Biotainment – The natural sense of entertainment

1. Introduction

  • This Privacy Policy describes how Biotainment (“we,” “us,” or “our”) collects, uses, and shares personal data of users (“you” or “users”) when you visit our website, www.marcelschagen.com (the “Website”).
  • We are committed to protecting your privacy and ensuring that your personal data is processed in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

2. Who We Are (Data Controller)

  • Biotainment, Marcel Schagen
  • Solwerderstraat 64, 9901BG, Appingedam
  • KVK/Registration number: 96337117
  • Email: hello@marcelschagen.com

3. What Personal Data We Collect

  • We collect the following categories of personal data:
    • Information you provide directly:
      • Contact information (name, email address, phone number, address)
      • Communications (correspondence with us)
      • Order information (billing address, shipping address, payment details)
      • User-generated content (comments, reviews, forum posts)
      • Any other information you choose to provide.
    • Information we collect automatically:
      • IP address
      • Browser type and operating system
      • Referring URLs and exit pages
      • Date and time of access
      • Pages viewed and navigation paths
      • Cookies and similar tracking technologies (see our Cookie Policy
      • Device information (device type, unique identifiers)
    • Information we receive from third parties:
      • Social media login information (if you choose to log in through a social media account)
      • Payment processors (to process transactions)
      • Analytics providers
      • Advertising partners

4. How We Use Your Personal Data (Purposes of Processing)

  • We use your personal data for the following purposes:
    • To provide and maintain our services:
      • To create and manage your account [If applicable]
      • To process your orders and transactions [If applicable]
      • To provide customer support
      • To personalize your experience on the Website
      • To communicate with you about our services
    • To improve our Website and services:
      • To analyze website usage and trends
      • To develop new features and services
      • To conduct research and surveys
    • To communicate with you:
      • To send you service-related announcements
      • To send you marketing communications (with your consent, where required)
      • To respond to your inquiries and requests
    • For marketing and advertising:
      • To display targeted advertisements (with your consent, where required)
      • To measure the effectiveness of our advertising campaigns
    • For security and fraud prevention:
      • To protect our Website and users from unauthorized access
      • To detect and prevent fraud
    • To comply with legal obligations:
      • To comply with applicable laws, regulations, and legal processes
      • To respond to requests from public authorities

5. Legal Basis for Processing

  • We process your personal data based on the following legal bases as defined by the GDPR:
    • Consent: We process your personal data when you have given us your explicit consent for a specific purpose (e.g., sending marketing communications). You have the right to withdraw your consent at any time.
    • Contract: Processing is necessary for the performance of a contract with you (e.g., processing your order).
    • Legitimate Interests: Processing is necessary for our legitimate interests (or those of a third party), provided those interests do not override your rights and freedoms. Our legitimate interests include:
      • Improving our Website and services
      • Marketing our services
      • Preventing fraud
      • Ensuring the security of our Website
    • Legal Obligation: Processing is necessary to comply with a legal obligation to which we are subject.

6. Sharing Your Personal Data (Recipients of Data)

  • We may share your personal data with the following categories of recipients:
    • Service providers: Third-party companies that provide services on our behalf, such as:
      • Hosting providers
      • Payment processors
      • Analytics providers
      • Email marketing providers
      • Customer support providers
    • Business partners: Companies with whom we offer co-branded services or engage in joint marketing activities.
    • Advertising partners: Third-party companies that help us display targeted advertisements.
    • Legal authorities: When required by law or to protect our rights and the rights of others.
    • Other third parties: With your consent or as otherwise required or permitted by law.

7. International Data Transfers

  • Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) that may not have data protection laws equivalent to those in the EEA.
  • We will only transfer your personal data outside the EEA if one of the following safeguards is in place:
    • The country to which your data is transferred has been deemed to provide an adequate level of protection by the European Commission.
    • We have implemented appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure that your data is protected.
    • You have provided your explicit consent to the transfer.
    • The transfer is necessary for the performance of a contract with you.

8. Data Security

  • We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, use, disclosure, alteration, or destruction. These measures include: * Encryption of data in transit and at rest * Firewalls and intrusion detection systems * Access controls and authorization procedures * Regular security assessments and audits * Employee training on data protection

9. Data Retention

  • We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
  • To determine the appropriate retention period, we consider the following factors: * The amount, nature, and sensitivity of the personal data * The potential risk of harm from unauthorized use or disclosure of your personal data * The purposes for which we process your personal data and whether we can achieve those purposes through other means * The applicable legal, regulatory, tax, accounting, or other requirements
  • Specifically: * We retain [Specific types of data, e.g., account data] for [Specific retention period, e.g., as long as your account is active]. * We retain [Specific types of data, e.g., marketing data] for [Specific retention period, e.g., until you unsubscribe]. * We retain [Specific types of data, e.g., order data] for [Specific retention period, e.g., 7 years for tax purposes].

10. Your Rights

  • Under the GDPR, you have the following rights regarding your personal data:
    • Right to access: You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to the personal data.
    • Right to rectification: You have the right to obtain the rectification of inaccurate personal data concerning you.
    • Right to erasure (“right to be forgotten”): You have the right to obtain the erasure of your personal data where one of the following grounds applies:
      • The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
      • You withdraw your consent on which the processing is based, and there is no other legal ground for the processing.
      • You object to the processing and there are no overriding legitimate grounds for the processing.
      • The personal data has been unlawfully processed.
      • The personal data has to be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
    • Right to restriction of processing: You have the right to obtain restriction of processing where one of the following applies:
      • The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data.
      • The processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead.
      • We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise, or defense of legal claims.
      • You have objected to processing, pending the verification of whether our legitimate grounds override yours.
    • Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from us.
    • Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.
    • Rights related to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
    • Right to withdraw consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  • Exercising your rights: To exercise your rights, please contact us at [Your Email Address]. We will respond to your request within one month of receipt. We may extend this period by two further months where necessary, taking into account the complexity and number of the requests. We will inform you of any such extension within one month of receipt of your request, together with the reasons for the delay.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority in the Netherlands is the Autoriteit Persoonsgegevens.

11. Cookies and Tracking Technologies

  • We use cookies and similar tracking technologies to collect and process information about your use of the Website.

12. Third-Party Links

  • Our Website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We are not responsible for the privacy practices of third-party websites. We encourage you to read the privacy policies of those websites before providing any personal data to them.

13. Children’s Privacy

  • Our Website is not intended for children under the age of 16. We do not knowingly collect personal data from children under this age. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us, and we will take steps to delete that information.

14. Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on our Website and, where appropriate, by sending you an email notification. We encourage you to review this Privacy Policy periodically for any changes.

15. Contact Us

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us at:

Marcel Schagen – Biotainment

Solwerderstraat 64, 9901BG, Appingedam, The Netherlands

hello@marcelschagen.com