Privacyverklaring

Landhuishotel & Restaurant De Bloemenbeek

Landhuishotel & Restaurant De Bloemenbeek B.V. attaches great importance to the protection of your personal data. In this privacy statement, we inform you transparently about how we handle personal data and which rights you have in this regard.

We process personal data carefully and in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller is:

Landhuishotel & Restaurant De Bloemenbeek B.V.
Address: Beuningerstraat 6, 7587 LD De Lutte, Overijssel
Email: directie@bloemenbeek.nl
Telephone: 0541 – 551 224

De Bloemenbeek has not appointed a Data Protection Officer. For questions about privacy or the processing of personal data, you can contact us using the contact details above.

2. General principles

De Bloemenbeek:

  • processes personal data only for clearly defined purposes;
  • does not process more personal data than necessary;
  • processes personal data on the basis of a valid legal basis;
  • protects personal data with appropriate technical and organisational measures;
  • provides personal data to third parties only if this is necessary;
  • respects the rights of data subjects.

3. Processing of personal data

3.1 Customers and suppliers

Purposes

  • reservations and performance of agreements;
  • administrative and financial processing;
  • communication about appointments, assignments and services.

Legal basis

  • performance of the agreement;
  • legal obligation (such as tax regulations).

Personal data
Name, address, place of residence, telephone number, email address, payment and invoicing details, medical or diet-related data (such as allergies).

3.2 Newsletter subscribers

Purpose

  • sending newsletters and relevant information about De Bloemenbeek.

Legal basis

  • explicit consent (opt-in).

Personal data
Name and email address.

You can unsubscribe at any time via the unsubscribe link in the newsletter.

3.3 Prospects and interested parties

Purpose

  • providing business information and contacting you about our services.

Legal basis

  • legitimate interest.

Personal data
Name, job title, company name, telephone number and email address.

You can object to this processing at any time.

3.4 Employees

Purpose

  • performance of the employment contract;
  • compliance with legal obligations.

Grondslag

  • employment contract;
  • legal obligation.

Personal data
Identification and contact details, salary details, bank details, citizen service number (BSN) and a copy of an identity document.

4. Retention periods

De Bloemenbeek does not retain personal data longer than necessary for the purpose for which it was collected, unless a statutory retention obligation applies.

  • Financial and administrative data (customers & suppliers):
    10 years (maximum statutory tax retention period).
  • Communication and reservation data, including medical or diet-related data:
    up to 5 years after the last contact, unless it forms part of the financial administration.
  • Newsletter subscribers:
    As long as you are subscribed
  • Prospects and business contacts:
    for as long as someone is considered a prospect and/or interested party, or up to 5 years after the last verifiable contact.
  • Employees:
    • payroll administration: 10 years
    • copy of identity document and BSN: 10 years after the end of employment
    • other personnel data: up to 5 years after the end of employment, unless otherwise required by law.

After the retention period has expired, personal data will be deleted or anonymised.

5. Disclosure to third parties

Persoonsgegevens worden uitsluitend verstrekt aan derden indien dit noodzakelijk is voor de uitvoering van de hierboven beschreven doeleinden, zoals administratiekantoren, IT-dienstverleners of nieuwsbriefsoftware.

Data processing agreements have been concluded with these parties. Personal data is not provided to parties outside the European Economic Area (EEA).

6. Minors

We only process personal data of minors under the age of 16 if consent has been given by a parent, carer or legal representative.

7. Security

De Bloemenbeek has implemented appropriate technical and organisational measures to protect personal data against loss, misuse or unauthorised access. These include, among other things, access restrictions, password policies, backups and periodic evaluation of security measures.

8. Rights of data subjects

You have the right to:

  • access your personal data;
  • have data corrected or deleted;
  • have processing restricted;
  • object to processing;
  • have your data transferred to another party.

If the processing is based on consent, you can withdraw that consent at any time. We may ask you to identify yourself before we process a request.

9. Complaints

If you have a complaint about the processing of your personal data, we ask you to contact us in writing via directie@bloemenbeek.nl. If we are unable to resolve the matter together, we naturally find this very unfortunate. You always have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), the supervisory authority in the field of privacy protection.

10. Questions

If you have questions or comments as a result of this privacy statement, you can contact us using the contact details listed under section 1.