Information security policy
Our security policy
In order to achieve its business goals and to comply with legal and contractual requirements, Zoe Karssen protects sensitive business information (including information from customers and personal data that have been entrusted to us) to the best of its ability. We strive to protect sensitive business information from all internal, external, intentional and unintentional threats that could harm the confidentiality, integrity or availability of that information. All employees of the Zoe Karssen group are responsible for the implementation of this policy and have the support of Zoe Karssen Management for this.
This Information Security Policy, together with the Privacy Policy and the underlying procedures and work instructions, impose on all Zoe Karssen employees the obligations to:
– Handle sensitive company information according to company policy and manage it in a secure manner to prevent unwanted disclosure, alteration or loss;
– identify and report deficiencies and incidents in the security of information. Moreover, Zoe Karssen Management sees to it that:
– information security risks are continuously monitored and measures are taken to reduce these risks to acceptable levels;
– information security procedures and work instructions are developed, communicated and complied with and relevant work is documented;
– information security is embedded in the organization and information security tasks are performed by qualified personnel or outsourced to qualified third parties;
– personnel are informed of legal and contractual requirements with regard to information security and are trained in recognizing the risks in handling personal information and in the use of e-mail and internet;
– sensitive business information is only made available and accessible to authenticated and authorized personnel when and where necessary for business purposes;
– IT systems, networks and infrastructures that process sensitive business information have low complexity, are designed with security as a starting point and are properly protected and managed;
– information security incidents and weaknesses are treated in a structured way and used to continuously improve our security position;
– independent audit and assessment have been introduced and are being used to continually improve critical business processes and the security of information;
– for products, services and tasks originating from or outsourced to third parties, the security of sensitive business information is contractually guaranteed and meets the legal requirements;
This policy has been approved by the CEO; it will be reviewed and updated annually in the event of changes in applicable legislation or the risk landscape, so that it continues to support our ability to serve our customers safely.
With this Privacy & amp; Cookie Statement we, Zoe Karssen, inform you about why we need your personal data, how we process and protect it and how you can exercise your privacy rights. We handle personal data carefully and always ensure that we act in accordance with the General Data Protection Regulation (AVG).
Privacy statement
Zoe Karssen appreciates the interest you have shown in our company, our products and services through your visit to our website zoekarssen.com or related communication channels, such as our social media channels and blogs. Zoe Karssen supplies casual and sports fashion products to consumers via e-commerce platforms (such as web shops) and maintains them for information and communication with customers and prospects.
This general statement covers all personal data that Zoe Karssen can record during your contacts with Zoe Karssen, such as when you visit our websites, subscribe to newsletters, contact our sales department, order processing, customer service, etc.
We will also present you with a specific Notice at the time that we require your personal data. This includes precisely what information we ask of you, for what purpose we need it, how we protect it, how long we keep it, with whom we share it and what your rights are, including to enter this data. see, correct and supplement and have it removed.
Why do we collect personal information?
We may ask you to share your personal data with us for the following purposes:
– Processing your orders and paying in the webshop
– Delivering the products ordered by you
– Providing information about Zoe Karssen and services at your request
– Sharing Zoe Karssen channels / pages and blogs in social media
– Maintaining the relationship with you as a customer
– Improving our products and services
– Optimizing our customer service
– Answering your questions
– Solving problems with products and informing about their status
– Conducting a satisfaction survey after the problem or question has been answered or resolved
We do not process your personal data for other purposes.
Which personal data do we collect?
During your interactions with Zoe Karssen, for example by registering on the Zoe Karssen website, or visiting the Zoe Karssen pages, we may ask you for certain information such as:
– Your name
– Your e-mail address
– Your phone number
– Your address
– Your date of birth
– Further Data required in the business relationship
In addition, depending on the cookie settings in your browser, we can collect information about your internet address, systems and activities such as:
– The IP address of the router with which you are connected to the internet
– Your cookie IDs
– The type of web browser you use
– The pages you visit on our websites
– Your use of and your activities on our Zoe Karssen pages
How do we get your personal information?
There are two ways to do this, one where you are active and one where you are passive. You can actively share your personal data with Zoe Karssen in several ways, such as:
– Create an account to register you as a Zoe Karssen customer;
– Subscribe to a Zoe Karssen newsletter;
– Communicate with Zoe Karssen, for example via e-mail or telephone with one of the employees;
– By participating in Zoe Karssen events, or promotions;
– By participating in tests or surveys organized by Zoe Karssen.
To passively share your personal data, you can set your internet browser in such a way that cookies are accepted. Web servers, including ours, generate cookies that are stored on your computer or mobile device when you visit websites. By reading this out later on, web servers remember which page you were on, or you are logged in, and so on. Our cookies may contain pieces of information that are considered personal data, such as a unique identification number (ID), the IP address of your router and the type of browser you use.
You can set your browser to accept no, all or only certain cookies, such as functional cookies. If you are concerned about your privacy, we recommend that you set your browser to accept only functional cookies. We also ask you explicitly if and if so which cookies you want to receive from our web server. If you refuse all our cookies in your browser, certain parts of our website (s) may not work or will no longer work properly. For example, you can no longer register for the newsletter.
