Privacy Statement – DS Templates
Version: 30-06-2025
1. Company details
DS Templates B.V.
Ellen Pankhurststraat 15
5032 MD Tilburg, The Netherlands
security@digitalsignage-templates.com
www.digitalsignage-templates.com
KVK: 90715713
BTW: NL865426387B01
2. Nature of services and processing
DS Templates provides digital signage software and content solutions, including:
- A content creation platform (DS Templates)
- A digital signage system (DS Templates)
- Optional integrations with ERP, calendar and HR systems
Processing may involve:
- Displaying personal data on screens (e.g. names, birthdays, presence)
- Connecting to external systems via API
- Managing user accounts and subusers within our software
- Handling support and administrative data
3. Role under the GDPR
In most cases:
- Customer = Data Controller
- DS Templates = Data Processor
We act only on documented instructions from the controller and do not determine the purpose or means of processing.
4. Categories of data subjects
Depending on use case:
- Employees of customer
- Visitors or guests (if shown on screens)
- Administrators/users of the DS Templates platform
5. Types of personal data processed
Typical examples include:
- Names
- Job titles or departments
- Calendar entries (e.g. birthdays or events)
- Photos (if uploaded by customer)
- Email addresses (only for account access)
- IP addresses (via the platform)
6. Legal basis (for DS Templates as controller)
When we process data as controller (e.g. for support, invoices, CRM):
- Legitimate interest
- Contractual necessity
- Legal obligation (e.g. financial records)
- Consent (e.g. newsletter)
7. Security measures
We apply industry-standard security practices, including:
- TLS-encrypted communication
- Role-based access control (RBAC)
- Secure storage and access logging
- Multi-factor authentication (where available)
- Encrypted backups
A full security overview is available upon request.
8. Data retention periods
| Data type | Retention |
|---|---|
| Platform usage and accounts | Max. 2 years inactive use or on request |
| Support communications | Max. 2 years after closure |
| Financial data | 7 years (legal requirement) |
| Personal data shown in signage | As instructed by the controller |
9. Subprocessors
We engage the following subprocessors under GDPR-compliant contracts:
| Provider | Purpose | Location |
|---|---|---|
| On request | Hosting infrastructure | EU |
| On request | Web hosting | NL |
| On request | CRM & support tickets | EU |
Additional subprocessors may be added upon prior notification and with safeguards.
10. Data transfers
We do not transfer personal data outside the EU without:
- Adequate safeguards (e.g. EU Standard Contractual Clauses)
- Prior notification if legally required
11. Data breach policy
DS Templates maintains a formal data breach protocol. In case of an incident involving your data, we will:
- Notify you promptly
- Provide relevant details and mitigation actions
- Support regulatory reporting where needed
12. Google Calendar integration (if applicable)
For clients using the optional Google Calendar integration:
- We request read-only access via secure OAuth
- Tokens are encrypted and stored securely
- No data is shared with third parties
- Access can be revoked at any time via Google settings
13. Exercising data subject rights
Data subjects must contact the controller (client). DS Templates supports requests related to:
- Access
- Correction
- Deletion
- Export
14. Record of processing activities
DS Templates maintains an internal register in accordance with GDPR Article 30. Available upon request for audits or DPIAs.
15. Contact for privacy matters
For all privacy-related questions, data requests or security incidents:
