.If a data breach occurs which jeopardizes the security of your Personal Data, we will work with our third-party service provider(s) to address the breach. In case of a data breach of sensitive data, we will notify users promptly within 72 hours of discovery of the breach.
How to access and control your Personal Data
You can contact us at any time to request access to, deletion of and/or edits to your Personal Data. Please contact us, outlining your request, at [email protected]
, or at the address provided in the “How to contact us” section, below.You can withdraw your consent at any time for anything you gave consent to. You can also object to or restrict our use of your Personal Data.If you have a customer account on our website, or you have posted any comments our website, you can request to receive an exported file of your Personal Data.You can also request that we delete any Personal Data we hold about you, excluding any data we are obligated to keep for administrative, legal or security purposes.When you request access to your Personal Data, we are required to use all reasonable measures to verify your identity before granting access. We do this to protect your data and limit the risk of potential identity fraud/theft or unauthorized access.Finally, you have the right to contact the privacy or data protection regulator in the country where you live to make a complaint. You can find a list of all European Data Protection Authorities here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
We collect website information using the following technologies:“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.“Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.“Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.We use these cookies and similar technologies on our websites to help us to:distinguish you from other users of our websites and help us improve your experience on our websitesstore your preferences and settings, enable you to sign-in to your customer account, and help us provide you with interest-based advertisingcombat fraudanalyse how our website is performingWhen we include links to other websites, those sites will have their own privacy and cookie policies that will govern the use of your Personal Data on those sites. We recommend you check their policies as we are not responsible or liable for their practices.Web browsers are typically set up to accept cookies but if you wish to amend your cookie preferences, you can do this through your browser settings. If you choose to turn off certain cookies, it may affect the functionality of our website.The cookies we use cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive. If you use a public computer to access our websites, our cookies cannot be used by anyone else who has access to that computer to find out anything about you, other that the fact that someone using that computer may have visited this site.
8.1 How to control cookies?
We may modify this policy from time to time. When we do, we will provide notice to you by publishing the most current version and revising the date at the top of this page.If we make a material change to the policy, we will provide additional notice by sending you an email and/or displaying a prominent notice on our websites.By continuing to use our websites after changes to this policy come into effect, you agree to the revised policy.
How to contact us
Email: [email protected]
, Amsterdam, The Netherlands