Cookie settings: You can recall your Cookie settings at any time to manage your preferences.

ARP Nederland B.V. Privacy Policy

Welcome to our website and thank you for your interest in our company. We take the protection of your data very seriously and ensure that it is processed securely. We process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the country-specific laws applicable to us.

With the help of this Privacy Policy, we will inform you how Bechtle processes your personal data and the rights you have. Personal data means information that can lead to the identification of an individual and includes name, date of birth, address, phone number, e-mail address and also IP address. Anonymous data exists when no connection can be made to an identified or identifiable natural person.

We strongly recommend taking the time to read this Privacy Policy in full. Please do not divulge any data to us if you do not agree with this policy.

Scope.

This Privacy Policy explains how we collect and use your data, such as when you: 

  • Visit or use our website
  • Are an existing or new customer and/or end user of one of our customers
  • Sign up for our newsletter
  • Enter our competitions

Contact us in another way (directly or indirectly) in your capacity as a customer, supplier, service provider or other person interested in our organisation

Right of access.

We would first like to inform you of your rights as a data subject as defined in Art. 15 - 22 EU GDPR. These include:

  • The right of access (Art. 15 EU GDPR)
  • The right to erasure (Art. 17 EU GDPR)
  • The right to rectification (Art. 16 EU GDPR)
  • The right to data portability (Art. 20 EU GDPR)
  • The right to restriction of processing (Art. 18 EU GDPR)
  • The right to rectification (Art. 21 EU GDPR)

To exercise these rights or you have any questions regarding how we process your data please contact privacy.benelux@bechtle.com.

 

Right to object

You also have the right to appeal to the data protection supervisory authority. If we process your personal data for the purpose of direct marketing, you have the right to object at any time without giving reasons. This right also applies to profiling[1] as long as it is connected with direct advertising.

If you object to the processing of your personal data for direct marketing purposes, we will no longer process it for these purposes. Objection is free of charge and does not have to take a specific form. To exercise your right to object, please contact our data protection department at privacy.benelux@bechtle.com.

In the event that we process your data to safeguard legitimate interests, you can object to such processing at any time for reasons relating to your particular situation; this also applies to profiling based on these provisions. We shall no longer process the personal data unless the we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Types of data subjects.

As part of our services, we may collect personal data related to:

  • Our B2B customers, other contractual partners and potential customers, as long as they are independent contractors or in trading companies (in this case, the data relating directly or indirectly to these parties is considered personal data under the GDPR).
  • Contacts, representatives, signatories, managing directors, ultimate stakeholders and employees of our B2B customer, other contact persons and potential customers.
  • Website visitors. 

Data categories, sources and origins.

The specific data we process is dependent on the purpose for which it is used. We require different data e.g. when you place an online order, submit a contact form, apply for a job, or register a complaint.
In certain situations, we may process specific types of information, which we will indicate in an appropriate place, e.g. next to a contact form or an upload form for application documents.

Visiting our website

When you visit our website, we collect the following data through your internet browser: computer IP address, server requests (e.g. page views) including time stamps, browser type, and the referral URL (the address of the previous website that you visited, if you came to our site by following a hyperlink from there).

These first three data types are technically required to be able to properly display the webpage you are viewing. In addition, this data may be used to safeguard secure operations of our website (e.g. to fend off hacking attempts). The referral URL is anonymised and used to compile statistics for marketing purposes. For reasons of technical security and in particular to block attacks on our web server, this type of data are also stored for a certain period of time in accordance with Art. 6 Paragraph 1(f) EU GDPR. 

Contact requests

Our website offers you different ways to contact us, e.g. to submit questions about an order comments about our website. Depending on the request, you can get in touch with us via phone and/or a contact form. The provided contact forms are used to collect the required details for communication (e.g. your name, phone number or e-mail address) as well as receive your message. The collected data are used for customer relations management (contact history) and for responding to/fulfilling your request. 

Online applications

You may use the online application tool on our website to apply for a specific position or send us an general application. When you apply for a job online, we collect and process your title, full name, and contact details. For technical and legal reasons, we also need to record your IP address. Collection and processing of all other data is optional. If you cite your social media profiles in your application, we will also use these data obtained from these public business networks. 

When collecting your personal data via the Careers Portal, the principles of data minimisation and data storage are taken into account, meaning that you only have to enter the data required for us to verify your application documents, such as your CV, or that we are legally required to obtain. Mandatory fields are marked with an asterisk (*). Without these data we are unfortunately unable to verify your application documents and our system will refuse to upload them. You are, of course, free to add additional information to your application. 

