Privacy Policy

1. Introduction

Welcome to Scentiva Wholesale, a trading name of OS International BV (hereinafter "we," "us," "our," or "Scentiva Wholesale"). We are located at Kalsdonksestraat 79, 4702 ZB Roosendaal, the Netherlands, and are registered with the Chamber of Commerce under number 78042127. Our VAT number is NL861243213B01.

We take your privacy very seriously and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws within the European Union.

This Privacy Policy describes how we collect, use, process, store and protect your personal data when you visit our website scentiva-wholesale.com or enter into business relationships with us as a wholesale customer.

2. Controller

The controller responsible for processing your personal data is:

OS International BV
Trade name: Scentiva Wholesale
Kalsdonksestraat 79, 4702 ZB Roosendaal, Netherlands
Chamber of Commerce number: 78042127
VAT number: NL861243213B01
Phone: +31 103074227
Email: info@osinternational.net
Website: scentiva-wholesale.com

3. What personal data do we collect?

Depending on your interaction with our services, we may collect the following categories of personal data:

3.1 Contact details and identification data

• First and last name

• Job title and company name

• Email address (business)

• Phone number (business and/or mobile)

• Postal address and delivery address

• VAT number and Chamber of Commerce number (for companies)

• Invoice details

3.2 Account details

• Username and password (stored encrypted)

• Account preferences and settings

• Order history and order details

3.3 Financial data

• Bank details (IBAN)

• Payment history

• Credit information (if applicable for business credit assessments)

3.4 Technical data

• IP address

• Browser type and version

• Time zone and location

• Operating system

• Cookie data (see our Cookie Policy)

3.5 Communication data

• Correspondence by email, telephone or other communication channels

• Feedback and survey results

• Complaints and dispute information

3.6 Marketing data

• Communication preferences

• Newsletter subscriptions

• Participation in promotions or events

4. How do we collect your personal data?

4.1 Directly from you

• When creating a business account

• When placing orders

• When filling out contact forms

• During telephone or email communication

• When subscribing to newsletters

• When participating in surveys or feedback

4.2 Automatic

• Through cookies and similar technologies during website visits

• Via log files on our servers

• Through analysis tools (such as Google Analytics)

4.3 From third parties

• From credit reference agencies (for business credit assessments)

• From public sources (such as the Trade Register)

• From business partners within our distribution network

5. Legal grounds and purposes of processing

We only process your personal data when we have a valid legal basis for doing so under the GDPR:

5.1 Performance of a contract (Art. 6(1)(b) GDPR)

Purposes:

• Processing and handling of orders

• Delivery of products (perfumes and beauty products)

• Billing and payment processing

• Customer service and communication about orders

• Account management

5.2 Legal obligation (Art. 6(1)(c) GDPR)

Purposes:

• Compliance with tax obligations (VAT administration)

• Retention obligation for accounting documents (7 years)

• Compliance with anti-money laundering regulations

• Reporting to supervisory authorities

5.3 Legitimate interest (Art. 6(1)(f) GDPR)

Purposes:

• Fraud prevention and security

• Improving our website and services

• Direct marketing activities to existing business customers

• Credit risk assessment

• Establish, exercise or defend legal claims

• Network security and IT security

Balancing interests: We have carefully considered whether our legitimate interests do not outweigh your rights and freedoms. You have the right to object at any time to processing based on legitimate interest.

5.4 Consent (Art. 6(1)(a) GDPR)

Purposes:

• Sending marketing newsletters

• Use of non-essential cookies

• Processing for purposes for which you have given explicit consent

Withdrawal: You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

6. Who do we share your data with?

We never sell your personal data to third parties. We may share your data with the following categories of recipients:

6.1 Internal recipients

• Authorized employees of OS International BV who require access for their work

• Management and finance department

6.2 External service providers (processors)

• Hosting providers and IT service providers

• Email and communication platforms

• Payment service providers and banks

• Accountants and tax advisors

• Legal advisors

• Logistics partners and transport companies

• CRM and ERP systems

• Marketing platforms (with your consent)

Data processing agreements: We conclude data processing agreements with all our processors in accordance with Art. 28 GDPR, which include strict data protection guarantees.

6.3 Legally required recipients

• Tax Authorities

• Supervisory authorities (such as the Dutch Data Protection Authority)

• Law enforcement agencies (when legally required)

6.4 Business partners

In specific cases we may share data with:

• Suppliers and manufacturers (for order processing only)

• Distributors in other EU countries (Belgium, Germany, France, Poland, Ukraine, Romania, Italy)

7. International data transfers

7.1 Within the European Economic Area (EEA)

Our primary operations are within the EEA. We supply products to business customers in various European countries, including Belgium, Germany, France, Poland, Ukraine, Romania, Italy, and other EU member states.