With whom do we share your personal information?
Your information will not be combined, lent, rented or sold by us, nor shared or disclosed in any other way. Zoe Karssen will only disclose personal data on your express request or if this is legally required. Zoe Karssen makes use of third parties for handling payments, for delivering ordered products, etc. To do this, Zoe Karssen has to share with these parties certain personal information you provide us with. Where Zoe Karssen makes use of such parties (Processors) these are contractually bound to secrecy. You may also use your information only for the purpose for which we have provided it.
What are your privacy rights?
After you have shared your personal data with us, they will remain your property. In the Notification we inform you about your exact rights; you always have the right to view your details so that you can have them updated and changed. But in most cases you can also have your data deleted, request us to limit the processing or object to the processing. If we have asked you for permission to collect your data, you can always revoke that permission later. You can easily exercise your rights by going to Account Settings on the Zoe Karssen website and indicating the right you want to exercise under Privacy. You can also send an email to marketing@zoekarssen.com.
How long do we keep your personal data?
We do not retain the data you share with us for longer than strictly necessary. How long that is depends on the purpose for which we need the data. With every processing of personal data, we state the purpose and the storage period in the Notification.
Social media
On our website you will find links to the Zoe Karssen pages on Instagram, Facebook, Pinterest, Twitter, LinkedIn and Youtube. After clicking on such a link, you land on the page that Zoe Karssen has on the relevant platform. If so desired, you can log in with your password for this platform and click on ‘Follow’. Depending on your settings, you will then be kept informed of new Zoe Karssen posts on this platform. The platform also sends a notification with your account name to Zoe Karssen. Zoe Karssen then knows that you are following us on this platform and can view your public profile on this platform. Zoe Karssen is bound by the privacy policy of Sociale Media in which it participates and recommends that you review their privacy statements.
Links to other websites
When you view the Zoe Karssen websites, you may find links to other websites for your convenience and information. These websites are not managed by Zoe Karssen and may have their own privacy statement. We strongly encourage you to read them so that you understand how your personal information is used by these sites. We are neither responsible for the content of these sites nor for the use or privacy policies of those sites.
How we protect your personal information
We acknowledge our responsibility for the protection of the personal data that you entrust to us, against loss, misuse and unauthorized access. Zoe Karssen uses various security technologies and organizational procedures for the protection of your personal data. For example, we apply access control, use firewalls and secure servers, anonymize and encrypt certain types of data, such as sensitive personal data.
Changes to this privacy statement
We acknowledge our responsibility for the protection of the personal data that you entrust to us, against loss, misuse and unauthorized access. Zoe Karssen uses various security technologies and organizational procedures for the protection of your personal data. For example, we apply access control, use firewalls and secure servers, anonymize and encrypt certain types of data, such as sensitive personal data.
Where and how can you file a complaint?
If you have any questions about the privacy policy of Zoe Karssen, please contact us. If you are dissatisfied in any way about how we handle your personal data, we hope that you let us know. We see all feedback as a means to learn and are happy to turn your negative experience into a positive one!
You can always submit a complaint to the Dutch Data Protection Authority. For this you must fill in a form on the AP website.
Our Contact Privacy is Franklin Thielsch; you can contact him via email: marketing@zoekarssen.com.
This privacy statement is effective from and last updated on September 22, 2020.
Zoe Karssen is a trade name of Fashion Invest ZK B.V.
Cookie list
Necessary cookies
| Name | Hostname | Expiry | Tags |
|---|---|---|---|
| secure_customer_sig | zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| Used by Shopify in connection with customer login. | |||
| cart_currency | zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| CLID | www.clarity.ms | 365 days | HTTP only Secure 3rd party |
| _ks_scriptVersion | zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| _ks_scriptVersionChecked | zoekarssen.com | 1 day | HTTP only Secure 3rd party |
| swym-session-id | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| swym-pid | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| SRM_B | .c.bing.com | 390 days | HTTP only Secure 3rd party |
| SM | .c.clarity.ms | Session | HTTP only Secure 3rd party |
| ANONCHK | .c.clarity.ms | 1 | HTTP only Secure 3rd party |
| _clck | zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| cart | zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| cart_ts | zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| cart_sig | zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| Used by Shopify in connection with checkout. | |||
| cart_ver | zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| swym-o_s | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| swym-swymRegid | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| swym-email | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| swym-cu_ct | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| ahoy_visitor | api.snapppt.com | 730 days | HTTP only Secure 3rd party |
