According to the General Data Protection Regulation (GDPR), DPD (Netherlands) B.V. is the controller in all
business processes. This means that we determine which personal data we process, how we process
personal data and what the storage period is. We also determine who has access to the personal data.
DPD has agreed with the principal that DPD will forward the parcels to the consignee. In order to do this, we
need the personal data of the consignee. We also use personal data to provide additional services and to
improve our service. Customs activities can be provided as an extra service after registration of the IP address
because of the required representation. In addition, we use personal data for direct marketing.
We receive the personal data of the principal. DPD processes name and address details, telephone number,
e-mail address and a signature or initials for receipt of the parcel. We also keep a cash on delivery
We store the data on secure servers within the DPDGroup. It is also possible that we store the data with third
We use the personal data we receive only for the purpose for which we received them. We only pass on
personal data to third parties if we are required to do so by contract or have received permission. Or if we are
legally obliged to do so. In order to provide our services, we pass on personal data to our partners within the
DPDGroup, to carriers and ICT companies. We process the data within the European Economic Area (EER),
unless delivery of a parcel at the request of the principal must take place outside of the EER.
DPD always takes appropriate technical and organizational measures to ensure the security level. We adjust
this level to the risk. And we take into account technological developments, implementation costs, processing
goals and the probability and impact of an infringement. In addition, every employee within DPD signs a
confidentiality agreement so that the privacy of the personal data is guaranteed. This also applies to hired third
parties, such as a transport company or an IT company.
We store the personal data needed to deliver the parcels no later than two years. After this period we extract
the personal data from the process. Are there legal obligations, which means we have to keep the data longer?
Or do we need the data longer because a claim has been submitted? Then we deviate from the two-year term.
Access to your personal data
Would you like access to your personal data? Then you can contact us by letter or e-mail. You can use the
following information for this:
DPD (Nederland) B.V.
To: Legal Department
PO Box 302 - 5684 PK Best
We want to be sure that we give the personal data to the right person. That is why we ask you for a copy of a
valid passport, driver's license or identity card. Always ensure that you make the photo unrecognizable. We
encourage you to put the entry ‘copy’ and the date. Please also erase the social security number (BSNnummer) on the document and in the line on the bottom of the card. Of course you can only request personal
data from yourself and not from others.
Are your personal details incorrect? Do you want us to delete your personal data or use only a few data? Or do
you want us to transfer your data to another party? Send your request to the email address mentioned above.
You can also object to the processing of your data via this email address
Are you not satisfied or if you can’t agree with us? Then you can file a complaint with:
2509 AJ Den Haag
Our policy as described in this Privacy Statement may change. Before we change it, we do not have to report
this. You can always read the current Privacy Statement on our website.
Date of publication: 1st
Download the DPD privacy statement