To be able to supply products and services, Maarten de Groot Photography processes personal data. These data relate to natural persons, are processed with the greatest possible care, and with due observance of the European General Data Protection Regulation (GDPR) and prevailing national laws and regulations at the time of processing. 

The GDPR prescribes that Maarten de Groot Photography must provide insight into how personal data are processed, including the nature of the personal data, the legal basis and purpose of the data processing, and the rights that data subjects can exercise in this regard. 

Maarten de Groot Photography will review the privacy policy occasionally to check if it is still up to date. 


The Controller for the processing of personal data is: 

Maarten de Groot Photography
Winterjanpad 21, 1036 KN Amsterdam
Chamber of Commerce no.34335646

Personal data being processed

Maarten de Groot Photography processes these personal data: 

General personal data: 

  • surname
  • first name(s)
  • date of birth
  • address
  • telephone number
  • e-mail address
  • IP number
  • bank account number
  • customer number/membership number
  • invoice number

Basis for processing
Maarten de Groot Photography only processes personal data if: 

  • the data subject whose data are concerned has consented to the processing;
  • the processing is necessary for performing a contract it has entered into with the data subject;
  • it must comply with a statutory obligation; 
  • it has a legitimate interest, which also includes bringing its products and services to the attention of the data subject.

Processing purpose
The above personal data are used for these purposes: 

  • executing an order or performing a contract with the data subject 
  • invoicing
  • supplying products (photographs or other materials) or services 
  • informing about changes to products and services 
  • marketing, promotion, advertising and sending newsletters 
  • contact by telephone or e-mail 
  • performing legal obligations

Sharing personal data with third parties
In principle, Maarten de Groot Photography provides none of your data to third parties and will do so only if this is necessary for performing an agreement with you or to comply with a statutory obligation. We enter into processing agreements with organizations that process your data on our behalf to ensure the same level of security and confidentiality of your data. Maarten de Groot Photography remains responsible for these processing operations. 

Retention period of personal data 
Maarten de Groot Photography will not retain collected personal data longer than is strictly necessary, or legally prescribed, to achieve the purposes for which the data have been collected. We apply these retention periods for each purpose: 

  • Legal basis: Maarten de Groot Photography complies with the statutory retention periods.
  • Marketing: 3 years
  • Sending news letters and/or advertisements: 3 years
  • Contact by telephone: 1 year
  • Informing about changes to services: 1 year 

Data subjects may always object to the use of their personal data for marketing, sending newsletters or advertisements. This can be done via Maarten de Groot Photography’s website, by telephone or e-mail. Maarten de Groot Photography will then no longer use the data subject’s data for those purposes. 

Use of cookies on website 
Maarten de Groot Photography uses technical and functional cookies only. A cookie is a small text file stored on your computer, tablet or smartphone when you visit this website for the first time. The cookies we use are necessary for the technical operation of the website and your ease of use. They ensure the website works properly and remember certain things, such as your preferred settings. This also enables us to optimize our website. We also place cookies that track your browsing behavior so we can provide customized content. You can opt out from cookies by setting your internet browser so it no longer stores cookies. You can also delete all stored information through your browser settings. 

Security of personal data recorded by Maarten de Groot Photography  
Maarten de Groot Photography takes the protection of your data seriously and implements appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized alteration. If you feel that your data is not secure or there are indications of misuse, please contact Maarten de Groot Photography. In the unlikely event that a data leak occurs, Maarten de Groot Photography will immediately take all necessary steps to limit the consequences of the data leak as much as possible. If there is a privacy risk, Maarten de Groot Photography will report the data leak to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) within 72 hours. If harmful consequences can be foreseen for the data subjects, Maarten de Groot Photography will immediately contact them. 

Right of access, rectification, restriction and deletion; right to complain 
You may request access to, rectification, restriction and deletion of your data. Please contact Maarten de Groot Photography via for this purpose. 

Withdrawal of consent  
You may withdraw consent granted for the aforementioned processing of personal data, insofar as this does not contradict other legislation (such as mandatory data for financial administration) or does not unnecessarily violate Maarten de Groot Photography’s fundamental rights, such as the right to freedom of expression and information (including artistic and journalistic freedom). Contracts signed by you for the use of photographs relating to the portrait right, for example, such as a model release and/or quit claim, are excluded, in principle, from the right to withdraw consent. 

© DuPho, May 2018