Who are we and what do we do?
We are the Plastic Soup Foundation (a foundation incorporated under Dutch law), also trading under the name Beat the Microbead (hereafter Beat the Microbead, we, us and our).
We have developed the App called Beat the Microbead (hereinafter, the App) in order to disclose the problem of plastic microbeads in products and to let you reduce your use of products containing microbeads (our Services). Our website www.beatthemicrobead.org (the Website) and App offer more information about us and our Services.
Beat the Microbead and your Personal Data
Beat the Microbead cares about your privacy and protecting your “Personal Data” – i.e. all information by which a person can be directly or indirectly identified. We process Personal Data in line with the General Data Protection Regulation (GDPR) and other relevant legislation regarding the protection of Personal Data (collectively referred to as Relevant Legislation).
Are you younger than eighteen years old?
If you are younger than eighteen years old, you are not allowed to use our Website, App, and Services without the permission of your parents or legal guardian.
Our role as Data Controller
We process Personal Data in the context of our Services. We determine the purposes and means of these processing activities. This means we act as Data Controller within the meaning of the Relevant Legislation.
What Personal Data do we process and for what purposes do we use them?
Depending on the relationship we have with a person, we process various Personal Data for different purposes. Below is a breakdown of what Personal Data we process when you use our App (Users), visit our Website (Visitors) and make use of our Services, and/or when natural persons / (contact persons of) legal entities donate to and/or sponsor us (Sponsor).
How long do we store the Personal Data?
It is our policy to store and process only those Personal Data that are essential to provide you with the best possible service. We will not process or store any Personal Data that we do not need. We store Personal Data for as long as we need it for the above purposes. In this regard, we apply at least the following retention periods:
- Personal data in our records for the tax authorities | This data is stored for seven (7) years, unless we are legally obliged to retain the data for a longer period;
- Other Personal Data | We store other Personal Data, including Personal Data of Visitors, only for as long as it is necessary for the purposes. These Personal Data will be deleted as soon as it is no longer necessary for the purposes for which we processed it unless we are legally obliged to retain the Personal Data for longer.
We may also process all aforementioned Personal Data when we have a good faith belief it is necessary to detect, prevent, and address fraud and other illegal activity. Personal Data that we process to prevent fraud (or users who have committed fraud), we store for five (5) years after the last login of User.
Personal Data we process of Users and Visitors may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
Do we share your Personal Data with others?
Apart from the above, we will not share your Personal Data with third parties, unless we are legally obliged to do so.
Export of data outside the European Union (EU)
We process the Personal Data in principle in the Netherlands. We may transfer Personal Data to parties outside the EU if one of our Data Processors is established outside the EU. The Personal Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the European standards. The transfer of data outside the EU will always take place in accordance with the Relevant Legislation (Chapter 5 of the GDPR).
How do we protect Personal Data?
We make every effort to protect the Personal Data we process from unauthorized and unlawful access, change, disclosure, use, or destruction. We take, among other things, the following technical and organizational measures to protect the Personal Data:
- applying encrypted transmission to limit access to the systems on which the Personal Data are stored;
- limited access to the (Personal) Data for authorized employees on a need-to-know basis;
- encryption through passwords;
- network connection with Secure Socket Layer (SSL) technology;
- applying two-factor authentication internally for accessing the (Personal) Data;
- split of application and database servers.
We use the following types of cookies:
- Functional cookies: Functional cookies are essential to the operation of our Website. They allow you to navigate through our Website and to use the functions incorporated in it.
- Analytical or statistical cookies: Analytical cookies are used to check the quality and effectiveness of the Website. For instance, we can see how many users visit the Website and which pages are visited. We use this information to improve our Website and Services.
- Tracking cookies: Tracking cookies follow the click and surf behavior of our visitors. By means of these cookies we can see whether and when you look at your profile and whether you click through to our Website. We may use these cookies to show you ads based on your interests.
If you do not want cookies to be sent to your device, you can change this in the settings of your device. Please note that some of the functions or services of our Website may not operate, or not so well, without cookies.
Our Website contains (hyper)links to websites of partners, suppliers, advertisers, sponsors, licensors, or other third parties. We have no control over the contents or links that appear on these websites and we are not responsible for the practices of websites linked to or from our Website. In addition, these websites and their contents and links can change constantly. These websites may have their own privacy policies, user terms, and client policy. Browsing and interaction on any other website, including websites linked to or from our Website, are subject to the terms and policy of that website.
Your rights and our contact details
As laid down in the Relevant Legislation, you have the right to:
- request us to correct or update Personal Data;
- request Personal Data to be deleted from our database;
- request a copy of the Personal Data that we have processed. A copy of this may also be submitted to another data controller at your request;
- withdraw consent for the processing of data. This does not affect the validity of processing executed before the time that consent was withdrawn;
- lodge an objection to us processing data;
- submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), if the data subject thinks we process data unlawfully.
We are committed to responding to such requests within five (5) working days after receipt. To exercise the rights mentioned above, but also in the event of inquiries, comments, or concerns about the manner in which we deal with Personal Data, please contact us through the contact data below.
Stichting Plastic Soup Foundation
1019 RS Amsterdam
E-mail address: email@example.com
Ch. Of Comm: 52072894
VAT: NL 8502 888 85 B01