We appreciate the importance of your data and only process the personal data you submit as part of your application for the purposes of its effective and correct processing and for contacting you. We do not transfer your data to third parties without your permission. 

We have implemented security measures to ensure that your data remain safe and confidential at all times. All application documents submitted via the Career Portal are encrypted. Your data provided in the context of the application process are stored until the process has been completed and for a period in accordance with applicable law. We will retain your data beyond this point only if you have given your express consent for us to do so. You may revoke this permission for the future at any time and without an explicit reason by contacting us. 

Newsletters.

You can subscribe to a newsletter via our website. If you explicitly give us permission by, for example, providing us with your e-mail address for this purpose or ticking a checkbox, you will be added to the list of subscribers. The principle of data economy and data reduction is observed, as only the e-mail address, name and title are marked as mandatory fields to enable personalisation. Due to technical and legal reasons, we will also process your IP address. 

If you have purchased certain products or services from us, we may inform you about related products or services unless you indicate that you do not wish us to, for example by unticking a checkbox, for example. 

Furthermore, your e-mail address will only be added to the list of subscribers with your express consent. Of course, you can cancel your subscription at any time via the unsubscribe option provided in the newsletter and thus revoke your consent to your data being processed. You also have the option to unsubscribe directly via our website. 

Competitions

From time to time, you will have the opportunity to take part in competitions. The type of data collected will depend on the competition in question. In general, this will be your first and last names and contact details. 

Downloading digital information

You have the possibility to download digital information from our website. To do so , your first and last names, phone number, e-mail address, the name of the organisation you work for, and your professional title are required. 

Mobile Device Management (Apple devices)

You may use an MDM solution on Apple devices. This solution ensures that all mobile devices (smartphones, tablets, and laptops) can be managed in a clear online environment. 

Typeform

For various projects, including the Choose Your Own Device (CYOD) project, you can submit user choices through online forms using the Typeform program. These online forms collect your first name, last name, and e-mail address. Collection and processing of these data is voluntary. 

Mailchimp

We use the Mailchimp program to send automated e-mails. Relevant e-mail campaigns are sent in out with your consent or if you have signed up for them via a form. The e-mails sent out for these campaigns contain, for example, coupon codes or links to a Typeform form. For the purpose of e-mail campaigns, we collect your first and last names and your e-mail address. Collection and processing of these data is voluntary. Mailchimp also tracks what you do with an e-mail (opening, click behaviour, heat mapping etc.). 

Management software

For the purposes of Mobile Device Management, we use software programs like Jamf and Samsung Knox. For these solutions, you need to create a user account yourself and then we will be able to see what devices you have purchased from us and which applications are installed on them. All devices are linked to a name or a number. 

Public registers

Public registers such as at the Chamber of Commerce and public websites provide us with publicly accessible information. 

Purposes and legal bases for data processing

Processing of your personal data complies with the provisions of the EU GDPR and all other applicable data protection regulations. Legal bases for data processing arise in particular from Art. 6 EU GDPR.

We use your data to initiate business opportunities, fulfil our contractual and legal obligations, perform our contractual relationship, offer products and services, and strengthen our relationship with you as our customer. This may also include analyses for marketing purposes, customer satisfaction surveys and direct marketing. For example, when you order a product or service on our website and enter your details, we process your data for the purpose of handling and delivering your order. If you provide your data so that we can contact you about our products or services, we process your data for that purpose. In these cases, the legal basis for processing is both your consent and the need to perform or prepare a contract with you.

We will not process special categories of personal data according to Art. 9 Para. 1 EU GDPR unless we are required to do so by law and there is no reason to assume that your legitimate interest in the exclusion of the processing prevails.

Data retention.

We will store your data only for as long as it is needed for the intended purposes. Personal data obtained within the framework of a contract will be kept for the entire duration of the contract and related agreements we enter into with you, and, after its termination, in accordance with the statutory limitation periods.

Personal data on devices returned for disposal will be erased.

Please note that statutory retention periods may require that data continue to be stored for extended periods of time. This applies in particular to retention periods stipulated in commercial or tax legislation (e.g. Commercial Code, Fiscal Code, etc.). Therefore, we will only retain your personal data for longer periods if we are required to do so by law (for example, due to legal requirements for record keeping, retention obligations or tax obligations), or if necessary to protect our interests in connection with legal proceedings.

In addition, if we agree with you that we will keep your data for a longer period so that you can still access it, we will retain them until you indicate that the data should be deleted.

