About Customs Support Group
The Customs Support Group is a leading independent provider of customs and trade services across Europe and the UK.
We have nearly 100 offices with a strong presence in 14 countries, including The Netherlands, Belgium, Germany, Poland, France, the United Kingdom, Ireland, Italy, Switzerland, Spain, Finland, Sweden, Norway, and Luxembourg. All our locations in Europe | Customs Support.
At the heart of our operations is the commitment to enhancing the efficiency and compliance of cross-border trade. The Customs Support Group offers a comprehensive range of services, including customs clearance, customs consultancy, the testing of EU centralized clearances and on sustainable development goals. Their expertise extends to handling complex customs regulations, ensuring that businesses can navigate the intricacies of international trade with ease.
Overall, the Customs Support Group’s mission is to empower global trade by unlocking borders and making cross-border operations seamless, secure, and efficient by ensuring compliance with ever-changing regulations.
About this privacy notice
Customs Support Group (CSG, we, our, us) take your privacy very seriously and is committed to protecting and respecting your privacy and processing your personal information in accordance with applicable data protection law.
This privacy notice, cookie policy and any other documents referred to within this notice, are issued on behalf of all entities of Customs Support Group.
Unless we inform you otherwise, the relevant entity processing and controlling your data is Customs Support Group B.V. References to ‘we’, ‘our’, or ‘us’ include all entities and subsidiaries of Customs Support Group.
Our data protection officer
We appoint a Group Data Protection Officer who is Elena Beccheroni. Should you need to contact us about this privacy notice, make a request or raise a complaint, please contact via email DataProtectionOfficer@customssupport.com or by Post: FAO: Data Protection Officer, Customs Support Group, Willem Barentszstraat 11-19 3165 AA Rotterdam, Albrandswaard, Netherlands.
Collection and use of your personal information
Due to the nature of our services, we primarily collect personal information relating to our clients, prospective clients and the personnel and applicants of the Customs Support Group entities.
We use this information to fulfil our legal obligations, deliver contracted services, manage our business and operations, and for personnel management activities.
To carry out these activities, it may be necessary to transfer your personal information to countries other than where it was collected, such as between our entities or with other third parties. In any case, we apply all necessary protective measures to ensure the security and confidentiality of personal data.
We keep copies of your personal information within our secure systems and retain it for as long as appropriate to undertake the activities, and then for a sufficient retention period required to comply with a statutory obligation, for our business accountability purposes or to manage or defend potential disputes or legal claims.
Our routine activities are explained below. We may also collect and use your information for other purposes, we provide you with additional privacy information when that takes place.
You are a client
The information we may collect, and use are:
| Purpose | Due diligence checks |
| Lawful basis | To comply with legal obligations and for our legitimate interests. |
| Information | Your name, business and personal email and postal address, date of birth, nationality, IDs, and any other details held within identification and address verification documents. |
| Source | Directly from you, or obtained through indirect methods such as research or legal sources. |
| Activities | Fraud detection and prevention and financial checks, including the sharing of information with official bodies. |
| Retention | The duration of the relationship plus 7 years, unless required for longer periods to fulfil legal and fiscal obligations or to cover any potential legal claims. |
| Purpose | Delivering our services |
| Lawful basis | To fulfil your contract. |
| Information | Your name, work credentials (email and business address and position) or personal email and postal address (when you prefer to use them to communicate with us), date of birth, nationality, IDs and any other details held within identification and address verification documents. Non-personal information generated during the delivery of services you have instructed us to perform, which may be attributed to you. |
| Source | Direct from you or your employer. |
| Activities | Service delivery including the sharing of information with our supply chain third parties and official bodies. |
| Retention | The duration of the relationship plus 7 years, unless required for longer periods to fulfil legal and fiscal obligations or to cover any potential legal claims. |
| Purpose | Maintaining our relationship |
| Lawful basis | To fulfil your contract and for our legitimate interests. |
| Information | Your name, work credentials (email and business address and position) or personal email and postal address (when you prefer to use them to communicate with us), date of birth, nationality, IDs and any other details held within identification and address verification documents. The non-personal information generated during the delivery of the services you have instructed that may be attributed to you. |
| Source | Direct from you or your employer. |
| Activities | Billing and finance. Providing industry updates and marketing materials. Client service improvements. |
| Retention | The duration of the relationship plus 10 years, unless required for longer periods to fulfil fiscal obligations or to cover any potential legal claims. |
You have applied to work with us
| Purpose | Application and interview information |
| Lawful basis | Our legitimate interests. |
| Information | Your name, business and personal email and postal addresses, professional social media data; your CV information; confirmation of your right to work status; criminal convictions (in relevant countries); any medical or disability information; and quality and diversity information you choose to disclose. Information provided by you within your application or noted during your interview. |
| Source | CSG manages direct applications. Other methods include direct from you or your recruitment agent, indirect research. |
| Activities | Assessments for employment suitability. Complying with equality and diversity and equal opportunities requirements. |
