Nicolab Website Privacy Policy
1. Introduction
At Nicolab, we respect your privacy regarding any information we may collect while operating our
website and services related to it. Personal Data means information that can directly or indirectly
identify you or other individuals (“Personal Data”), for example first name, last name, email address,
telephone number, IP address, location information, cookie ID etc.
The categories of Personal Data that we process depend on how you use our services. We use your
Personal Data to provide our website services in alignment with your preferences, to deal with your
requests, to contact you in order to carry out relevant services. All Personal Data is processed in
accordance with applicable data protection laws.
We do not disclose your Personal Data to any third party except to our affiliates and to data processors
that assist us with providing our services. With your consent we use cookies for marketing, performance
and statistical purposes.
You always have the right to request information about your stored data, its origin, its recipients, and the
purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or
deleted. You can contact us at any time using the address given in the legal notice if you have further
questions about the issue of privacy and data protection. You may also, of course, file a complaint with
the competent regulatory authorities.
2. General provisions
This Privacy Policy applies to Personal Data processed by Nicolab (hereinafter, “us”, “we”) in connection
with the operation and functionality provided to you through the website https://nicolab.com, and other
Nicolab websites (collectively, the “Website”). This Privacy Policy explains what Personal Data may be
collected, how we use it, and under what circumstances we may disclose this data to third parties. This
includes Personal Data collected through Website and branded pages on third party platforms and
applications accessed or used through such websites or third party platforms.
Personal Data is administered by NICo-Lab B.V., registered with the trade register of the Chamber of
Commerce in Amsterdam under registration number (KvK): 64531775, with principal place of business
and address for service at Paasheuvelweg 25, 1105BP, Amsterdam, the Netherlands.
Nicolab has appointed a Data Protection Officer who can be contacted at the following address:
infosec@nicolab.com
Personal Data submitted on the Website is processed in accordance with applicable data protection
laws, in particular the Regulation (EC) No. 2016/679 of the European Parliament and of the Council of 27
April 2016 on the protection of natural persons with regard to the processing of personal data and on
the free movement of such data, and repealing Directive 95/46/EC (General Data Protection
Regulation), hereinafter referred to as the GDPR or GDPR Regulation.
By using our Website, you acknowledge that we are processing your Personal Data in accordance with
this Privacy Policy. If you do not wish that we process your Personal Data in this way, please reject all
cookies except strictly necessary and do not use functionality such as newsletter and contact us forms
or otherwise provide our Website with your Personal Data.
We process your Personal Data to provide you the Website. In certain instances, we only process your
Personal Data if you have consented, for example, we ask for your consent to use your data for
marketing purposes, record how you interact with our website using cookies and other technologies.
Where we process your Personal Data on the basis of your consent, we will ask for your consent explicitly
but, in some cases and only where permitted by applicable law, we may infer in a transparent manner
consent from your actions. We may also ask you to provide additional consent if we need to use your
Personal Data for purposes not covered by this Privacy Policy.
We take utmost care to protect the interests of the persons whose Personal Data we process, in
particular we are responsible for making sure that the gathered data:
● is processed in accordance with applicable laws;
● is gathered for specific legitimate purposes and is not further processed for any other purpose whatsoever;
● is substantially correct and adequate for the purposes such data is processed for;
● is stored in a form that enables to identify the persons it pertains to for no longer than it may be necessary for achieving the purpose of its processing; and
● is processed, using appropriate technical or organizational means, so as to properly ensure the safety of Personal Data, including protection of such data against any unallowable or illegitimate processing or inadvertent loss, destruction, or damage.
This Privacy Policy, together with the Cookies Policy posted on our Website, set forth the general rules and policies governing your use of our Website. Depending on your activities when visiting our Website, you may be required to agree to additional terms and conditions.
3. Purposes, scope, legal basis and duration of data processing
The purpose, basis, duration, and scope of the processing of Personal Data by Nicolab, as well as
recipients of such data, are, in each case, determined by how you use our Website and Services. You
may generally visit the Website without providing information to us which directly identifies you.