7.2 Outside the EEA

In exceptional cases, we may use service providers who process data outside the EEA. In such cases, we ensure appropriate safeguards:

• EU Standard Contractual Clauses

• European Commission adequacy decision

• Other approved mechanisms according to Art. 46 GDPR

We will never transfer data to countries without adequate protection.

8. Retention periods

We do not retain your personal data for longer than necessary for the purposes for which it was collected, or as required by law:

After the retention period, your data will be securely deleted or anonymized.

9. Your rights under the GDPR

As a data subject, you have the following rights with regard to your personal data:

9.1 Right of access (Art. 15 GDPR)

You have the right to know whether we are processing personal data about you and to receive a copy thereof, together with information about the processing.

9.2 Right to rectification (Art. 16 GDPR)

You have the right to have incorrect or incomplete personal data corrected or supplemented.

9.3 Right to erasure / "right to be forgotten" (Art. 17 GDPR)

In certain cases you have the right to have your personal data deleted, for example when:

• The data is no longer needed

• You withdraw your consent

• You object and there are no compelling reasons

• The data has been processed unlawfully

Please note: This right is not absolute. We may retain data when legally required (tax retention requirements) or necessary for legal claims.

9.4 Right to restriction of processing (Art. 18 GDPR)

You may request a temporary restriction of processing in certain situations, such as during verification of a correction request or in the event of an objection.

9.5 Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to another controller.

9.6 Right to object (Art. 21 GDPR)

You have the right to object at any time to the processing of your personal data based on legitimate interest, including profiling. You can also object to direct marketing.

9.7 Automated decision-making and profiling (Art. 22 GDPR)

You have the right not to be subject to fully automated decision-making that has legal consequences. We do not use fully automated decision-making.

9.8 Right to withdraw consent

Where processing is based on consent, you can withdraw it at any time via the unsubscribe link in emails or by contacting us.

Exercising your rights

To exercise your rights, you can contact us at:

Email: info@osinternational.net
Phone: +31 103074227
Post: Kalsdonksestraat 79, 4702 ZB Roosendaal, Netherlands

We will respond to your request within one month (extendable by two months for complex requests). We may ask you to verify your identity to protect your privacy.

10. Security of personal data

We have taken appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, modification or disclosure:

10.1 Technical measures

• SSL/TLS encryption for all data transmission

• Password encryption (bcrypt/hashing)

• Firewalls and intrusion detection systems

• Regular security updates and patches

• Secure backups with encryption

• Access control and authentication (two-factor where possible)

10.2 Organizational measures

• Strict access rights based on the "need-to-know" principle

• Confidentiality obligations for all our employees

• Regular training in data protection

• Processor agreements with all external parties

• Data Breach Detection and Response Procedures

• Annual security audits

10.3 Data breach notification protocol

In the unlikely event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

• Inform the Dutch Data Protection Authority within 72 hours

• Inform you as a data subject immediately when there is a high risk

• Take appropriate measures to mitigate the consequences

11. Cookies and tracking technologies

Our website uses cookies and similar technologies. For more information, please refer to our separate Cookie Policy, which is available on our website.

11.1 Types of cookies

• Essential cookies: For essential website functionality

• Functional cookies: For ease of use and preferences

• Analytical cookies: For website statistics (Google Analytics)

• Marketing cookies: For targeted advertising (only with consent)

11.2 Your choices

You can manage your cookie preferences via the cookie banner on our website or through your browser settings. Please note that disabling certain cookies may limit the website's functionality.

12. Links to third party websites

Our website may contain links to third-party websites, partners, suppliers, or social media platforms. We are not responsible for the privacy or cookie policies of these external websites. We recommend that you read the privacy statements of these websites.

13. Minors

Our services are intended exclusively for business customers and professionals. We do not knowingly process personal data from individuals under the age of 16. If you suspect we have inadvertently collected data from a minor, please contact us so we can delete it.

14. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy. Changes will be posted on this page with an updated date. For substantial changes, we will notify you by email where possible.

15. Right to complain to the supervisory authority

If you believe we are not processing your personal data correctly, please contact us. You also have the right to lodge a complaint with the national data protection supervisory authority:

Dutch Data Protection Authority
PO Box 93374
2509 AJ The Hague, Netherlands
Telephone: (+31) - (0)70 - 888 85 00
Website:autoriteitpersoonsgegevens.nl

16. Contact

If you have any questions, requests or comments about this Privacy Policy or the processing of your personal data, please contact us:

OS International BV (Scentiva Wholesale)
Kalsdonksestraat 79, 4702 ZB Roosendaal, Netherlands

Email: info@osinternational.net
Phone: +31 103074227
Chamber of Commerce number: 78042127
VAT number: NL861243213B01