Privacy & IT security statement

We acknowledge our responsibility to ensure responsible and secure processing of personal and
company data. Coltrading |CTE only uses personal or company data for the purposes for which
they are collected.

In practice these purposes are strictly limited to the following:

1. To negotiate and perform commercial (sales) contracts
2. To comply with national or supranational laws and legislation (in particular tax regulations)

3. For the purpose of liability for defective products (Directive 85/374/EEC)


In particular personal data, excluding company information, will never be held longer than
necessary for our the normal business operations. In any case, after 10 years of an ending
business relation personal data is restricted from processing and made unavailable to employees
of Coltrading |CTE. The data is moved to a separate data archive in which the data can no longer
be subject to further processing operations and cannot be changed.

For the purpose of IT security, at Coltrading |CTE, we aim to process digital data primarily locally,
if possible, airgapped. Nevertheless, some data needs to be processed through cloud based
applications. Insofar data is processed through external servers, they are located in Europe. Our
cloud records are only processed through ISO27001 and ISAE 3402 type 1 certified second party

Coltrading |CTE does not, and will in the future not, provide any personal or company data to third
parties. Data will only be provided to second parties when necessary for the performance of the
commercial contract or in the context of legal obligations.

Inquiries regarding privacy matters may be directed to