Privacy and cookie statement of MediShopXL

May 25, 2018

Your privacy is of great importance to MediShopXL. We therefore comply with the privacy laws.
This means:

  • that with this privacy statement we make clear our purposes before we process your personal data.
  • that we save as little personal data as possible and only those data that are necessary for our purposes.
  • that we explicitly request permission for the processing of your personal data, whenever permission is required.
  • that we take all necessary security measures to protect your personal information. We also impose these obligations on parties that process personal data for us.
  • that we respect your rights, such as the right to access, correct or delete your personal data processed with us.

Your data are safe with us and we will always use these data in a correct way. In this privacy statement we explain what we do with the data and the information in the web shop that we obtain about you.

If you have any questions, or want to know exactly what we keep track of you, please contact MediShopXL.

Handling order

When you place an order with us, we use your personal data to handle the order properly. As a result we may have to give your personal details to our delivery service to have the order delivered to you. We also receive information about your payments from your bank or credit card company.

In order to handle your order we use your telephone number, IP address, gender, name and address, billing address, payment details and e-mail address. We need these because of the contract we conclude with you. We keep this information until your order has been completed. However we have to retain certain customer data longer in connection with statutory and tax retention obligations.

Providing data to third parties

We work with certain companies that may receive your personal data from us.
For the processing of orders we work together with:

  • our delivery companies DPD and PostNL
  • our payment providers MultiSafepay and PayPal
  • our software developer: Upwork
  • our newsletter software supplier: MailChimp
  • our hosting provider: Amazon (server location: Frankfurt)
  • our support software supplier: Zendesk
  • our email software provider: Google
  • our team chat software: Slack

MailChimp, Upwork, PayPal, Amazon, Zendesk, Slack and Google are located outside the EU.

Contact form and Newsletter

With the contact form you can ask us questions or make requests.
For this we use your e-mail address. We need this because of the contract we conclude with you. We keep this information until we are sure that you are satisfied with our response and six months thereafter. This way we can easily access the information in subsequent questions. That way we can also train our customer service to be better. An exception to the above is the situation that your question relates to an order that you have placed with us. In that case, we will keep your information for 7 years.

You can subscribe to our newsletter. Here you can read news, tips and information about our products and services. You can cancel this subscription at any time. Each newsletter contains a link for unsubscribĂ­ng the newsletter.

Your e-mail address is automatically added to the list of subscribers and is saved until you cancel the subscription.

Providing to third parties

We work with certain companies that can receive your personal data from us.


We would like to send you advertisements about special offers and new products or services. We do this:

  • by email
  • via social media

You can object to these advertisements at any time. Each e-mail contains an unsubscribe link. You can block us or use the unsubscribe option.

Location data

Sometimes it is necessary for our webshop to find out where you are. In that case we ask you by separate mail for permission and only if you give permission, we can get this information.
For this service we use the navigation and location software on your phone, tablet or computer. We have no control over what the creators of this software (such as Google or Apple) do with it. Always read their privacy statements.


Our webshop has general advertisements. As we do not keep personal data here, we do not know whether you like it or not.

Provision of data to other companies or institutions

With the exception of the aforementioned partners, we do not, under any circumstances, provide your personal data to other companies or institutions, except when we are legally obliged to do so (for example, if the police requires them in case of suspicion of a crime).


We keep statistics on the use of our web store
Social media buttons are included in our web store, with which the administrators of these services collect your personal data.


Our webshop uses cookies. Cookies are small files for storing information so that you do not have to enter your data every time you log in. But we can also see that you are visiting us again.
When you visit our webshop for the first time, we will display a notification with an explanation about cookies. Hereby we will ask for your agreement for the use of these cookies.
You can indeed disable the placing of cookies via your browser, but in that case our webshop will not work 100% properly any more.
We have made agreements about the use of cookies with other companies that place cookies. However, we do not have complete control over what they themselves do with the cookies. Read their privacy statements.

Google Analytics

We use Google Analytics to keep track of how visitors use our web store. To this goal we have signed a processor agreement with Google. There are strict agreements about what information they can obtain. We allow Google to use the obtained Analytics information for other Google services. We do not let Google anonymize the IP addresses.


Security of personal data is of great importance to us.
To protect your privacy, we take the following measures:

  • access to personal data are protected with a username and password
  • access to personal data are protected with a username and a login token
  • we use secure connections (Secure Sockets Layer or SSL) that protects all information between you and our website when your personal data are entered
  • we keep logs of all requests for personal data
  • Data protection officer

    We have appointed a data protection officer. This person is responsible for the privacy within our organization. Our data protection officer is called Alexander Matthes and can be contacted by e-mail at for all your questions and requests.

    Changes to this privacy statement

    When changing our web store, we must of course also adjust the privacy statement. Always pay attention to the date above and check regularly for new versions. We will do our best to announce changes separately.

    Accessing, changing, deleting your data

    If you have questions or want to know what personal information we have about you, you can always contact us. See the contact details below.

    You have the following rights:

    • You can get an explanation about what personal data we have and what we do with it
    • You can an insight into the exact personal data we have from you
    • You can demand that errors be corrected
    • You can demand outdated personal data to be removed
    • You can withdraw permission
    • You can object to a particular use of your data

    Please note that you always clearly state who you are, so that we can be sure that we do not modify or delete data from a wrong person.

    To file a complaint

    If you think that we are not helping you in the right way, you have the right to file a complaint with the supervisor. This is called the Dutch Data Protection Authority.

    Contact details

    MediShopXL, Kroostweg 53, 3704EB Zeist (Holland)