Privacy notice
Shamrock Information Security believes in strict privacy for it’s website visitors and clients.
We therefore only collect the minimum amount of data that is necessary for us to run our business.
This privacy statement tells you precisely what data we collect and for which reason.
Check out the relevant section below that matches your situation the closest.
We, Shamrock Information Security, are the data controller.
For any questions regarding our usage of your personal data, please see the contact section at the bottom of this statement.
Website visitors
For the websites www.shamrockinfosec.com, www.ShamrockInformationSecurity.com, ShamrockPrivacyAdvice.com and ShamrockRiskManagement.com we collect the following information:
- Your IP address and browser information as supplied by your computer.
- Basic analytics about your visit via our on-site statistics and security plugins.
We only collect this data to count website visits and to protect our website against fraudulent and/or hacking activities.
We have a legitimate interest to protect our web presence and do basic statistics on our website visitors.
All information is kept until the next time log files are rotated.
Any information we need to protect our web presence and to combat fraude or for legal proceedings e.g. in the case of misuse or hacking of our website, we will retain as long as necessary to complete any post incident activities and/or until legal proceeding have been completed.
When you contact us
When you contact us by e-mail or via the forms on this website we may process the following information:
- Your company name
- your name
- Your e-mail address
- Your phone number if provided
- Your address details if necessary
We will use this information to reply to your inquiries, answer your requests and/or offer you one of our services upon request.
We need this information for contractual or pre-contractual reasons.
Even replying to an inquiry of any kind can be seen as a form of contract, that is supplying you with the information you have requested.
We will keep this information in our records for as long as we need it to fulfil your request, after this time we will archive all conversations and will not use the information to contact you for other reasons then related to your query or request. If you become one of our clients however, any previous conversations will become part of your client record (see the relevant section on our handling of our clients’ data).
We certainly will not process this information for marketing reasons unless you have explicitly agreed to such communications.
You are one of our clients
When we come to an agreement, we will process the following information:
- Your company name
- Your name
- Your e-mail address
- Your phone number
- Your address details
- Payment information (bank details or creditcard details)
- Chamber of commerce and VAT numbers if applicable
We need this information to complete a contract with you and to deliver the services you requested.
Your company name, address and chamber of commerce and VAT number are also processed for our legal compliance to Dutch fiscal legislation.
We will retain all data for at least 7 years after the year your contract with us has ended.
Any contact details may well be removed earlier on the basis that we no longer have a need for them.
All data that is part of any invoice is retained for the period stated above, this is a legal requirement in the Netherlands under current fiscal law.
Direct marketing
When we use your personal data for any of our marketing activities, you always have the right to object to such processing.
If you do so, we will honour your request. If the data is also used for another purpose, however, e.g. you are one of our clients, we will still be using the data for that purpose.
If you received marketing from us based on your consent, you are allowed to withdraw that consent at any time which we will honour.
Please note: we may keep a copy of your information in on an opt-out register to make sure we will not send marketing communications to you, unless you have agreed to such communications again in the future.
Contact us using the form below or use the unsubscribe link in the marketing e-mail you have received to withdraw your consent.
Location of processing and automatic decision making
We process all your data within the European Economic Area.
Where this isn’t the case, we have taken security measures including encryption to safeguard your personal data against unauthorised access and/or misuse.
We will not use any automatic decision making processes that highly effect you as one of our (prospective) clients.
Your rights
You have the right to:
- Request additional details on our processing of your data and to receive a copy of such data
- Request us to correct any data that is objectively incorrect e.g. misspelling of your name and/or other details
- Right to ask us to delete your personal data to which we will comply unless we have an overriding reason not to honour your request
- Request us to restrict processing of your personal data
We will respond to your request within one month of receiving your request unless an extension is required of which we will inform you including the reasons for the delay on fully handling your request.
If you do not agree with our decision or believe we have not handled your request correctly, you are welcome to contact the competent supervisory authority to register a complaint with them.
For the Netherlands that is the Autoriteit Persoonsgegevens.
Data sharing and Data processors
For companies we closely work with, we have agreements in place to make sure your personal data is handled in accordance with this privacy statement. They are under strict obligations to never use any of your data for their own purposes as well as to adhere to the agreed methods and reasons for processing.
We have agreements with the following types of data processors:
- Our accountants
- Our hosting provider
- Our website security partner
- Our bank and other contracted payment service providers
Other than with these, processors, we will not share your data with any 3rd parties other than if we are obligated to do so and when ordered by a competent court.
Security of your data
As important as the privacy of your personal data is, is also the security of that data.
We will make sure your data is properly protected at all times.
We use proper security procedures, 2-factor authentication where possible and proper maintenance procedures to safeguard our computer systems and servers.
How to contact us
If you have any questions after reading this privacy statement, no problem, please use the form below to contact us and we will respond to your request as soon as possible.
Please note that we will have to process your data for this. See the section above on how we are handling your data when you contact us for details.