For more information about the specific retention periods for your personal data, please e-mail our data protection department at privacy.nl@arp.com.

Transfer of data to third parties.

In addition to the purposes set out above, we may transfer your personal data to third parties such as service providers tasked with fulfilling the contract concluded with your company.

Within our company, we ensure that your data is only accessible to persons who need them to fulfil their contractual and legal obligations.

The Bechtle AG group and other Bechtle subsidiaries may become involved in various processes. In the context of purchases and applications,, it is possible that other Bechtle-affiliated companies may become involved.

It may also be necessary to transfer your data to a supplier in order to fulfil our contract with your organisation. For example, we provide our carriers with your address so that they can deliver the products. If you wish to receive products or services from us, your contact data can be provided to the carrier for this purpose. Payment service providers and financial institutions may also need to process your personal data, either to execute or prepare a contract with you or perform a credit check. In addition, a manufacturer or (online) software provider from whom you purchase or wish to purchase a product or service through us may need your information to perform or prepare a contract with you. We may also receive contact or company information from hardware manufacturers, software suppliers of software products, or through the Chamber of Commerce.

We may disclose personal information to the relevant authorities if we suspect fraud or misuse of our website. We do so because we and others have a legitimate interest in ensuring that our website is not misused for fraudulent or otherwise unlawful purposes.

In accordance with applicable data protection regulations, and to ensure the security and lawfulness of data processing, we always seek to enter into a data processing agreement when we process personal data on behalf of another company, or when we have personal data processed by another company.

Data transfer to third countries.

We are aware of the verdict of the European Court of Justice of 16 July 2020 affecting the transfer of personal data. We are currently verifying how we can best resolve this issue. We place great store on the protection of privacy and are making every effort to find a suitable solution. When we have found one, we will inform you in this Privacy Policy. Have questions about how your personal data are processed? Please get in touch using the contact details in this Policy.

Data is only transmitted to third countries (countries outside the European Union or the European Economic Area) if required to do so by law, you have given us your consent or if this is necessary for the performance of a contractual obligation.

Our company transfers your personal data to corporations outside of the European Economic Area in Switzerland. We make every effort to ensure adherence to data protection with binding Standard Contractual Clauses (also known as EU Model Clauses), data protection regulations, etc.

If you purchase an (online) product or service from a US manufacturer or supplier, additional measures may be required to ensure the security of personal data such as a data processing agreement with EU Standard Contractual Clauses. We recommend that you also check whether the concerned party has taken the corresponding measures. For large companies like Microsoft, this is generally the case.

 

Secure data transmission.

We have taken appropriate technical and organisational measures in order to protect data from accidental or deliberate manipulation, loss, corruption or unauthorised access.

To this end, the connection between your device and our website is always encrypted (with SSL/TLS/HTTPS or similar technology) where current encryption protocols are used and continually updated to reflect new standards.

We also ensure that the systems that store and process your personal data are protected against unauthorised access and use with access controls and authentication (e.g. passwords or multi-factor authentication).

We also ensure that our systems are regularly updated and our security measures regularly reviewed.

In addition, any information submitted through contact or application forms on our website is also encrypted and cannot be decrypted again by a third party To ensure the security and legality of data processing, we will enter into a data processing agreement with all parties who need to process your personal data for the performance of a contract with you.

Please note that no data transfer or storage systems can be 100% secure. Depending on the state of technology, the cost of implementation and the nature of the data to be protected, we take technical and organisational measures to prevent destruction, loss, alteration and unauthorised disclosure of, or access to, your data. If you have reasons to suspect that your interaction with us or your data are no longer being securely processed, please do not hesitate to contact our data protection department at privacy.nl@arp.com.

It is your responsibility to ensure the data you provide is correct, complete and up-to-date to the best of your knowledge. If you provide us other people's data, it is your responsibility to collect it in accordance with local legal requirements. You must inform the other person, whose data you are making available to us, of the contents of this Privacy Policy and obtain their prior consent.

When you purchase products or services through us that involve the processing of personal data and where you yourself enter into a (user) agreement with the manufacturer or supplier, you are recommended to check whether the manufacturer or supplier utilises adequate security measures for the protection of personal data.

Newsletters (Article 6 Paragraph 1, GDPR)

You can subscribe to our free newsletter via our website. If you explicitly give us permission by, for example, providing us with your e-mail address for this purpose or ticking a checkbox, you will be added to the list of subscribers. All data required to subscribe to our newsletter is subject to the principles of data reduction and data economy, meaning you only have to provide your e-mail address and name for personalisation. For technical and legal reasons, we also process your IP address.

