General Data Protection Regulation (GDPR) with 12Return.
The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which will be effective from May 25, 2018. Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU. Any organization that works with EU residents' personal data in any manner, irrespective of location, has obligations to protect the data. 12Return is well aware of its role in providing the right tools and processes to support its customers and their users meet their GDPR mandates.
We honor our users right to data privacy and protection. We will never rely on advertising as a revenue stream. We will never serve ads to our users. This means that we have no necessity to collect and process users personal information beyond what is required for the functioning of our product.
When you sign up with 12Return for a reverse supply chain solution you can choose where to host your account. You can choose between Europe (The Netherlands) and United States. Your data is stored in the chosen datacenter location.
12Return does hold any of this personal data:
12Return does not hold any of this personal data:
The Personal Data that has been submitted to 12Return is processed in the 12Return Datacenter in The Netherlands.
12Return submits Personal Data with a pre-alert to your affiliated companies who take care of Returns Processing on your behalf. These companies are considered Other Controller.
All Personal Data is processed in the 12Return Datacenter in The Netherlands.
Our Subprocessors are transportation services who are either located in a Member State or in a country with adequate protection.
12Return does not submit Personal Data to a Data Importer. Therefor you are not a Data Exporter.
We ensure the confidentiality and integrity of your data with industry best practices. Our servers are hosted at Tier IV, fully ISO 27001, 27017, 27018, 22301 and 31000 compliant facilities. All locations comply with the global regulations governed by the EU-US Privacy Shield, GDPR, and the Cloud Security Alliance. The whole infrastructure is monitored 24/7 for security alerts and events.
All personal data is encrypted and stored on secured servers within the chosen region. Our backup policies ensure the data is always recoverable while keeping the data secure and private.
Security and privacy concerns are deeply embedded in our Software Development Lifecycle (SDLC), we take steps to securely develop and test against security threats to ensure the safety of our customer data.
We support managing access with authentication and
We provide a range of security options to ensure data is protected and secure, like different levels of password security. We provide audit log reports as an option in our Enterprise plan.
If you have any questions please contact your Customer Success Manager or use our contact form.
You are an end-user if you use the 12Return Customer Portal for returning a product to one of our customers. If you have any questions please ask your contact person at the company you return to (12Return customer).