DPD (Nederland) B.V. processes personal data as a controller pursuant to the General Data Processing Regulation (GDPR). DPD determines what data is processed, stipulates storage period and controls the access to the personal data.
DPD and the principal have agreed that DPD will deliver its parcels. Therefor the processing of personal data takes place for the purpose of the delivery of parcels. In addition, personal data shall be used for additional services concerning the delivery of parcels, improvement of the service and direct marketing.
The personal data is made available by the principal. DPD processes name and address data, phone number or email address, signature or initials as acknowledgement of receipt and maintains a cash on delivery administration.
Personal data is stored: to make it possible to answer questions, improve services or to handle claims. DPD keeps the personal data on a secured server within the DPDGroup and, if necessary, third parties.
Providing personal data
Under no circumstances shall DPD provide, without permission or without legal obligation, information of principals and the consignees/recipients, to third parties. The provided data shall solely be used for the defined purpose. For the performance of the agreement personal data is made available to the partners within the DPDGroup, carriers and ICT-companies. The personal data will be processed within the European Economic area unless, on request of the principal, delivery of a parcel has to take place outside the European Economic Area.
Taking into account the state of the art, the costs of implementation and purpose of processing and the likelihood and severity of a breach DPD will always implement appropriate technical and organisational measures to ensure a level of security to the risk. In addition, within the DPDGroup, a non-disclosure clause is part of the labour agreement. A non-disclosure agreement is also agreed with third parties such as carriers and ICT-companies to secure the privacy of personal data.
Personal data that is required for the delivery of parcels is stored for two years unless a longer storage period is required by law or because of liability. After expiry of the storage period the personal data is extracted from the process by deletion or by making the data anonymous.
Do you want access to your personal data? Please let us know by letter of email by sending your request to:
DPD (Nederland) B.V.
To: Legal Department
5684 PK Best
Because we need to be sure that we send the information to the correct person we need you to make available a copy of a valid passport, driving license or identity card with an unrecognizable photograph. We encourage you to write on the ID that it concerns a copy issued on the certain date. Please also erase the social security number on the document and in the line on the bottom of the card. For avoidance of doubt, you can’t receive personal data of any other than yourself.
Rectification, erase, restriction of processing, data portability, objection
In case the registration of your personal data is not correct, you want personal data to be erased, processing to be limited, data to be transferred, or to object you can also send your request to the contact data that is made available.
In case you are not satisfied or we can’t resolve the matter together, you can send your complaint to:
2509 AJ Den Haag
DPD reserves the right to make amendments at any time without prior notification. All changes are effective from the day on which the amended privacy statement is posted on the DPD website.
Date of publication: 1st January 2018