Definition
a. Privacy Policy: this Privacy Policy;
b. User: any:r User:in the Website;
c. Data Controller: Sophie Descollaz-Dunkel, Kapelaan Goossensstraat 5, 6101 CX Echt, The Netherlands, Tel. 0049 172 249 62 12.
d. Contractor’s website is: www.tf-impact.com
1 General
1.1 This privacy policy describes how the data controller processes the personal data of its user:s within the framework of the website.
2 Personal data
2.1 Personal data is information about an identified or identifiable natural person. Depending on the use of the website by the user:s, the data controller may process the following data of its users
i name;
ii (Email) Address;
iii Phone number;
iv Data related to the user’s device, such as an IP address;
v Communication preferences;
vi Information obtained through cookies about the user’s browsing behavior.
2.2 The Contractor collects personal data of a User in the following ways:
i if the User concerned has provided such personal data to the Data Controller via the Website;
ii by contacting a user with a request for information on the services or products
iii by placing an order with trust&fortune impact B.V.; or
iv by generating such data based on the User’s use of the Services or the Website, including through cookies; or
v by third parties, such as recruitment agencies in the context of job search and selection.
2.3 The user is never obliged to provide personal data. However, if the User provides his/her personal data, which is considered mandatory from time to time, the Contractor may not provide the User with its services].
3 Purposes and basis of the processing of personal data
3.1 The Data Controller processes the personal data of the User:s on the basis of the GDPR for the performance of a contract and/or a legal obligation or for a legitimate interest.
a. Consent of the user
b. Conclusion of an agreement with the user:s
c. Fulfillment of a legal obligation
d. Fulfillment of a task of general interest
e. Legitimate interest of the data controller or a third party.
3.2 The Contractor processes certain personal data to protect its legitimate interests. The Contractor’s legitimate interests include marketing, advertising, research on its own products or services, IT management and security, disclosure to parties related to the Contractor, etc.
3.3 The Data Controller processes Personal Data for the following purposes on the basis indicated:
| Purpose | Basis |
| The provision of products or services, including the provision of customer service or technical support and the handling of inquiries related to the products or services | Fulfillment of the contract Legitimate interest |
| Improvement of the products or services offered, including an analysis of their use | Fulfillment of the contract Legitimate interest |
| Establishing and maintaining a customer relationship with the user, e.g. to send information messages about products or services or to answer the user’s questions and inquiries. | Fulfillment of the contract Legitimate interest |
| Order processing, administration and invoicing | Fulfillment of the contract Legitimate interest |
| Sending a newsletter by the client | Legitimate interest Consent |
| Provision of targeted advertising based on the interests of the user, using cookies and similar technologies to collect the relevant information about the user | Legitimate interest Consent |
4 Disclosure of personal data to third parties
4.1 The Contractor shall not disclose the personal data of its Users to third parties unless:
4.1.1 the personal data must be made available to a company contracted by the Data Controller for the purposes set out in this Privacy Policy, with which the Data Controller has entered into an agreement providing, inter alia, sufficient guarantees in relation to technical and organizational security measures in connection with the processing to be carried out; or
4.1.2 The Contractor is required by law to disclose personal data to the competent authorities; or
4.1.3 TheData Controller uses third parties to perform the contract, who provide certain services on behalf of the Data Controller, such as IT services or payment services.
4.2 In order to provide the Services, the Contractor may be required to transfer Personal Data to other countries within or outside the European Union. If this is the case, the Controller will take all necessary measures to lawfully transfer the Personal Data to these countries. The Contractor will review the security arrangements of companies outside the European Union and ensure compliance with the GDPR.
5 Cookies
5.1 The Contractor uses so-called “cookies”. With these cookies, the Contractor automatically collects certain data about the course of the User’s activities on the Website and in the third-party apps in accordance with the preferences specified by the User. Thus, personal data of the User may be collected while the User is using the Website or the Apps or when they are running in the background on the User’s device. This data may be combined by the data processor with other data about the user’s device, such as an IP address. If the consent of the user is required for this, the contractor will obtain this in advance.
5.2 Here are our coockies guidelines:
When calling up our website, it is technically necessary for data to be transmitted to our web server via the user’s internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:
• Date and time of the request
• Name of the requested file
• Page from which the file was requested
• Access status (file transferred, file not found, etc.)
