Privacy policy


We respect the privacy of all users of its site and ensure that the personal information you provide is always treated confidentially. We only use your data for services that you have requested.


We will not make your personal information available to third parties without your consent, with the exception of parties directly involved in the processing of your orders. We value the trust you place in us, and will make every effort to provide your personal information. to protect. The personal information is only used for the services for which you have entrusted it to us.

After termination of our services, you must change your username and password within 24 hours.


WEBSHOT uses cookies and other technologies to increase online ease of use for you and to determine how the site is used, so that we can improve the quality of our services based on that. When you visit our website or when using some of our products, the servers automatically store information such as URL, IP address, browser type and language, and the date and time of your visit. If you want to disable cookies, you can do this through your browser. More detailed information about the management of cookies with specific web browsers can be found on the browsers concerning websites.


WEBSHOT processes your data because WEBSHOT has concluded a service agreement with you. We thereby adhere to the rules as laid down in the AVG, the General Data Protection Regulation. We have also concluded a processing agreement with you.

What does that mean for you?

We are a performance based marketing agency. This means that our team of specialists works with client data on a daily basis for a wide range of clients in both the profit and non-profit sectors. Our team of specialists collects and analyzes customer data in order to provide you with thorough online marketing advice. Our specialists are trained to handle personal data safely. As a customer you ask for online advice based on your customer data. Whether it is setting up a newsletter, analyzing an advertising campaign or tagging words for an SEO campaign, there is 9 out of 10 times such kind of ‘data’ in the game. As the owner of that data, you must as a customer, also to abide by the AVG and you are the ‘Responsible Person’ within the meaning of the AVG. Before we as WEBSHOT get started with your data we explicitly request access to specific accounts. Examples of accounts are: Social media accounts (Facebook, Instagram, Linked In) Google Analytics Accounts Advertising Accounts Email Marketing Toolings (eg Copernica / Spotler / Mailchimp)

At WEBSHOT we work according to the four-eyes principle and we ensure that we are always involved with a number of specialists for a customer. When data needs to be transferred from specialist 1. to specialist 2. we ensure that this is done according to the AVG.Personal data is only processed in the way that we have agreed with you.For this we refer further to the agreements we have made about this in the processor agreement. Below follows in that context an explanation of our privacy policy on a number of important topics from the AVG.

Receiving and returning personal data

Receiving Our goal as marketers is to get more return from your customer data, among other things by advising on your online marketing strategy. When we start processing your Personal Data, we receive this data via a secure web portal or SFTP server (secured FTP). If you are unable to set up a safe environment, we can do that for you. The following applies with regard to data transfer: we only receive relevant data from you. We only receive the data that is needed to provide sound online marketing advice. One of the most important measures of the AVG is the following: minimizing access to your personal data. The specialists from the customer teams only have access to the data they need to provide you with sound marketing advice. This access is encrypted and can only be accessed by specialists who work for you. These actions that our employees perform on a daily basis are logged and can be traced afterwards. Return It may be that certain data must be adjusted or enriched. This means that the data is then “processed” by you, the customer. We agree with you which method to use for this. We also determine which specialists are authorized to receive this new processed data. Deletion of data Most data is retained by us for another 30 days after processing – unless we make different arrangements in the processing agreement. The data will be permanently deleted after this period. During this retention period it is only possible to answer questions regarding the processing. Data breaches and other security incidents If a data breach occurs, we will report this to you within 24 hours in accordance with the agreements in the processing agreement. WEBSHOT Confidentiality declaration The WEBSHOT employees all have signed a statement stating that they understand what the AVG is and indicate that they will keep their personal data secret and treat it with care. Our WEBSHOT employees are fully aware of this and are trained on a regular basis to be alert to this. WEBSHOT Security measures Naturally, we have also taken our measures to stop malicious parties. This means that our offices are optimally secured, employees are obliged to store their laptop in lockers or take it home in the evening and we work with personal user names and passwords where possible.

When does data fall under the AVG?
The AVG speaks at Personal Data about any data from an identified or identifiable natural person. This means that information is either directly about someone or can be traced back to this person. And it’s always about a natural person. In addition to personal data, special personal data is also mentioned. These are extra protected by the legislator. Examples of personal data: • Name, address, place of residence • Passport photo with name • Company information • Logos, printed matter or other graphic designs • Database with numbers or generic data • Discount or gift card codes Examples of special personal data: • Religion or belief • Race • Political preference • Health • Sexual orientation • Trade union membership • Criminal history • Name and address data or passport photo in combination with one of the data mentioned above The most confidential data is the social security number and bank details, such as account numbers, in combination with the aforementioned data. Addendum: Glossary Some concepts have been reviewed in the above communication. Below you will find an explanation of these terms: Data subjects: The person to whom a Personal Data relates. Personal Data: Any data concerning an identified or identifiable natural person.Datalek: A breach of security as referred to in the AVG that leads to a considerable risk of serious adverse consequences, or serious negative consequences for the protection of Personal Data. Third Parties: Other than Client and Contractor and our Employees. Reporting Data Leaks: The obligation to report Data Leaks to the Dutch Data Protection Authority and (in some cases) to Data subject (s), based on the AVG. Employees: Persons working at or for the Processor, either employed or temporarily hired. Processing: Processing within the meaning of the AVG. Processing includes any act (or a series of acts) relating to Personal Data, including at least the collection, recording, organizing, storing, updating, modifying, retrieving, consulting, using, disclosing through forwarding, dissemination or any other form of providing, bringing together, relating to each other, as well as protecting, erasing or destroying data. Responsible: The person who determines the purpose of and means for the Processing of Personal Data. The Controller is the person who controls what is processed. Characteristic of the Controller is that he can give instructions for data processing and therefore has actual influence on this. Usually the owner of the data.