Privacy Statement

Shamrock Information Security believes in protecting the privacy of its website visitors and customers.
Therefore, we only collect the minimum amount of data necessary to ensure that our business operations run as smoothly as possible.
This Privacy Statement explains exactly which data we collect and for what purpose.
Please select the section below that best applies to your situation.

Questions? Please fill out the form at the bottom of this page.

We, Shamrock Information Security, are the controller of all personal data we use.
This may include website visitors, such as yourself, as well as our “potential” customers and contact persons of our suppliers.

Our website visitors

For our websites www.shamrockinfosec.com, www.ShamrockInformationSecurity.com, ShamrockPrivacyAdvice.com, and ShamrockRiskManagement.com, we collect the following information:

Your IP address and browser information as provided by your computer.
Basic analytics about your visit via our on-site statistics and security plugins.

We collect this data solely to count website visits and protect our website from fraudulent and/or hacking activities.
We have a legitimate interest in protecting our presence on the internet and compiling basic statistics about our website visitors.
All information is retained until the next time the log files are rotated.
We retain all information we need to protect our website and combat fraud or for legal proceedings, for example in the event of misuse or hacking of our website, for as long as necessary to complete all post-incident activities and/or until legal proceedings have been completed.

When you contact us

When you contact us by email or by using the form on our website, we may collect the following information:

Your company name (not applicable to consumers)
Your name
Your email address
Your telephone number
Your address details if necessary, for example to arrange an on-site introductory meeting

We use this information to respond to your questions or requests and/or to offer you one of our services upon request.

You are one of our business customers

When we reach an agreement, we process the following data:

Your company name
Your name
Your email address
Your telephone number
Your address details
Payment details (bank or credit card details)
Chamber of Commerce number
VAT number, if applicable

We need this data to enter into an agreement with you and to provide the services you have requested.
Your company name, address, Chamber of Commerce number, and VAT number are also processed for us to comply with Dutch tax laws.
We keep all data for at least 7 years after the year your contract with us has ended.
Any contact details may be deleted earlier because we no longer need them, for example when the contract with us ends. We will retain your contact details for a maximum of one year after the end date of your contract.
All data that is part of an invoice will be retained for at least 7 years after the end of the financial year. This is a legal obligation in the Netherlands under current tax legislation.

You are a consumer and one of our customers

When you book a training course with us, we collect the following information:

Your name
Your email address
Your phone number
Your address details
Payment details (bank or credit card details)

We use this information to keep in touch with you, send you updates, and comply with our legal tax obligations.
We are required to issue an invoice, for which we need your name and address details. We retain this information for at least seven years after the end of the financial year, as this is a legal requirement for all companies in the Netherlands.
We do not retain your contact details for longer than six months after the date of the training course.

Direct marketing

When we use your personal data for any of our marketing activities, you always have the right to object to such data processing.
If you do so, we will respect your request. However, if the data is also used for another purpose, for example because you are one of our customers, we will continue to use the data for that purpose.
If you have received marketing from us based on your consent, you can withdraw that consent at any time, and we will always respect your decision.
Please note: we may keep a copy of your data in an opt-out register to ensure that we do not send you any further marketing communications, unless you consent to such communications again in the future.
Please contact us using the form below or use the unsubscribe link in the marketing email you received to withdraw your consent.

Location of processing and automated decision-making

We process all your data within the European Economic Area.
Where this is not the case, we have taken security measures, including encryption, to protect your personal data against unauthorized access and/or misuse.
We do not use automated decision-making that has a significant impact on you as one of our (potential) customers.

Your rights

You have the right to:

Request additional information about our processing of your data and receive a copy of this data
Request us to correct data that is objectively incorrect, such as a misspelling of your name and/or other information
Request us to delete your personal data, which we will comply with unless we have a compelling reason not to comply with your request
Request us to restrict the processing of your personal data

We will respond within one month of receiving your request, unless an extension is necessary, in which case we will inform you, including the reasons for the delay in fully processing your request.

If you wish to exercise your rights, please complete the form below.
This is the only way we can provide you with the correct information.
Please use the email address we already have on file, if you know it.
We must, of course, identify you; it would not be proper for us to provide your data to someone else. We will use the data we have and have received from you for this purpose.

If you disagree with our decision or believe that we have not handled your request correctly, you can contact the applicable supervisory authority to lodge a complaint with them.
For the Netherlands, this is the Autoriteit Persoonsgegevens.

Sharing data and processors

For businesses with whom we work closely, we have contracts in place to ensure that your personal data is treated in accordance with this privacy statement.
They are strictly prohibited from using your data for their own purposes and are required to adhere to the agreed methods and purposes for processing.
We have agreements with the following types of data processors:

Our accountants
Our hosting provider
Our website security partner
Our bank and other contracted payment service providers

Except for these processors, we will not share your data with third parties, unless we are required to do so and when ordered by a competent court.

Securing your data

The security of your personal data is just as important as its privacy.
We ensure that your data is properly protected at all times.
We use adequate security procedures, two-factor authentication where possible, and robust maintenance procedures to secure our computer systems and servers.

How can you contact us?

If you have any questions after reading this privacy statement, please contact us using the form below and we will respond to your request as soon as possible.
Please note that we will need to process your data for this purpose. For more information, see the section above on how we handle your data when you contact us.

Privacy form

Please use the form below to ask your privacy question or inform us of your privacy rights request.
We will respond to your inquiry or request within 1 month of receiving it at maximum.

Your name(Required)

Prefix First Last

Your phone number(Required)

Your email address(Required)

Enter Email Confirm Email

Subject line(Required)

Please keep this short and sweet

Your message(Required)

This field is hidden when viewing the form

page

Basic reference

Phone

This field is for validation purposes and should be left unchanged.