Step Out Activities , through its website www.stepout.fun and application Step Out (hereinafter the “Company”), is concerned with protecting its Users’ personal data. The Company is committed to providing a very high level of protection for such data in compliance with the Dutch Personal Data Protection Law and General Data Protection Regulation (GDPR).
For more specific information regarding the applicable regulations with regard to personal data protection, Users may also consult theDutch Data Protection Authority (Dutch DPA) website accessible at the following address: https://autoriteitpersoonsgegevens.nl/en.
ARTICLE 1 CHARTER SCOPE AND ACCEPTANCE
The present Charter shall govern collecting and using personal information throughout the Step Out website and application (hereinafter the “Site” or the “Platform”) as well as with regard to the Step Out service (hereinafter the “Service”).
Users hereby acknowledge and accept that browsing the Site as well as using the Service implies express, prior acceptance of the terms hereof.
The Company reserves the right to modify the present Confidentiality Charter. In this regard, Users are invited to periodically check, in particular each time the Service is used, whether changes have been made to the Confidentiality Charter.
ARTICLE 2 USERS’ RIGHTS
Users are hereby informed that they have the following rights:
Right to access one’s Personal Data: to be informed and request access to the data we process about users;
Right to update one’s Personal Data: to request that we amend or update one’s personal data when inaccurate or incomplete;
Right to restrict the use of one’s Personal Data: to request that we temporarily or permanently stop processing all or some of one’s personal data;
Right to object to the use of one’s Personal Data: to object to us processing one’s personal data where we no longer have a legitimate or legal need to process it;
Right to object to Direct Marketing: to object to one’s personal data being processed for direct marketing purposes;
Right to port one’s Personal Data: to request a copy of your personal data in a machine-readable format and the right to transmit that personal data for use in another party’s service;
Right to erase one’s Personal Data: to request that we delete your personal data;
All such rights may be exercised:
directly in the User’s account;
by e-mail to the following address: email@example.com, accompanied by a copy of one’s identity documents
ARTICLE 3 COLLECTION OF YOUR PERSONAL DATA
The Company shall be responsible for the processing it conducts regarding the personal data it collects on the Site and through the Service.
The Company shall collect personal data during Users’ visits to the Site and when using the Service, and in particular:
when a Customer creates a User account: This includes personal data such as first and last names and email addresses ;
when a Customer reserves an Activity: this includes personal data such as name, address (partial or whole), phone number, credit card details and other personally identifying information. This can also include information about other people, and in this case, one must obtain the consent of such other individuals prior to providing Step Out with their personal data. ;
when registering for a newsletter: This includes name and email addresses ;
ARTICLE 4 USE OF YOUR PERSONAL DATA
The Company shall use the personal data collected in this manner in accordance with applicable regulations and with regard to the following purposes:
for commercial prospecting operations implemented by the Company unless the User has objected, or for commercial prospecting operations by third parties if the User has consented. In such a case, the User can always modify his preferences by going to his profile/preferences ;
in cases of violation of a regulation if an authority makes a substantiated request therefor with regard to applicable regulations;
for internal administration and quality control purposes.
The data provided by Users, in particular by browsing the Site or through the registration forms present on the Site, are required for processing the request and using the Service, unless the wording “optional” is indicated on the relevant form.
The addressees of such data shall be the Company’s relevant departments, payment partners, and commercial partners.
Please note that the Company will only use one’s personal data when the law allows it to do so.
Most commonly, we will use one’s personal data in the following circumstances:
where we need to perform the contract we are about to enter into or have entered into;
where we need it for our legitimate interests (or those of a third party) and when a User’s interests and fundamental rights do not override those interests;
with your consent;
where we need to comply with a legal or regulatory obligation.
ARTICLE 5 SHARING YOUR PERSONAL DATA
ARTICLE 6 KEEPING YOUR PERSONAL DATA
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure or your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
ARTICLE 7 COOKIES
When visiting the Site and Application, cookies and other similar technologies (hereinafter “cookies”) may be installed in the User’s browser.
In particular, such cookies are used to collect information regarding the User’s browsing.
The purpose of the cookies used by the Company is to provide for Site browsing and Service use, among other things.
The cookies that may be placed on the User’s terminal when browsing the Site or Application have varying functions:
Strictly required cookies are essential for using the Service ;
Functional cookies are primarily aimed at improving Site browsing and Service use ;
Advertising cookies provide for offering Users targeted advertising as well as limiting the number of times a User sees an advertisement or to help measure the effectiveness of an advertising campaign ;
Service Provider cookies allow the Company to monitor actions on Service Provider links in order to manage its relationship with said Service Providers;
Statistical cookies allow the Company to measure the audience for all or part of the Site and thereby establish statistics, volumes, and visitor origins.
Moreover, the Company installs social networking applications on Site pages allowing Users to share content with other people.
Such applications may allow the social network to identify a User even if said User has not used the corresponding social network button if said User’s account with the relevant social network is open. As the Company is not in control of such applications or services, it is recommended Users become familiar with the confidentiality policies of such third parties, in particular in order to take suitable action as appropriate.
Users may oppose cookie installation and recording or configure their browser such that it announces when cookies are downloaded and asks the User for permission on a case by case basis.
On the Dutch DPA [Dutch Data Protection Authority] website (https://autoriteitpersoonsgegevens.nl/en) you may find practical explanations regarding how to control your terminal’s “Privacy” settings.
Users are nevertheless informed that certain Site functional features may not be used or will operate in downgraded mode if the Users refuse cookie installation.
ARTICLE 8 PERSONAL DATA SECURITY
The Company shall implement security procedures in order to help protect the personal data stored on its systems. For example, the Company shall limit access to personal data to those employees who, by reasonable standards, need it. The Company shall also employ procedures to protect Users’ personal data from unauthorized access.
Please note specifically that the Company does not store bank card payment details on its servers or systems.
Nevertheless, Users’ attention is drawn to the fact that, although the Company has implemented suitable technical and organizational resources in order to ensure protection from unauthorized or illicit processing for personal data and against all loss, damage, or accidental destruction thereof, the Company has no way to guarantee the absolute security of such personal data.