• Web browser and operating system used
• Complete IP address of the requesting computer
• Data volume transferred
We collect the listed data to ensure a smooth connection setup of the website and to enable a comfortable use of our website by the users. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of the data or the log files is Art. 6 para. 1 lit. f DSGVO.
For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. In addition, the data may be processed in anonymous form for statistical purposes. This data is not stored together with other personal data of the user, nor is it compared with other data or passed on to third parties.
6 LinkedIn
We are very happy to link via LinkedIn. The user always has the option to tighten the privacy policy within LinkedIn in the settings of his/her LinkedIn profile(s).
7 Involve.me
We have a legitimate interest in conducting online surveys for marketing and advertising purposes.
To conduct online surveys, we use the services of Stereosense GmbH, Margaretenstraße 29/7, 1040 Vienna, Austria (hereinafter involve.me). We use involve.me as our platform for interactive content and forms. By submitting a survey or form, the user consents to the following processing of their data.
We have concluded an order processing contract with the service provider involve.me. An appropriate level of data protection for the transfer of personal data to third countries is achieved by concluding the so-called standard contractual clauses.
8 Newsletter data
If the user would like to receive the newsletter offered on the website, we need an e-mail address and information that allows us to verify that he or she is the owner of the e-mail address and agrees to receive the newsletter. Further data is not collected or only on a voluntary basis. For the processing of the newsletter we use newsletter service providers, which are described below.
9 MailerLite
This website uses MailerLite for sending newsletters. The provider is UAB “MailerLite”, J. Basanaviciaus 15, LT-03108 Vilnius, Lithuania (hereinafter MailerLite).
MailerLite is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data entered by the user for the purpose of receiving the newsletter is stored on MailerLite’s servers.
If the user does not want any analysis by MailerLite, he or she must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message.
Data analysis through MailerLite
With the help of MailerLite, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions were performed after opening/clicking (conversion rate). For example, we can see whether the user has made a purchase after clicking on the newsletter.
MailerLite also allows us to subdivide (“cluster”) newsletter recipients based on various categories. In doing so, the newsletter recipients can be subdivided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.
Detailed information about MailerLite’s features can be found at the following link: https://www.mailerlite.com/features.
MailerLite’s privacy policy can be found at: https://www.mailerlite.com/legal/privacy-policy.
Legal basis
The data processing is based on the users / users consent (Art. 6 para 1 lit. a DSGVO). They can revoke this consent at any time for the future.
Storage period
The data provided by the user for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose has ceased to exist. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. Data that has been stored by us for other purposes remains unaffected by this.
After the user has unsubscribed from the newsletter distribution list, his/her e-mail address will be stored by us or the newsletter service provider in a blacklist if necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both their interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f DSGVO). The storage in the blacklist is not limited in time. Users can object to the storage if their interests outweigh our legitimate interest.
Data processing agreement
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
10 Rights of the users
10.1 The user/nuterzin has the right to inspect, correct and delete his/her personal data in accordance with the provisions of the Basic Data Protection Regulation. The user/uterin also has the right to object to the processing of his/her personal data.
10.2 The User may request the restriction of processing and the portability of data. The latter means that the User has the right to receive the personal data that the Contractor has stored about him/her in a structured, common and machine-readable form and to have it transferred by the Contractor to another Contractor.
10.3 If the user has consented to the processing of his/her personal data, he/she is entitled to revoke this consent at any time.
10.4 If the User wishes to exercise any of these rights or if the User has any questions about this Privacy Policy, the User may contact the Data Controllers at sophie@tf-impact.com, Kapelaan Goossensstraat 5, 6101 CX Echt, the Netherlands.
10.5 The User can unsubscribe from the Newsletter by sending an email to sophie@tf-impact.com.
10.6 The User has the right to file a complaint with the Personal Data Authority through: www.autoriteitpersoonsgegevens.nl/
11 Retention period
11.1 The Data Controller shall retain personal data for a period of 7 days after the last visit to the Website, unless the Data Controller is required by law to retain personal data for a longer period.
12 Changes to this privacy policy
12.1 The data controller reserves the right to modify this privacy policy. Any change will be announced on this page. The data controller advises the user to check this page regularly to see if any changes have been made. The current privacy policy was updated on 01/08/202