Leightback cares greatly about your privacy. We exclusively process data that we need for (improving) our services,
and carefully handle all information gathered about you and your usage of our services. Your data is not shared with
third parties for commercial goals. This privacy policy applies to the use of the website and the services provided by
Leightback. The starting date for the validity of these terms and conditions is 21/08/2023, with the publication of a
new version the validity of all previous versions is canceled. This privacy policy describes what information about you
is collected by us, what this data is used for and with whom and under what conditions this data could be shared with
third parties. We also explain to you how we store your data, how we protect your data against misuse and what rights
you have regarding the personal data you provide us.
If you have any questions about our privacy policy, please contact our privacy contact person, you will find the contact
details at the end of our privacy policy.
Below you can read how we process your data, where we save it, what security techniques we use and to whom the
data is visible.
We use webhosting and email services provided by WooCommerce, For our webhosting we use the services of
OtherSvS. Personal data gathered with the use of our website and services is shared with OtherSvS requires access
to these details to offer (technical) support. They will not use this data for any other purposes. OtherSvS has an
obligation, based on the agreement we have with them, to take necessary precautions and security measures when
it comes to your personal data.
Our webshop has been developed using WooCommerce software, We host our webshop on a server under own
management. We have taken necessary precautions and security measures when it comes to your personal data
such as an SSL-encryption and a strong password policy.
We use webhosting and email services provided by SvS. SvS processes personal data on our behalf and will not use
this data for their own purposes. However, they can collect metadata generated by the use of their services,
although this is not considered personal data. SvS has taken necessary precautions and security measures, both
technical and organisational, to prevent loss, abuse and misuse of your personal data. SvS is bound by the
confidentiality agreement we have with them.
For our regular business email, we use the email services of Office365. This party has implemented fitting technical
and organisational measures to prevent misuse, loss or corruption of your data. Office365 does not have access to
our mailbox and we treat our email-traffic confidentially.
For concluding and processing (part of) our payments in our webshop we use the payment provider Mollie. Mollie
processes your name, address and residence information. They also process payment information such as your
bank account number or credit card number. Mollie has implemented fitting technical and organisational measures
to protect your personal data. Mollie retains the right to use your personal (anonymized) information to further
improve their services and, within this context, share it with third parties. All the aforementioned guarantees in
regard to the protection of your personal data are also applicable to any services by Mollie that uses third parties.
Mollie does not store your data any longer than the instalments permitted by the appropriate legal grounds.
We use our own website to gather reviews. To leave behind a review you are required to fill in your email address,
name and place of residence. Our own website shares certain data with us that is required for us to match your
review to your order. Furthermore, Our own website publishes your name and place of residence on their own
website. In some instances, Our own website can contact you to ask you to clarify, elaborate or comment on your
review. In case of one of our review requests we share your name and email address with Our own website, they
use this information with the sole purpose to invite you to leave behind a review. Our own website has
implemented fitting technical and organisational measures to protect your personal data. Our own website retains
the right to use your personal information to offer their services and share it with third parties, we have given Our
own website permission to do so. All of the aforementioned guarantees in regard to the protection of your personal
data are also applicable to any services by Our own website that uses third parties
If you place an order with us it is our responsibility to have your order successfully delivered to you. For the delivery
we use the services of PostNL. For a successful delivery it is important that we share you name, address and
residential details with PostNL. PostNL uses this information with the sole purpose to carry out the agreement of
delivery. In case of PostNL hiring subcontractors, they will share said information with these parties.
For our accounting, administration and bookkeeping we use the services of Snelstart. We share your name,
address, residential details and general details concerning your order/purchase. This data is used for the
administration of sales invoices. Your personal data is securely sent and stored, Snelstart has implemented fitting
technical and organisational measures to protect your personal data against loss or unauthorised use. Snelstart is
obligated to a duty of confidentiality and will treat your data accordingly. Snelstart does not use your personal data
for any other purposes other than those previously described above.