However, please be aware that in this case you may not be able to use certain parts of the Website or
particular services offered by us. Nicolab may process Personal Data on the Website for the following
purposes, within the following durations, and to the following extent:
3.1 Contact
Purpose of Personal Data collected
We process your Personal Data whenever you contact us and respond to your enquiries and comments. We process Personal Data to provide you with our services that you request from us, including responding to your queries or comments.
Scope of Personal Data collected
We collect Personal Data that you have provided to us on a voluntary basis when you fill out a contact
form or otherwise communicate with us. The types of information we may collect include your name,
email address, and other Personal Data you choose to provide as well as the information on the
handling of your request, queries from us and further information submitted with your request. Please,
however, refrain from sending us information on your health or other sensitive data in unencrypted
emails.
Legal basis
Article 6 clause 1 letter b) of the GDPR Regulation (contract performance). Applicable data protection legislation allows Nicolab to process your Personal Data for the purpose of performance of a contract with you (i.e. fulfill your contact request).
If you provide to us Personal Data that is considered sensitive (e.g. information on your health or ethnic origin), your consent will be the legal basis for processing your Personal Data.
Duration of Personal Data storage
The Personal Data is stored for the time it is needed for us to properly handle the request that you have sent us and until our statutory obligations to preserve records have expired.
3.2. Marketing communication
Purpose of Personal Data collected
The Personal Data collected is used for the provision and optimisation of our marketing measures via email, in particular, the provision of our newsletter and other promotional messages on our events,
services and products.
Scope of Personal Data collected
When you register for our newsletter and promotional messages, provided that you have given us your consent, we may further collect your data such as email address, geographical location, IP-address,
behaviour, preferences, job title, employer data, etc.
Legal basis
Article 6 clause 1 letter a) of the GDPR Regulation (consent). If you are a subscriber of our newsletter and promotional messages, your express consent in receiving marketing communications shall be the legal basis for processing your Personal Data.
Duration of Personal Data storage
The data is stored until the person it pertains to withdraws his or her consent to the processing of his or her data for specific marketing communication purposes.
3.3. Visiting our Website – with or without Cookies
Purpose of Personal Data collected
We (and third-party service providers acting on our behalf or on their own behalf) use cookies and similar technologies to process data about you when you visit our Website and/or Services. Cookies are files that store information on your computer hard drive or browser that mean that we can recognise that you have visited us before. Nicolab uses cookies and similar technologies (like pixels, fingerprints and other tools) and may process the data contained in cookie files when users visit our Website for the following purposes:
● to customize the Website content to reflect the user’s personal preferences (e.g. cookies accepted, preferred language) and streamline the use of the Website pages;
● to maintain anonymous statistics of how the Website is used in order to improve our products and your experience on our Website;
● to use remarketing, i.e. to review the behavioral features of the Website users by anonymously analyzing what they do (np. recurrent visits to specific pages, keywords, etc.) to create their profiles and provide them with customized advertisements even if they visit other website covered by Google Inc. display network;
● to measure the efficacy of advertisements and learn what visitors do on the Website, as well as display personalized advertisements;
● to analyze the traffic on the Website.
For more information about the use of cookies, please see our Cookies Policy.
Scope of Personal Data collected
For this purpose (Visiting our Website) we may process the following Personal Data: information about the hardware equipment and type of browser you use, details of your behavior on our Website (for example: the web pages you viewed), your IP and device address, your Cookie ID, sources and media from and by which you have been attracted to our Website (hyperlinks that you have clicked, networks, the website you visited before arriving at our Website), information collected by cookies or similar tracking devices (for ex. geographical and demographic data), and any other information you choose to share.