| ahoy_visit | api.snapppt.com | 4 hours | HTTP only Secure 3rd party |
| __kla_id | zoekarssen.com | 730 days | HTTP only Secure 3rd party |
| ahoy_visitor | snapppt.com | 730 days | HTTP only Secure 3rd party |
| ahoy_visit | snapppt.com | 4 hours | HTTP only Secure 3rd party |
| _clsk | zoekarssen.com | 1 day | HTTP only Secure 3rd party |
| swym-rconfig_cache | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-devices_timestamp | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-authn_timestamp | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-wishlisthkey_timestamp | Local storage | Persistent | HTTP only Secure 3rd party |
| shopifyChatData | Local storage | Persistent | HTTP only Secure 3rd party |
| gdprCache | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-authn | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-rapps_cache | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-products | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-products_timestamp | Local storage | Persistent | HTTP only Secure 3rd party |
| swym-devices | Local storage | Persistent | HTTP only Secure 3rd party |
| _cltk | Session storage | Session | HTTP only Secure 3rd party |
Preferences cookies
| Name | Hostname | Expiry | Tags |
|---|---|---|---|
| VISITOR_INFO1_LIVE | .youtube.com | 180 days | HTTP only Secure 3rd party |
| A cookie that YouTube sets that measures your bandwidth to determine whether you get the new player interface or the old. | |||
| lang | .ads.linkedin.com | Session | HTTP only Secure 3rd party |
| Session-based cookie that remembers the user's selected language version of a website. | |||
| lidc | .linkedin.com | 1 day | HTTP only Secure 3rd party |
| Used by LinkedIn for routing. | |||
| lang | .linkedin.com | Session | HTTP only Secure 3rd party |
| Session-based cookie that remembers the user's selected language version of a website. | |||
| li_gc | .linkedin.com | 723 days, 7 hours | HTTP only Secure 3rd party |
| Used by LinkedIn to store consent of guests regarding the use of cookies for non-essential purposes | |||
Analytics cookies
| Name | Hostname | Expiry | Tags |
|---|---|---|---|
| _orig_referrer | .zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| Used by Shopify to track landing pages. | |||
| _landing_page | .zoekarssen.com | 14 days | HTTP only Secure 3rd party |
| Used by Shopify to track landing pages. | |||
| _y | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| Shopify analytics. | |||
| _s | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Shopify analytics. | |||
| _shopify_y | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| Shopify analytics. | |||
| _shopify_s | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Shopify analytics. | |||
| YSC | .youtube.com | Session | HTTP only Secure 3rd party |
| This cookie is set by YouTube video service on pages with YouTube embedded videos to track views. | |||
| _ga | .zoekarssen.com | 730 days | HTTP only Secure 3rd party |
| Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions. | |||
| _gid | .zoekarssen.com | 1 day | HTTP only Secure 3rd party |
| Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions. | |||
| _gat_* | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Used by Google Analytics to throttle request rate (limit the collection of data on high traffic sites) | |||
| bcookie | .linkedin.com | 730 days, 11 hours | HTTP only Secure 3rd party |
| This is a Microsoft MSN 1st party cookie for sharing the content of the website via social media. | |||
| MUID | .clarity.ms | 390 days | HTTP only Secure 3rd party |
| Microsoft User Identifier tracking cookie used by Bing Ads. It can be set by embedded microsoft scripts. Widely believed to sync across many different Microsoft domains, allowing user tracking. | |||
| _gat | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Used by Google Analytics to throttle request rate (limit the collection of data on high traffic sites) | |||
| _pinterest_ct_ua | .ct.pinterest.com | 365 days | HTTP only Secure 3rd party |
| Used by Pinterest to store a user ID and the timestamp at which the cookie was created. | |||
| _pin_unauth | .zoekarssen.com | 365 days | HTTP only Secure 3rd party |
| Used by Pinterest to group actions for users who cannot be identified by Pinterest. | |||
Marketing cookies
| Name | Hostname | Expiry | Tags |
|---|---|---|---|
| UserMatchHistory | .linkedin.com | 30 days | HTTP only Secure 3rd party |
| Contains a unique identifier used by LinkedIn to determine that two distinct hits belong to the same user across browsing sessions. | |||
| AnalyticsSyncHistory | .linkedin.com | 30 days | HTTP only Secure 3rd party |
| Used by LinkedIn to store information about the time a sync with the lms_analytics cookie took place for users in the Designated Countries | |||
| bscookie | .www.linkedin.com | 730 days, 11 hours | HTTP only Secure 3rd party |
| Used by the social networking service, LinkedIn, for tracking the use of embedded services. | |||
| _shopify_sa_t | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Shopify analytics relating to marketing & referrals. | |||
| _shopify_sa_p | .zoekarssen.com | 1 | HTTP only Secure 3rd party |
| Shopify analytics relating to marketing & referrals. | |||
| _fbp | .zoekarssen.com | 90 days | HTTP only Secure 3rd party |
| Facebook Pixel advertising first-party cookie. Used by Facebook to track visits across websites to deliver a series of advertisement products such as real time bidding from third party advertisers. | |||
| fr | .facebook.com | 90 days | HTTP only Secure 3rd party |
| Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | |||
| _gcl_au | .zoekarssen.com | 90 days | HTTP only Secure 3rd party |
| Used by Google AdSense to understand user interaction with the website by generating analytical data. | |||
| test_cookie | .doubleclick.net | 1 | HTTP only Secure 3rd party |
| Used to check if the user's browser supports cookies | |||