Privacy Policy

Effective Date: [14th July 2021]

1. Introduction

STR Trading B.V. (“we,” “us,” or “our”), a company registered in the Netherlands under Chamber of Commerce number [KVK], is committed to protecting your privacy and ensuring full compliance with the EU General Data Protection Regulation (GDPR) and Dutch data protection laws. This Privacy Policy explains how we collect, use, store, and safeguard your personal data in connection with our global trading services—including the import/export of goods, logistics, and customer/supplier management. It also outlines your rights regarding your personal data and how you may exercise them.

2. Data Controller Contact Information

Data Controller:

STR Trading B.V.
Address: [Pastoor Sprengerstraat 1 1701 GW Heerhugowaard, Netherlands]
Email: [contact@str-trading.com]
Phone: [+31 XXX XXX XXXX]

For any privacy-related inquiries, please contact our Data Protection Officer using the above information.

3. Types of Personal Data We Collect

We process various categories of personal data, including but not limited to:

  • Customer/Supplier Data:
    • Names, addresses, email addresses, phone numbers, VAT numbers
    • Payment and bank details
    • Order histories and contractual data
  • Employee/Contractor Data:
    • CVs, national IDs, tax information
    • Employment contracts and performance records
  • Website Visitors:
    • IP addresses, cookies, and browser/device data
    • Usage analytics (via tools such as Google Analytics, configured in compliance with GDPR)
  • Marketing Data:
    • Contact details provided for newsletters or promotional communications (collected only with explicit consent)
  • Other Data:
    • Any additional data provided voluntarily by data subjects in the context of our services

4. Purposes of Processing & Legal Bases

We process personal data for a variety of purposes, each based on one or more legal grounds under the GDPR. Below is an overview of our processing activities and their corresponding legal bases:

PurposeLegal Basis (GDPR Art. 6)
Fulfilling contracts (e.g., orders)(b) Contractual necessity
Managing supplier and customer relationships(b) Contractual necessity
Compliance with tax and legal obligations(c) Legal obligation
Marketing communications(a) Consent (or legitimate interest where applicable)
Improving website functionality(f) Legitimate interests
Internal administration and HR management(b) Contractual necessity / (f) Legitimate interests

Where required by law (e.g., processing sensitive data), we have implemented additional safeguards to ensure the protection of your rights and freedoms.

5. Data Sharing & International Transfers

Data Sharing

We may share your personal data with trusted third parties for specific purposes, including:

  • Logistics Partners: For coordinating shipments and customs clearance.
  • Payment Processors: For handling secure transactions (e.g., banks, PayPal).
  • IT/Cloud Providers: For data storage and processing via GDPR-compliant platforms (e.g., AWS, Microsoft Azure).
  • Consultants and Legal Advisors: For compliance, auditing, and legal advisory services.

International Transfers

Where personal data is transferred outside the EU/EEA, we ensure that it is adequately protected by:

  • Utilizing Standard Contractual Clauses (SCCs).
  • Transferring data to jurisdictions with adequacy decisions (e.g., UK, Japan).
  • Implementing other safeguards as necessary to ensure compliance with GDPR requirements.

6. Data Security Measures

To protect your personal data, we have implemented robust security measures, including:

  • Encryption: Use of SSL/TLS for data in transit and encryption of data at rest.
  • Access Controls: Role-based access and multi-factor authentication.
  • Regular Audits: Security audits and penetration testing to identify and mitigate risks.
  • Employee Training: Regular GDPR and data security training programs for all staff.

In the event of a data breach, we will notify the relevant supervisory authorities and affected data subjects in accordance with GDPR requirements.

7. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typical retention periods include:

  • Customer/Supplier Data: Up to 7 years post-contract termination (to comply with tax and legal obligations).
  • Marketing Data: Until consent is withdrawn or for a maximum of 2 years of inactivity.
  • Employee/Contractor Data: Up to 5 years post-employment termination, unless a longer period is required by law.

After the retention period expires, personal data will be securely deleted or anonymized.

8. Your Rights Under the GDPR

Under the GDPR, you have the following rights with respect to your personal data:

  • Access: Request copies of your personal data.
  • Rectification: Request corrections to any inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to certain conditions.
  • Restriction: Request the restriction of processing of your personal data.
  • Portability: Request the transfer of your personal data to another party.
  • Objection: Object to the processing of your personal data for direct marketing or other purposes.
  • Withdraw Consent: Withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at [Data Protection Officer Email]. We will respond to your request within 30 days as required by the GDPR.

9. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience and collect data for analytics and marketing purposes.

  • Essential Cookies: Necessary for website functionality (no consent required).
  • Analytical Cookies: Used to analyze website performance (consent required).
  • Marketing Cookies: For personalized advertising and tracking (consent required).

You can manage your cookie preferences through our Cookie Consent Banner or via your browser settings. For more details, please refer to our [Cookie Policy].

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes via email or by posting a notice on our website. The updated version will be effective as of the stated “Effective Date.”

11. Complaints

If you believe that we have not adhered to the provisions of the GDPR or any other applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. For residents in the Netherlands, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

12. Contact Us

For any questions, concerns, or additional information regarding this Privacy Policy or our data protection practices, please contact us at:

Email: [Pastoor Sprengerstraat 1 1701 GW Heerhugowaard, Netherlands]
Address: [contact@str-trading.com]
Phone: [+31 XXX XXX XXXX]