| Retention | Unsuccessful applicants – 6 months. |
| Purpose | Due diligence checks |
| Lawful basis | To comply with legal obligations and for our legitimate interests. |
| Information | Your name, business and personal email and postal address, date of birth, nationality, images, records of political exposure, sanction designations and any other details held within identification and address verification documents. |
| Source | Directly from you, or obtained through indirect methods such as research or legal sources. |
| Activities | Pre-offer checks to verify the application information you provide. |
Office visitors
| Purpose | Managing your visit. |
| Lawful basis | Legitimate interests: security and monitoring. |
| Information | Your name, work credentials (email and business address and position) And any personal home and email address or special category (e.g. medical) that you provide, verification document. CCTV images when applicable. |
| Source | Direct from you. Digital and electronic collection when applicable. |
| Activities | Maintaining security – For our security purposes, you may be asked to sign the visitors’ book and wear an ID badge. Access control – We may provide access swipe cards that provide door entry, we retain audit information of when it is used. This information may be used to confirm your activities, time management or other personnel management. Health and safety – When you tell us about a medical need or request adjustments, we may use this information to manage your welfare. Your information may be processed and shared with relevant third parties such as a fire marshal, building manager, HR, or the Health and Safety Executive. Detection and prevention of crime – We provide notices to let you know when CCTV is in operation. Access to images is restricted to limited authorised personnel for live monitoring purposes. We follow an approval for access to retained footage to ensure this is accordance with the applicable regulations. Guest and staff Wi-Fi – When you connect to our Wi-Fi you may be prompted to review terms and conditions and be provided with relevant privacy information. This lets you know that we may process your IP address and retain audit logs that capture details of your browsing activities. |
| Retention | Standard retention periods apply and vary according to the purpose and location of the activity (please ask for details). Longer retention is applied in the event of any incidents, accidents, or claims. |
You attend an event
Customs Support Group deliver industry related events, both in person and via teams. We may exclusively deliver these events, with guest speakers or in partnership with another professional company.
| Purpose | Subscribe to, or attend an event. |
| Lawful basis | Clients and direct subscribers: Legitimate interests – Delivering service updates. Third party subscribers: Legitimate interests – Business growth. |
| Information | Your name, work credentials (email and business address and position) And any personal home and email address that you provide. Subscription preferences. |
| Source | Clients / Direct subscribers – Direct from you Prospective clients – We may obtain your professional contact details when you make an enquiry with us, such as via our website contact us page or when you attend an event that we co-host. We may also use research tools to obtain your information indirectly from publicly available sources such as LinkedIn or your company website. |
| Activities | In person events: information is used to manage your interest, attendance, logistics of an event that we host or co-host. Obtain and analyse your feedback and provide post event information. Where you tell us about any additional requirements, we may use this information to facilitate any reasonable adjustments. Photography is likely to take place. You can decline individual photos. Your image may appear in group or wide shots with other attendees, it may not always be possible to remove or obscure your image. All photos are stored securely and may be shared on social and media platforms, website and with joint organisers. Online events: When events take place online, such as via Teams, your image, voice, or typed comments may be accessible to the hosts, facilitators, guest speakers and other attendees. If needed for business purposes, we request consent to record sessions. An information banner will automatically appear within the screen advising when recordings are taking place. Prior to accessing the event, you can choose to turn off your camera and microphone. If you were not our direct contact prior to the event, we may add your details to our marketing database to send you relevant information related to the nature of the event. You can opt out or update your preferences at any time. See section: Manage marketing preferences. Information processed during events may be exchanged between the relevant event parties for the same purposes. |
| Retention | For the duration of our relationship. |
Your employer is a company in our mergers and acquisition process
Your information may be provided by your employer during a merger or acquisition. Your employer is responsible for providing you with privacy information to inform you that has occurred.
Website visitors
Cookies
We use website cookies and similar technologies that automatically collect technical information about your device and record your browsing actions and patterns.
Our cookies are intended to improve your experience when you visit and navigate our website, help remember you, and manage your preferences.
Cookies also allow us to understand the effectiveness of our website and to plan and manage its performance.
When you use your device to visit our website for the first time, we provide you with information relating to the cookies that we would like to apply, we gain your consent and ask you to confirm your preferences. You can withdraw your consent or change your preferences at any time.
When you reject our cookies, or when we make notable changes to those we use, you will receive cookie information on subsequent visits.
We may provide links to third-party platforms, such as within news articles. We encourage you to review cookie and privacy information when prompted.
For further information about cookies and how to withdraw consent, please visit our Cookie Policy | Customs Support
Contact us
When you visit our website and add your personal information in sections such as ‘Contact us’, ‘Ask a question’, ‘Talk to an Expert’, we collect information you provide, such as identity, contact details and your query.
