We recognize that you put your trust in us. It is therefore our responsibility to protect your privacy. This is quite an extensive document in which we explain why we collect data, what data we collect and how we process it so you can understand exactly how we work and how your data is processed.
We are not responsible or liable for any infringements on your privacy by other sites and sources, including our clients and partners.
We respect the privacy of all users of our website and ensure that the personal information you provide is treated confidentially.
Use of the Trustprofile system
Purposes of our Trustprofile system
The personal data we receive from publicly available trust sources and from clients will be processed for the purpose of assessing the reliability of a web store and to inform consumers and interested parties, this is always based on the legitimate interests of consumer protection. In this context we can distinguish three main processes:
- Keeping a register in which we record all inspected web stores;
- We collect, publish, and moderate customer reviews about web stores;
- Informing about various important aspects within the e-commerce.
Database of web stores
To be able to inform consumers about the reliability and customer service of a web store we maintain a database. This database is created and maintained by information from our clients and trust sources. These trust sources are publicly available and can be verified by anyone.
Data that we store in our database include; the name of the contact person, the Chamber of Commerce number, VAT number, company address, telephone number and e-mail address.
- This is based on the legitimate interests of consumer protection.
- We consider the risk of processing these personal details as low.
- We keep the data encrypted on a secure database, the server is located in Germany and Finland.
- We store this data indefinitely. We consider this necessary from the point of view of informing the consumer about the reliability of web stores. At the request of the person concerned, we can anonymize the personal data from the register.
Customer reviews – the invitation
In order to be able to inform the consumer about the quality of a web store, clients can invite customers to leave a review. We will then send an email on behalf of the client to the customers and publish the review. Sending this email can be done via the email address of Trustprofile.com or an email address of the clients web store.
To send the invitation, we process the following personal data: name and email address of the consumer and order number. Optionally, the phone number of the consumer and ordered products can also be processed, for example for sending a mobile invitation and/or collecting product reviews.
- Clients are obliged to inform their customers that they share personal data with us before sending the review invites. A sample text to add to your privacy statement can be found in our support forum.
- We consider the risk of processing these personal data average.
- Invitations are sent via e-mail by Mandrill.
- We retain this information on a secure database, the server is located in The Netherlands.
- This data is retained for three years. This is necessary in order to provide our clients with statistics about the invitations sent and to prevent a single consumer from writing multiple reviews about a web store. This way we also try to protect web stores and consumers from fake reviews.
Customer reviews – the review
The customer reviews about a web store will be published on the web store’s trustprofile. If a noteworthy or offensive review is left the client can ask us to edit or remove the review by means of a moderation request. When requested by the client, we will assess the situation and contact the customer if necessary. More information on this process can be found in our Customer review policy.
To publish and manage the reviews we process the following (personal) data: the review text, name, email address, order number and IP address of the customer. An order number is requested but is not mandatory.