Privacy statement

The Nepa Forwarding BV and its group members (hereafter together: “NEPA”) protect the information received from their clients, website visitors and all other persons with whom they communicate. NEPA strives to uphold the highest privacy and data protection standards to meet the legal and regulatory requirements. Transparency is important when handling information and NEPA is committed to fulfill the requirements under the General Data Protection Regulation (herein referred to as “GDPR”) and to safeguard the client’s rights thereunder. This privacy statement uses the terminology as defined in the GDPR and is regularly updated to ensure continuous compliance with the GDPR and its further developments. The client is advised to regularly checks NEPA’s website and this privacy statement for updates.

General Purpose of Processing Personal Data

The personal data processed by NEPA includes, amongst others, the client’s name, contact details and financial information. Collecting such data has the following purposes:
• The data is needed for the performance of the contractual relationship with the client, such as processing the client’s request and subsequent fulfilment of the contract;
• NEPA processes personal data to comply with their legal obligations as subjected to in the Netherlands or other jurisdictions;
• The data might be needed for the purpose of legitimate interests outside the scope of the client’s contract or pursuant to a legal obligation.

Personal data is only processed for the above mentioned purposes. NEPA ensures that this data is only available to those who have a legitimate interest and require access to said data.

Using and sharing of personal data

NEPA may share the client’s personal data with other group members of the NEPA and with its affiliates, agents and service providers. Personal data may be shared for such purposes as performance of contractual obligations and/or fulfilling the applicable legal requirements. Personal data will only be shared with external parties with the client’s consent or when required or permitted by law. Personal data is shared with, i.a., the following parties or their legal successors:
• NEPA group member companies, i.e. NEPA’s affiliates, agents and service providers, and legal representatives,
• NEPA’s auditors

Only upon their explicit and legitimate request, personal data is provided to the below authorities:
• The National Data Protection Supervisory Authorities;
• The competent courts or judiciary authorities pursuant to data protection disputes

Disclosure of personal data to an entity as listed here above might require a transfer of the client’s personal data to countries with a lower standard/adequate level of data protection. NEPA has procedures in place to ensure compliance with the applicable data protection laws and regulations, safeguarding the client’s personal data.

Retention of Information

NEPA only retains information about the client as long as necessary to fulfil the purpose for which the personal data was collected and to comply with legal requirements and our internal retention policy.

Client’s Rights and Queries

The GPDR provides rights to the data subjects regarding the personal data processed, i.a. the right to access, to correct, to remove, to restrict and to process and to port personal data. No personal data is currently processed by NEPA through automated decision making or by profiling.

NEPA has a procedure in place for any further questions or remarks on the collection and/or use of personal data and this privacy notice; please contact NEPA’s privacy desk at management@nepa.nl. If the client opines that NEPA does not comply with the privacy and data protection regulations, the client can file a complaint with aforementioned privacy desk or with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at www.autoriteitpersoonsgegevens.nl