A copy of the information is securely stored within our customer relationship management database, HubSpot. Our marketing team accesses and reviews this information to effectively manage and respond to your enquiry.
You subscribe to receive our marketing materials
Your marketing subscription will vary depending on the nature of our relationship and the purpose that we provide materials to you; these are explained within the subsections below.
Subscription information is stored within our secure marketing database.
| Purpose | Provide industry updates and marketing materials. |
| Lawful basis | Clients: Legitimate interests – Delivering service updates. Prospective clients: Legitimate interests – Business growth. Direct subscribers: Consent. |
| Information | Your name, work credentials (email and business address and position), professional networking credentials (such as LinkedIn). And any personal home and email address that you provide. Subscription preferences. |
| Source | Clients / Direct subscribers – Direct from you. Prospective clients – We may obtain your professional contact details when you make an enquiry with us, such as via our website contact us page or when you attend an event that we co-host. We may also use research tools to obtain your information indirectly from publicly available sources such as LinkedIn or your company website. |
| Activities | Clients / Direct subscribers – We use software to manage and categorise your preferences and use this to provide you with materials relevant to your subscription. Prospective clients – With your consent, we will add your contact information to our marketing database and send you an introductory email to confirm your preferences. You have the right to change your preferences and opt out of these communications at any time. If you opt out you may need to unsubscribe again after this time. LinkedIn – We use professional networking tools for our marketing purposes. We discourage the use of personal information or communicating about your specific contracted or proposed services as we cannot guarantee the protection, security or content posted by unrelated third parties within these platforms. QR codes – We convert URLs to QR codes with QR code generators. QR codes are used in printed sales materials such as banners, business cards etc. |
| Retention | For the duration of our relationship. |
Manage marketing preferences
You can change your subscription preferences by updating Newsletter | Customs Support. If you would like to unsubscribe you can follow the link embedded within the email or contact the DPO, and we will update our records accordingly.
Unless you provide us with your express consent, we limit the use of your subscription information for our marketing related purposes. We do not share, allow access to, or sell your information to third parties for additional marketing purposes.
Overseas / cross-border transfer
The nature of our business requires some overseas or cross border transfers of personal information. Most of these transfers take place with countries that are subject to the same or similar data protection standards, for those that are not, we ensure appropriate technical or contractual security measures are in place.
Sharing your information
We use third party data processors and tools to store and secure our data, deliver aspects of our head office functions and for our service delivery. We use contracts that ensure compliance with our rules relating to the security and confidentiality of personal information, specific instructions for its use and, prohibitions for access or use for other purposes.
In certain circumstances, we may have legal obligations or professional obligations to share your personal information with other third parties, such as to comply with a court order, enter or defend a legal or civil claim, manage an information request or complaint.
Automated decision making
We do not rely solely automated decision-making tools to make decisions relating to your personal information.
Information about children
We do not target or provide our services to children.
However, we may be provided with information about children during other activities, such as personnel management. As such, this notice has been written in plain language terms.
Your data protection rights
Data protection regulations give individuals a number of rights over the information that we collect and process about you (information rights requests).
The extent to which you may exercise these rights will vary, according to the information that we have and the reason we have it.
- The right of access (DSAR – Data Subject Access Request)
You have the right to ask us for a copy of your personal information. - The right to rectification
You have the right to ask that we change, correct, or update inaccurate or incomplete personal information. - The right of erasure (Right to be forgotten)
You have the right to ask us to delete your personal information. - The right to restriction of processing
You have the right to ask that we stop or modify an activity relating to the use of your personal information. - Your right to object to processing
You have the right to object, to stop or prevent us from using your personal information. - Your right of data portability
You have the right to ask us to transfer your personal information to another organization. - The right to make a complaint
You have the right to make a complaint to us about any aspects of our collection or use of your personal information or any dissatisfaction or concerns about how we have responded to your information rights request.
Making an information rights request or complaint
In the first instance, we encourage you to contact DataProtectionOfficer@customssupport.com
You can make a request or complaint or raise a concern to anyone within Customs Support Group, verbally, electronically or in writing. It is free to make a request and after you have made your request, we have one month to respond.
If you remain dissatisfied with our response, you can make a complaint to the Supervisory Authority, such as Dutch Data Protection Regulator : Autoriteit Persoonsgegevens or the Supervisory Authority in the country where the activity takes place.
Data security notice
At Customs Support Group, we recognise the importance of cybersecurity in safeguarding our operations and the trust of our clients, partners, and stakeholders. In line with the evolving regulatory landscape, we are actively working to ensure full compliance with the NIS2 Directive.
Our efforts include strengthening our cybersecurity measures, enhancing risk management protocols, and implementing robust incident response and reporting processes. By aligning with NIS2, we aim to bolster the resilience and security of our network and information systems, ensuring the highest standards of data protection and operational continuity.
We are committed to transparency and will continue to update our stakeholders on our progress toward achieving and maintaining compliance with this important regulation.