If you have purchased certain products or services from us, we may inform you about related products or services unless you indicate that you do not wish us to, for example by unticking a checkbox, for example.

Furthermore, your e-mail address will only be added to the list of subscribers with your express consent. Of course, you can cancel your subscription at any time via the unsubscribe option provided in the newsletter and thus revoke your consent to your data being processed. You also have the option to unsubscribe directly via our website.

Career portal (Article 6, Para. 1 a and b, GDPR)

You may use the online application tool on our website to apply for a specific position or send us an general application. When you apply for a job online, we collect and process your title, full name, and contact details. For technical and legal reasons, we also need to record your IP address. Collection and processing of all other data is optional. If you cite your social media profiles in your application, we will also use these data obtained from these public business networks.

When collecting your personal data via the Careers Portal, the principles of data minimisation and data storage are taken into account, meaning that you only have to enter the data required for us to verify your application documents, such as your CV, or that we are legally required to obtain. Mandatory fields are marked with an asterisk (*). Without these data we are unfortunately unable to verify your application documents and our system will refuse to upload them. You are, of course, free to add additional information to your application.

We appreciate the importance of your data and only process the personal data you submit as part of your application for the purposes of its effective and correct processing and for contacting you. We do not transfer your data to third parties without your permission.

We have implemented security measures to ensure that your data remain safe and confidential at all times. All application documents submitted via the Career Portal are encrypted.

Your data provided in the context of the application process are stored until the process has been completed and for a period in accordance with applicable law. We will retain your data beyond this point only if you have given your express consent for us to do so. You may revoke this permission for the future at any time and without an explicit reason by contacting us.

Typeform (Article 6, Para. 1 a, GDPR)

For various projects, including the Choose Your Own Device (CYOD) project, you can submit user choices through online forms using the Typeform program. These online forms collect your first name, last name, and e-mail address. Collection and processing of these data is voluntary.

Mailchimp (Article 6, Para. 1 a, GDPR)

We use the Mailchimp program to send automated e-mails. Relevant e-mail campaigns are sent in out with your consent or if you have signed up for them via a form. The e-mails sent out for these campaigns contain, for example, coupon codes or links to a Typeform form. For the purpose of e-mail campaigns, we collect your first and last names and your e-mail address. Collection and processing of these data is voluntary. Mailchimp also tracks what you do with an e-mail (opening, click behaviour, heat mapping etc.).

Management software (Article 6, Para. 1 a, GDPR)

For the purposes of Mobile Device Management, we use software programs like Jamf and Samsung Knox. For these solutions, you need to create a user account yourself and then we will be able to see what devices you have purchased from us and which applications are installed on them. All devices are linked to a name or a number.

Automated case-by-case decisions.

Please note that we generally do not use purely automated processes to make a decision.

If a negative decision has been made about you based on automated decision making and/or profiling, and you do not agree, please contact privacy.nl@arp.com. We will then delete these data.

Third-party websites.

This policy does not apply to third-party websites linked to our website. We cannot guarantee that these third parties will handle your personal data reliably or securely. We strongly recommend reading these websites’ privacy policies before using them. 

Amendments to our Privacy Policy.

We reserve the right to make amendments to this Privacy Policy. Any changes will be published on this webpage. We recommend regularly consulting this policy so that you are aware of these changes. 

Supervisory authority.

We are happy to help you if you have complaints about the processing of your personal data. According to data protection laws, you have the right to submit a complaint about how we process your personal data to the supervisory authority. You can contact the personal data authority for this purpose. 

Cookies

Our website uses cookies or similar technologies to save and/or read information on your device. More information about the cookies we use as well as how, why and the options you have can be found in our Cookie Policy.

Contact details of the responsible organisations and our data protection departments.

You can send us questions or requests regarding your personal data or our Privacy Policy at any time:

ARP Nederland B.V.
Withuisveld 30
6226 NV Maastricht

privacy.nl@arp.com

+31 (0)43 855 00 00

Data Protection Department contact details: privacy.benelux@bechtle.com.
 

[1] The GDPR defines “profiling” as “any form of automated processing of personal data evaluating the personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the data subject’s performance at work, economic situation, health, personal preferences or interests, reliability or behaviour, location or movements.”

[1] The GDPR defines “profiling” as “any form of automated processing of personal data evaluating the personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the data subject’s performance at work, economic situation, health, personal preferences or interests, reliability or behaviour, location or movements.”