de-haan-245-jaar stempel
Data Privacy and Protection Policy

Data Privacy and Protection Policy


De Haan needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees, and other people the organization has a relationship with or may need to contact. This policy describes how this personal data must be collected, handled, and stored in accordance with applicable local law, EU GDPR, as well as our own Data Privacy and Protection Policy.

Why this policy?

This Data Privacy and Protection Policy ensures De Haan:

  • Complies with data protection best practices.
  • Protects the rights of staff, customers and partners.
  • Is open about how it stores and processes individual’s data.
  • Protects itself from the risks of data breach.

People, risks, and responsibilities Policy Scope

This policy applies to: 

  • Management and all staff at De Haan.
  • All contractors, suppliers and other people working on behalf of De Haan.

It applies to all data that the company holds relating to identifiable individuals.
This can include: 

  • Name of individual.
  • Home or e-mail address.
  • Date of birth.
  • Telephone number.
  • Identification number (for example, a Social Security or Social Insurance Number).
  • Physical characteristics.
  • Any other information relating to individuals.

We maintain a separate GDPR register of data we obtain from our customers and for which reason this data is being collected.

Data protection risks 

This policy helps to protect De Haan from data security risks, including:

  • Breaches of confidentiality.
  • Unauthorised access to data.
  • Reputational damage.


Everyone who works at or on behalf of De Haan, including contractors and suppliers, has some responsibility for ensuring data is collected, stored and handled appropriately. 
Each person that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles.

General staff guidelines

  • The only people able to access data covered by this policy will be those who need it for their work.
  • Data will not not be shared informally. When access to confidential information is required, employees can request it from their direct managers.
  • The applicable certificate of conduct is available on all employees of De Haan.
  • De Haan will provide training to all employees to help them understand their responsibilities when handling data.
  • Employees will keep all data secure, by taking sensible precautions and following the guidelines below.
  • In particular, strong passwords must be used and they will never be shared.
  • Personal data will not be disclosed to unauthorized people, either within the company or externally.
  • Data will be regularly reviewed and updated if it is found to be out of date. De Haan will not
    keep information longer than officially is required (by law) or as long as required for the purpose as provided for.
  • Employees will request help if they are unsure about any aspect of data protection.

Data storage 

These rules describe how and where data will be safely stored.
When data is stored on paper, it will be kept in a secure place where unauthorized people cannot see it. These guidelines also apply to data that is usually stored electronically but has been printed out for some reason: 

  • When not required, the paper or files will be kept in a locked drawer or filing cabinet.
  • Employees will make sure paper and printouts are not left where unauthorized people could see them, like on a printer.
  • Data printouts will be shredded and disposed of securely when no longer required.

When data is stored electronically, it must be protected from unauthorized access, accidental deletion and malicious hacking attempts: 

  • Data will be protected by strong passwords that are changed regularly and never shared between employees.
  • Data will only be stored on designated drives and servers.
  • Servers containing personal data will be sited in a secure location.
  • Data will be backed up frequently. Those backups will be tested regularly, in line with the company’s standard backup procedures.
  • Data will never be saved directly to laptops or other mobile devices like tablets or smart phones.
  • All servers and computers containing data will be protected by approved security software and a firewall.
  • Devices storing data will be physically destroyed when no longer in use.

Data usage and disclosure 

Personal data is of no value to De Haan unless the business can make use of it. However, it is when personal data is accessed and used that it can be at the greatest risk of loss, corruption or theft: 

  • When working with personal data, employees will ensure the screens of their computers are always locked when left unattended.
  • Personal data will not be shared informally.
  • Employees will not save copies of personal data to their own computers. Always access and update the central copy of any data.
  • Data will only be provided to approved vendors.

Data accuracy 

It is the responsibility of all employees who work with data to take reasonable steps to ensure it is kept as accurate and up to date as possible. 

  • Data will be held in as few places as necessary. Staff will not create any unnecessary additional data sets.
  • Staff will take every opportunity to ensure data is updated. For instance, by confirming customer’s details when they call.
  • De Haan will make it easy for data subjects to update the information De Haan holds about them.
  • Data will be updated as soon as inaccuracies are discovered. For instance, if a customer can no longer be reached on their stored telephone number, it will be removed from the database.

Monitoring and Enforcement

  • Employees can find this policy in our Quality Manual “KAM handboek”
    (Chapter: Werkvoorschriften).
  • The KAM and Facility Coordinator will review the policy as needed and make any revisions necessary.
  • Periodic reminders of this policy will be provided to all employees (at least once per year).
  • If De Haan makes any changes to its Data Privacy and Protection Policy this will be updated in the Policy on their website by means of a hyperlink. In this way customers, suppliers, business contacts, employees, and other people De Haan has a relationship with, will always be able to follow the latest Data Privacy and Protection Policy.


In case of any privacy related complaints and disputes these can be reported to our KAM and Facility Coordinator at phone: +31-78-69.20333 or email: 

Wencke Klunder

Any questions? Our experienced specialist is at your service.

You can reach me at +31 78 69 20 333 or send an .