Nicolab may use Google Analytics or Universal Analytics provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). The so gathered data is processed as part of the said services on an anonymous basis (it is the so-called operational data, which is not enough to identify a person) to generate statistics that help administer the Website. Such data is collective and anonymous, i.e. it is free of any features (such as personal details) that could be used to identify Website visitors. Our Website and Services may involve simple links to social media networks like Twitter, Instagram, Google+, LinkedIn, Facebook, etc. depending on the technology used by the social media it may be the case that Nicolab will transmit Personal Data to the provider of the relevant social media network when you click on such link.
Your use of these third party services is entirely optional. We are not responsible for the privacy policies and/or practices of these third party services, and you are responsible for reading and understanding those third party services’ privacy policies.
Legal basis
Your Consent is the legal basis for processing your Personal Data when visiting our Website. You can customize your browser’s cookie settings to reflect your comfort level with cookie security. For more information on how to configure the settings of your browser, please see our Cookies Policy
Duration of Personal Data storage
Please check the Cookies Policy to learn about the storage periods for each cookie.
4. Data recipients
4.1 Service Providers (processors)
To ensure the proper functioning of the Website, including the performance of their contracts, Nicolab uses external services (such as third-party software). We use only services provided by such data processors who can properly guarantee that appropriate technical and organizational measures are implemented to ensure the compliance of Personal Data processing with the requirements of the GDPR Regulation and protect the rights of the persons the data pertains to.
Nicolab discloses data only if it is necessary to pursue a specific purpose of data processing and only insofar as it is necessary to achieve such a purpose. Personal Data of the Website users may be disclosed to the Service Providers who supply us with the technical, IT, and organizational solutions needed by Nicolab to carry on its business activity, including the Website and consequently electronic Services (in particular suppliers of the software used to run the
Website, email providers). We disclose the user’s Personal Data to a selected supplier only if and insofar it is necessary to achieve a specific purpose of the data processing hereunder.
4.2 Other recipients (controllers)
We may share your Personal Data with the following controllers (i.e. third parties that process your Personal Data for their own purposes):
- law enforcement or other agencies if we are required to do so by law, or by a warrant, subpoena or court order to disclose your Personal Data.
4.3 Sharing your Website usage information
We may with your consent share Website usage information with trusted third parties (e.g. advertisers, advertising agencies, advertising networks, data exchanges, etc.) in order to offer you tailored content, including more relevant advertising for products and services which may be of interest to you. These trusted third parties may set and access their own cookies, web beacons and similar tracking technologies on your device in order to help us deliver customized content and advertising to you when you visit our relevant Website or third-party sites.
5. What countries do we transfer your Personal Data to
The recipients of your Personal Data are based in the European Union/the European Economic Area. We will take maximum technical measures to avoid the transfer of your Personal Data to a location outside of the European Union/the European Economic Area. If your Personal Data should be transferred to a location outside of the European Union/the European Economic Area, we will ensure that an adequate level of data protection is achieved by a recognized legal mechanism, so-called Standard Contractual Clauses, as published by the European Commission or Binding Corporate Rules.
6. Data profiling
The GDPR Regulation obligates us to inform about automated decision-making, including data profiling as defined in article 22 clauses 1 and 4 of the GDPR Regulation, and provide, at least in such cases, significant information on its decision-making rules, as well as on the significance and projected consequences of such data processing for the person the data pertains to. Accordingly, in this clause of the Privacy Policy Nicolab provides information on possible data profiling.
On its Website and in its Services, Nicolab may use data profiling for the purpose of direct marketing, but our decisions based thereon do not apply to the possibility of subscribing Services on the Website. Data profiling on the Website and inside our Services involves automatic analysis or forecasting of a person’s behavior on the Website and inside our Services, e.g. when such a person visits a specific page of the Website or application or by analyzing the history of the actions taken by such a person on the Website or inside the application so far. Such data profiling is possible if Nicolab is in possession of an individual’s Personal Data that can be used, e.g. to send him or her a newsletter informing about new products.
7. Rights of the person the Personal Data pertains to
You have the rights to your Personal Data that are described below. You can exercise your rights by contacting us at infosec@nicolab.com so that we may consider your request under applicable law. When we receive an individual rights request via email, we may take steps to verify your identity before complying with the request to protect your privacy and security.