External sales channels
We use your data with the sole purpose of providing you with our services. This means that the goal of processing
this data stands in direct relation to the assignment or task that you offer us. We do not use this data for
(addressed) marketing purposes. If you share information with us and we use this information to – not based on a
request – contact you at a later time, we will first ask for explicit consent. Your data is not shared with third parties,
with any other purpose than to fulfil accountancy and administrative obligations. These third parties are all
obligated to a duty of confidentiality based on the agreement we have with them, an oath or legal obligation.
Information automatically gathered by our website is processed with the sole purpose of providing you with and/or
to further improve our services. This information (for instance your IP address (anonymised), web browser and
operating system) is not personal information.
In some cases, we may be obligated by government to a lawful duty of sharing your information with the purpose of
assisting in a fiscal or criminal investigation. In such cases we are forced to comply and assist, but will, based on
lawful possibilities, offer objection.
We store your data for as long as you are a client with us. This means that we maintain and keep your client profile
until you make it known to us that you no longer desire to use our services. Such a message also functions as a
request to be forgotten. This also means we will maintain your data for no more than two years following your last
contact or transaction, unless there is a legal justification for doing so. We are required to keep invoices with your
(personal) information due to relevant administrative obligations, this information is safely stored for as long as the
relevant term for these obligations has not yet passed. Personnel no longer has access to your client profile and
any documents made because of your assignment or task.
Based on valid Dutch and European law you, as a concerning party, have certain rights when it comes to personal
data that is processed by or on behalf of us. Below you may find an explanation of these rights and how you, as a
concerning party, can invoke these rights. In principle to prevent abuse we only send invoices and copies of your
data to e-mail addresses that you have made known to us. Should you wish to receive this data on another e-mail
address or for instance per mail we will ask you to identify yourself accordingly. We maintain an administration of
concluded requests, in case of a request to be forgotten we will maintain an administration of anonymised data.
You receive all invoices and copies of data in files that are structured in a machine-readable format Based on data
classifications that we use within our system. At all times you maintain the right to lodge a complaint with Autoriteit
Persoonsgegevens if you suspect that we mistreat or misuse your personal data.
At all times you maintain the right to view the data we process that has a relation or may be reducible to your
person. You may request such a viewing to our contact in charge of privacy matters. You will receive a response to
your request within 30 days. If your request is approved we will send you, via the e-mail address known to us, a
copy of all data with an added overview of processors managing this data while also mentioning the categories
under which we store this data.
At all times you maintain the right to have the data we process that has a relation or may be reducible to your
person be adjusted. You may request such an adjustment to our contact in charge of privacy matters. You will
receive a response to your request within 30 days. If your request is approved we will send you, via the e-mail
address known to us, a confirmation that the data has been adjusted.
At all times you maintain the right to limit the data we process that has a relation or may be reducible to your
person. You may request such limiting to our contact in charge of privacy matters. You will receive a response to
your request within 30 days. If your request is approved we will send you, via the e-mail address known to us, a
confirmation that the processing of your data is limited until you chose to cancel said limitation.
At all times you maintain the right to request for the data we process that has a relation or may be reducible to
your person be processed by a third party of choice. You may send in such a request to our contact in charge of
privacy matters. You will receive a response to your request within 30 days. If your request is approved we will
send you, via the e-mail address known to us, your (personal) invoices or copies of data that we, or third parties on
behalf of us, have processed. It is highly likely that in such a case we can no longer offer our services to you for we
can no longer guarantee the previous data safety.
At all times you maintain the right to object to the processing done by us, or on behalf of us by third parties, of your
personal data. In case of such an objection we will immediately cease all processing of your data while your
objection is being investigated and handled. In case of a justified objection we will return all invoices and/or copies
of personal data that we, or third parties on behalf of us, have processed up until that point and cease processing
thereafter. You also maintain the right to not be subject of automated decision-making processes or profiling. We
process your data in such a way that this right does not apply. Should you believe that this right does apply then
we ask you to reach out to our contact in charge of privacy matters.
At all times we maintain the right to alter our privacy policy. This page however always displays the most recent
version of our privacy policy. Should a new privacy policy have consequences for the ways in which we process
recently gathered data in regard to your person, then we will notify you of this via e-mail.