Last updated: July 13, 2026

1. Who are we?

This privacy statement applies to the GD Medical ordering portal.

Website: https://order.gdmedical.nl

Data Controller:
GD Medical
Park Forum 1057
5657 HJ Eindhoven, NL
Email: info@gdmedical.nl
Phone: +31 (0)40 3031 090
Chamber of Commerce No.: 50752723

GD Medical takes your privacy very seriously. We process personal data carefully, securely, and in accordance with the General Data Protection Regulation (GDPR).


2. What personal data do we process?

When you use our ordering portal, we may process the following personal data:

  • First and last name
  • Company Name
  • Billing and Shipping Address
  • Email address
  • Phone number
  • Customer Number
  • Order History
  • Payment information (as necessary)
  • IP address
  • Browser and Device Information
  • Login Information
  • Any communication via email or the contact form

We process only the personal data necessary to provide our services.


3. Why do we process your personal data?

We process your data for the following purposes:

  • Creating and managing your account.
  • Processing and fulfilling orders.
  • Issuing invoices.
  • Processing payments.
  • Responding to questions and requests.
  • To provide information about changes to our services.
  • Improving our website and services.
  • Securing our order portal.
  • Compliance with legal obligations, such as tax retention requirements.

4. On what legal basis do we process your data?

We process personal data based on one or more of the following legal grounds:

  • The performance of a contract.
  • To comply with a legal obligation.
  • A legitimate interest, such as securing our systems and improving our services.
  • Your consent, if required by law (for example, for certain cookies).

5. How long do we retain your data?

We do not retain personal data for longer than necessary.

In general, the following retention periods apply:

  • Account information: as long as your account is active.
  • Order details and invoices: at least 7 years (tax retention requirement).
  • Correspondence: for as long as necessary to resolve your inquiry.
  • Log files and security data: up to 12 months, unless a longer retention period is necessary for security purposes.

6. Do we share your information with third parties?

We never sell your personal information to third parties.

When necessary for the provision of our services, we may share personal data with:

  • Payment service providers.
  • Delivery and transportation services.
  • Web hosting providers.
  • IT administrators.
  • Suppliers of software necessary for the operation of the ordering portal.
  • Government agencies when we are legally required to do so.

We enter into a data processing agreement with parties that process personal data on our behalf, where required by law.


7. Cookies

Our website uses cookies.

We use:

  • Functional cookies that are necessary for the website to function.
  • Security cookies.
  • Session and login cookies.
  • Analytical cookies (if used).
  • Marketing cookies are used only with your consent.

You can delete or block cookies through your browser. Please note that this may cause parts of the website to function less effectively.


8. Comments

When visitors leave comments on the website, we collect the information entered in the comment form, as well as their IP address and browser information, to prevent spam.

If Gravatar is used, an anonymized hash of your email address may be shared with this service. Gravatar’s privacy policy is available at:
https://automattic.com/privacy


9. Media

When uploading images, we recommend that you do not upload photos that contain EXIF location data. Other visitors may be able to access this information.


10. Embedded content from other websites

Pages on our website may contain embedded content, such as videos or documents.

These external websites may collect personal data, set cookies, and track your interaction with this content as if you were visiting their website directly.


11. Security

We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, or disclosure.

Our website is secured by, among other things:

  • SSL/TLS encryption;
  • secure servers;
  • access control;
  • regular software updates;
  • Restricted access to personal data.

12. Your Rights

You have the right to:

  • to access your personal data;
  • to have your information corrected;
  • to have your data deleted;
  • to object to the processing;
  • to limit processing;
  • to transfer your data (data portability);
  • to revoke previously given consent.

To do so, please contact us at the email address below.


13. Complaints

Are you dissatisfied with the way we handle your personal data?

Please contact us first.

In addition, you have the right to file a complaint with the Dutch Data Protection Authority.

Website:
https://autoriteitpersoonsgegevens.nl


14. Contact

Do you have any questions about this privacy statement or about the processing of your personal data?

Please contact:

GD Medical
Email: info@gdmedical.nl
Website: https://order.gdmedical.nl


15. Changes

We reserve the right to change this privacy statement. The most current version is always published on this website.