● Right to access, rectify, limit, delete, or move Personal Data – the person the data pertains to has the right to request us to provide him or her with access to his or her Personal Data, to rectify or delete such data („the right to be forgotten”), to limit or object the processing thereof, as well as to have his or her data moved. Details of how such rights can be exercised are provided in articles 15-21 of the GDPR Regulation.
● Right to withdraw the consent at any time – the person whose Personal Data is processed by Nicolab based on such a person’s consent (pursuant to article 6 clause 1 letter a) or article 9 clause 2 letter a) of the GDPR Regulation) is entitled at any time to withdraw his or her consent, this not affecting the right to process such data based on the consent before it was withdrawn.
● Right to lodge a complaint with the supervisory authority – the person whose Personal Data is processed by Nicolab is entitled to lodge a complaint with the supervisory authority in the manner and mode prescribed in the GDPR Regulation and the laws of the Netherlands.
● Right to make an objection – the person whose Personal Data is processed is entitled to raise at any time an objection against his or her data being processed subject to article 6 clause 1 letter e) (public interests or tasks) or f) (legitimate interests of Nicolab) due to reasons associated with his or her special situation, including data profiling under such legislation. In such an event, Nicolab may no longer process such Personal Data unless Nicolab proves that there are significant, legitimate reasons for data processing which are superior to the interests, rights,
and freedoms of the person the data pertains to or those for determining, asserting, or defending any claim whatsoever.
● Right to object direct marketing – if Personal Data is processed for the purpose of direct marketing, the person the data pertains to is entitled to raise at any time an objection against his or her Personal Data being processed for the purpose of such marketing, including data profiling, insofar as the data processing is associated with such direct marketing.
8. Security
Considering the nature, scope, context, and purposes of data processing and the risk, however likely and imminent, of violating any right or freedom of natural persons, Nicolab implements appropriate technical and organizational measures to make data processing compliant with this regulation and be able to prove it. Our security measures are being improved continuously as new technology develops.
8.1 Technical measures
Nicolab takes technical measures to prevent unauthorized persons from intercepting or altering any Personal Data that is transmitted electronically. The processing and transmission of data through our Website is encrypted by Secure Sockets Layer protocol (“SSL”), which is an encryption technology to ensure the highest possible security for the transmission of your data, including Personal Data, between your web browser and our internet system. The URL of a website with SSL connection to your browser starts with “https://”. Most browsers indicate SSL-encrypted websites by displaying an icon that depicts a closed padlock. This icon might be located in the address bar or the bottom status bar. If you have turned off your status bar, this icon may not be visible, even on websites that use SSL.
Nicolab uses commercially reasonable technological, physical, and administrative security safeguards such as firewalls and antivirus software in order to protect the Personal Data that is being processed by us. Please note that no method of transmission over the Internet, or method of electronic storage is absolutely secure and reliable, and we cannot guarantee complete protection of your data from third-party access.
8.2 Links to external sites
Our Website and Services may contain hyperlinks to external websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. Once you have left our relevant Website or Services, we cannot be responsible for the protection and privacy of any information which you provide. We strongly advise you to review the Privacy Policy and Terms and Conditions of every website you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites, products or services.
9. Children’s Personal Data
We do not knowingly collect any personal information from children under the age of 18. If you are under the age of 18, please do not submit any personal information through our Website or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Privacy Policy by instructing their children never to provide personal information through the Website or Services without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Data to us through the Website or Services, please contact us, and we will use commercially reasonable efforts to delete that information.
10. Privacy Policy changes
This Privacy Policy may be updated from time to time to reflect changing legal, regulatory or operational requirements. Nicolab encourages visitors to frequently check this page for the latest information on our privacy practices.
To the extent processing of your Personal Data is based on your consent, we will not change the scope of such processing, unless you have given additional consent to the changed scope of such processing.
Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.