• Sign In
  • Create an Account
Toggle Nav
My Cart
Search
Advanced Search
Menu
Account
Settings
Language
English

Privacy Policy

Innomation B.V. (the holding company behind MediMation.shop) tries to apply a policy that is as correct as possible regarding the implementation of the General Data Protection Regulation (GDPR). This policy is mandatory for web shops from 25 May 2018 and aims to 'protect natural persons with regard to the processing of personal data and the free movement of such data'.

What kind of data do we process from our visitors:

We only process privacy data that we need in order to fulfill our primary function as a web store. In addition, we want to offer our customers a pleasant, interactive experience on our site, and we also use third party services for this. Social media, for example, is one such service. We ask each user of our site in advance whether they want to use our services or not. What our customers subsequently do on and with these services is their own responsibility, we have no insight or influence on this. It is important to emphasise that we do not store any sensitive information related to ethnicity, health, political beliefs or sexual orientation.

Why do we process data from our visitors:

We only process data to be able to complete a successful webshop transaction. We do not want to run the unnecessary risk of losing sensitive information. For this reason, we will try to retain the data of our customers as sparsely as possible. We only store the essentials. This includes name and address details, order and payment details and login details. In the event that a visitor takes the initiative to share additional information with us, such as posting a review, asking questions on our forums or communicating with us via one of the communication methods provided, we also store this information. Since we sell our products online with web store software, we also store (application) log data of our visitors. The latter only serves to solve any problems, and this logging is not used to perform (marketing) analysis.

How long do we keep the data of our visitors:

At the moment we only store data that is relevant for future use. Consider, for example, possible warranty claims (order data), or questions that may also be relevant to other visitors to our site (forum). In addition, transactional data is stored in our systems. Think for example of web server logging, payment traffic and communication data such as e-mails. We will at all times handle this data with care and adequately protect it against misuse and loss. If desired, any user can request at any time to view the stored data and, if desired, have it deleted. Our aim is to delete all stored data of our customers after the legally liable periods for the tax authorities have expired. At the moment this is 7 years.

Who processes this data that we collect:

In the processing register at the bottom of this page, we have listed all customer data that we process, and which we may exchange with third parties. Our approach is that the interests of our customer comes first, and not our company's. We therefore do not value the use of customer data in any way other than to fulfill our main purpose, which is to sell products through our web store and to help visitors obtain more information about our products.

Provide insight into stored data:

As mentioned earlier on this page, we want to offer our customers the opportunity to gain full insight into their stored data. This is a manual process and will therefore take some time. Legally speaking, there is a response period of 4 weeks for this, we try to facilitate this as quickly as possible. We will ask for legitimate and valid identification for such a request.

Transfer of stored data:

Since we do not profile our users, there is also no 'file' to transfer. A data transfer request is therefore not relevant to us and cannot be executed. On request, the stored data can be provided, as described in the point above.

Information about abuse and infringement:

From a legal point of view, notification is required to the EU Data Protection Supervisor in the event of data loss due to an intrusion into our systems. In such cases, our customers are also informed of such an event when possible using the contact details provided.

Right to be 'forgotten':

At the request of our users, we can strip our systems of stored data of relevant users. Registered customers can use the specially designed functionality in their account page. However, we will need the necessary legal term of a maximum of 4 + 6 weeks for this. An applicant will receive a message from us within 4 weeks, after which we will have 6 weeks to identify and delete this data. We will ask for legitimate and valid identification for such a request. Please note: If we have deleted the data on request in this context and a claim is made on a warranty scheme or the right of withdrawal, we will then require the original invoice.

Right to 'modify':

At the request of our users, we can provide access to the stored data of the relevant user, and we offer the possibility to adjust it, whether or not with the help of our web shop software. We will ask for legitimate and valid identification for such a request.

Profiling the visitors of MediMation.shop:

We do not conduct profiling on our customer base, and as such we do not maintain a specific profile of our individual users.

Marketing:

The only form of marketing we conduct is to advertise on larger ad platforms using generic usage profiles. Think for example of 'people interested in golf' or 'men between the ages of 30 and 40 years old'. These are always anonymized user groups. We do not perform so-called dynamic remarketing: our visitors will therefore not receive our advertisements on random websites again and again because they have visited our site once.

Extra measures for sensitive information:

Since we do not process sensitive information from our users, no special arrangement has been set up for this.

Data storage within Europe:

All personal privacy-related data is stored within the borders of the European Union.

Data protection officer:

As far as we know, a person-specific assignment to this role is not necessary for smaller companies that do not process sensitive data from users. Users of our site can use the contact methods listed on the site.

Processing register:

A summary of the data we collect while using our site, and that we (and our partners) store from our customers:

 

Name and address details

Processor: Purpose:
MediMation.shop The data is only stored for administrative purposes such as the correct addressing of communications.
Pay.nl The data is included in a transaction of a payment. The same information may in some cases be passed on to third party payment authorities such as Paypal.com. In addition, this is also made mandatory by legal requirements that every payment service provider must adhere to. More information about this in the general terms and conditions of Pay.nl
MyParcel The data is passed on to be able to deliver a shipment to the correct recipient.
Google The data can be processed to post a review.

Phonenumber

Processor: Purpose:
MediMation.shop The data may be used to contact you about questions or problems in order processing.
Pay.nl The data is included in a transaction of a payment. The same information may in some cases be passed on to third party payment authorities such as Paypal.com. In addition, this is also made mandatory by legal requirements that every payment service provider must adhere to. More information about this in the general terms and conditions of Pay.nl
MyParcel The data is passed on to enable MyParcel to send SMS notifications regarding the shipment.

E-mail address

Processor: Purpose:
MediMation.shop The data is used in automated or manual processing to be informed about order processing or to maintain contact.
Pay.nl The data is included in a transaction of a payment. The same information may in some cases be passed on to third party payment authorities such as Paypal.com. In addition, this is also made mandatory by legal requirements that every payment service provider must adhere to. More information about this in the general terms and conditions of Pay.nl
MyParcel The data is passed on to enable MyParcel to send e-mail notifications regarding the shipment.
Google The data can be processed to post a review.
Amazon Web Services The data is used to facilitate e-mail exchange via our web server through the Amazon Simple Email Service.
Microsoft Office 365 The data is used to maintain e-mail contact via the Office 365 platform.

Paymentdetails (bankaccount number / account details)

Processor: Purpose:
Pay.nl The data is included in a transaction of a payment. The same information may in some cases be passed on to third party payment authorities such as Paypal.com. In addition, this is also made mandatory by legal requirements that every payment service provider must adhere to. More information about this in the general terms and conditions of Pay.nl

IP Address

Processor: Purpose:
MediMation.shop The data is recorded in server and application logging to facilitate debugging and tracing.
Pay.nl The data is included in a transaction of a payment. The same information may in some cases be passed on to third party payment authorities such as Paypal.com. In addition, this is also made mandatory by legal requirements that every payment service provider must adhere to. More information about this in the general terms and conditions of Pay.nl
All third parties The data is recorded in server and application logging to facilitate debugging and tracing.
 

Data processing agreements third parties

The processor agreements concluded by us have been concluded for the following third parties:

  • Microsoft Office 365
  • Amazon Web Services
  • Google / YouTube
  • MyParcel
  • Pay.nl
Unique products only in our shop
100% safe website, GDPR regulated
The most common used payment methods
Excellent guarantee, and 14 days cooling off period
Delivery with track & trace
Default volume and shipping discounts