Privacy Policy
COLLECTIVE takes your privacy and the protection of your personal data seriously. We will treat your data as confidential, and are fully committed to handling the information you provide us securely and responsibly in according with General Data Protection Regulation (GDPR) legislation and this privacy statement.
Data Controller
As per GDPR regulations, the data controller for information provided through this website is: Are We Europe, 1019 HE Amsterdam. Email: info [at] areweeurope [dot] eu.
What personal data do we collect when you browse our website or subscribe to our newsletter or other services?
When you visit our website (www.collective.dorik.io) we collect browsing data such as IP address, date and time of access, browser and operating system details, for site security, accessibility, stability, and administrative purposes. To understand further what we collect, and why, please see our cookies policy.
When you request and sign up for the following services, we collect only the information necessary to provide you with those services. These include:
— Subscribing to our mailing list which is managed by Mailchimp
— Purchasing an item(s) from our store
In all cases, you may request that we remove this data at any time, subject to the requirements outlined by the GDPR, including certain exceptions for law enforcement purposes as defined by English law.
How do we use your data?
When you sign up for a particular service we use your data to only to provide that particular service to you, or to contact you should there be any error or interruption in the provision of that service. Please see below for specific examples:
— Our mailing list: when you subscribe to our mailing list, we use the data you provide us (your full name and email address) to send you our weekly newsletter and other announcements, including information about launch events, new issues, or purchase or subscription offers.
Security of Data
COLLECTIVE will use all reasonable efforts to safeguard your personal data, however internet usage is never entirely secure. For this reason, we cannot guarantee the security or integrity of any personal data which are transferred from you or to you via the internet. We are committed to notifying the Information Commissioner’s Office (ICO) promptly should we become aware of any data breach.
Do you sell or pass on any of my personal data to third parties?
COLLECTIVE will never sell your personal data. We will only pass on specific, applicable data to our trusted third-party partners in order to fulfill a request you have made for a specific service (see above section).
How and where do we store your data?
In the case of email subscriptions, your information is stored securely by our email partner, Mailchimp. Mailchimp’s servers are located in the United States and are certified by the EU-US Privacy Shield agreement which allows them to receive and process EU data in compliance with European privacy laws.
Where you place an order in our web store, your data is stored by Mailchimp. We will retain this data for one year from the date of the order you placed. You may request that we delete this data at any time. If you have given your consent for us to do so, your email address will be added to our mailing list, which is managed by Mailchimp.
Email correspondence relating to other matters (where applicable), between you and COLLECTIVE or its representatives, is handled by Google G-Suite which is based on a server located in the United States. This data is protected and secured under the EU-US Privacy Shield agreement (see above section, “How do we use your data?”).
Do you store data from social media accounts?
COLLECTIVE operates a number of social media channels (including Facebook, Twitter, and Instagram). This policy covers how COLLECTIVE will use any data collected from those pages, but it does not cover how those social media platforms will use your personal information. Please ensure you read the privacy policy of the social media platform in question and make use of the privacy settings and reporting mechanisms to control how your data is used.
How long do we retain your personal data?
We retain your personal data for as long as is necessary to provide you with the service(s) you have requested, and to fulfil our obligations in regard to GDPR and other legal requirements. Unless you request otherwise, we retain data related to the following services for the time period specified below:
— Our newsletter (managed by our email partner Mailchimp): for the duration of your subscription (you may unsubscribe at any time using the link provided at the bottom of each newsletter email)
— Browsing data and other online usage information: we keep this information (as defined in the section above) for a maximum of five years after your last visit to the COLLECTIVE website, for administrative and data retention purposes
What are your rights in relation to the data we hold on you?
By law, you have and retain the rights to:
— Be informed: you have the right to be provided with clear, relevant, and easily understandable information about how we use your data and your rights to data protection. This includes providing you with this privacy policy.
— Access your data: you have the right to obtain access to your information (if we collect and/or process it), in according with the relevant data protection laws including GDPR (subject to journalistic exemptions as outlined by the ICO )
— Rectify or update incorrect information: you have the right to have your information corrected within a reasonable timeframe, if it is inaccurate or incomplete
— Withdraw consent: you have the right, at any time, to inform us in writing that you wish to withdraw your consent for us to hold and/or process your data. As a consequence of receiving a written request withdrawing your consent, we will cease to further process your data; the withdrawal of consent does not affect the lawfulness of processing your data prior to withdrawal of consent
— Be informed of exceptions: we hereby inform you that certain exceptions, under EU law, require us to retain your data for specific and limited purposes. These include: compliance with legal obligation (e.g. to a lawful requirement to disclose such information from a law enforcement authority subject to EU law), for reasons of compelling public interest, or for the establishment, exercise, or defence of legal claims
— Obtain from us restrictions of processing: as per GDPR regulations, if you contest the accuracy, validity, or lawful obtaining and processing of your personal data, but do not wish it to be deleted, in order for it to be retained for the restricted and sole use of establishing, exercising, or defending a legal claim, you have exercised your rights to obtain “restriction of processing” under the GDPR
— Right to receive personal data: you have the right to request and receive personal data which you have provided to us, and for such data to be provided to you in a structured, commonly-used, and machine-readable format within a reasonable timeframe, as per GDPR regulations
How do I request the deletion, restriction, rectification, or receipt of my personal data?
If you would like us to delete, cease processing, rectify, or provide you with the data we hold on you, please send us an email at: info [at] areweeurope [dot] eu, with the subject heading: “GDPR Data Request”, and an outline of what you wish to happen with your data.
We will act on your request in a timely manner, and inform you of the outcome, subject to exceptions (outlined above) where we are required to retain your data for legal purposes.
In most cases, fulfilling requests to provide you with a copy of your data will be free of charge, provided that your request is not baseless, excessive, or repeated. In cases where the request is baseless, excessive, or repeated—or you request further copies of the same information—we may charge a reasonable fee to cover our administrative costs.