Privacy Policy

GreenFlag Instituut

 

1. Introduction

GreenFlag Instituut respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website, purchase digital products or services, or interact with us.

We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable laws.

Personal data refers to any information that can identify you directly or indirectly.

 

 

2. Data Controller

GreenFlag Instituut

Solitudopad 12

1096 DR Amsterdam

Nederland


KvK: 97032247

BTW-ID: NL005244955B43


Email: info@greenflaginstituut.com

 

3. Legal Bases for Processing

 

We process personal data on the following legal grounds:

  • Consent (Art. 6(1)(a) GDPR)

    For cookies, tracking, and marketing communications

  • Contractual necessity (Art. 6(1)(b) GDPR)

    For processing purchases and delivering services

  • Legal obligation (Art. 6(1)(c) GDPR)

    For tax and administrative requirements

  • Legitimate interest (Art. 6(1)(f) GDPR)

    For website security, fraud prevention, analytics, and business optimization

 

 

 

4. Data We Collect

 

We may collect the following personal data:

 

Identity & Contact Data

 

 

  • Name

  • Email address

  • Phone number (if provided)

  • Billing details

 

Transaction Data

  • Purchases and order details

  • Payment status

Technical Data

  • IP address

  • Browser type

  • Device information

  • Operating system

 

Usage Data

  • Pages visited

  • Click behavior

  • Time on site

 

Marketing Data

 

  • Newsletter preferences

  • Interaction with emails and ads

 

 

5. How We Collect Data


We collect data through:

  • Website forms

  • Checkout (via Shopify or similar platform)

  • Email subscriptions

  • Cookies and tracking technologies

  • Direct communication

 

 

6. Website Security

 

We use SSL/TLS encryption and appropriate security measures to protect your data against:

  • Unauthorized access

  • Loss or misuse

  • Alteration or disclosure

 

 

 

7. Cookies and Tracking

 

We use cookies and similar technologies to improve user experience and optimize marketing.

 

Types of cookies:

 

  • Essential cookies

  • Functional cookies

  • Analytics cookies

  • Marketing cookies

 

Non-essential cookies are only placed after your consent via a cookie banner.

You can withdraw your consent at any time.

 

 

8. Analytics and Advertising

 

We use advertising and analytics tools, including:

 

  • Meta (Facebook & Instagram) Pixel

  • TikTok Pixel

  • Pinterest Tag

  • Google Analytics

  • Google Ads

 

These tools allow us to:

 

  • Track conversions

  • Optimize advertising campaigns

  • Build audiences for retargeting

 

Processing is based on your consent.

 

 

9. Email Marketing

 

If you subscribe to our newsletter:

 

  • You will receive emails with updates, content, and offers

  • Subscription requires explicit consent (double opt-in)

 

We may also send emails to existing customers about similar products or services, based on our legitimate interest.


We use email marketing providers such as Klaviyo, Mailchimp or similar tools, under Data Processing Agreements.


You can unsubscribe at any time.

 

 

10. Orders, Payments and Fulfilment

 

When you make a purchase, we process your data to fulfill your order.


We use:

 

  • Shopify for our webshop and checkout

  • Payment providers such as Stripe, PayPal, Klarna, or Mollie

  • Hosting via TransIP

 

Only necessary data is shared with these parties.

 

 

11. Data Sharing with Third Parties

 

We may share your data with:

 

  • Hosting providers (TransIP)

  • E-commerce platforms (Shopify)

  • Payment processors

  • Email marketing providers

  • Analytics and advertising platforms

 


We may also use various digital tools and software services to operate and improve our business. These tools may process data on our behalf.


All third parties are required to handle your data securely and in accordance with GDPR.

 

 

12. International Data Transfers

 

Some service providers may be located outside the European Economic Area (EEA), including the United States.


When this occurs, we ensure appropriate safeguards such as:

 

  • Standard Contractual Clauses (SCCs)

  • Data Processing Agreements

 

 

13. Data Retention

 

We retain personal data only as long as necessary:

 

  • Financial and order data: up to 7 years (legal requirement)

  • Marketing data: until consent is withdrawn

  • Technical data: limited retention for security and analytics

 

After this period, data is securely deleted.

 

 

14. Your Rights

 

You have the right to:

 

  • Access your data

  • Correct your data

  • Request deletion

  • Restrict processing

  • Object to processing

  • Withdraw consent

  • Request data portability

 

To exercise your rights, contact:

info@greenflaginstituut.com


We respond within 30 days.

We respond within 30 days.

 

 

 

15. Complaints

 

You have the right to file a complaint with the Dutch Data Protection Authority:


Autoriteit Persoonsgegevens

 

 

 

16. Social Media and External Platforms


Our website may contain links or integrations with third-party platforms such as Instagram, TikTok, or Pinterest.


Interaction with these platforms is subject to their own privacy policies.

 

 

17. Updates


We may update this Privacy Policy at any time. The latest version will always be available on our website.

 

 

18. Contact

 

GreenFlag Instituut

Email: info@greenflaginstituut.com