Privacy Policy
PION Document Centre · Version 1.0 · Last updated 25 June 2026
1. Who we are
The PION Document Centre ("the Document Centre") is a private, invitation-only portal where PION Cable Protection publishes product specifications, documentation, and images, and grants specific dealers access to specific products.
The data controller responsible for personal data processed in the Document Centre is:
Alpareto De Beaufortlaan 18 3971BM, Driebergen-Rijsenburg, Netherlands Chamber of Commerce (KvK) number: 42068533 Contact for privacy matters: info@alpareto.nl
If you have any question about this policy or about how your personal data is handled, contact us at the address above.
2. Who this policy is for
This policy applies to the people who use the Document Centre: staff of PION's dealers who receive an invitation and create an account, and PION staff who administer the Document Centre. The product documents in the Document Centre are technical material and do not, by themselves, contain personal data.
3. What personal data we process, and why
We do not:
- use any artificial intelligence, profiling, or automated decision-making on your data;
- use analytics, advertising, or tracking cookies;
- send you marketing email (the only email we send is your invitation and account-related messages);
- sell, rent, or share your personal data with anyone for their own purposes.
4. Cookies
The Document Centre sets only strictly necessary cookies required to sign you in and keep your session secure. Because these cookies are essential to a service you have asked to use, they do not require consent under the ePrivacy rules. We do not set any analytics or advertising cookies, so there is no cookie consent banner.
5. Who else processes your data (sub-processors)
We use a small number of carefully chosen service providers ("processors") to run the Document Centre. Each one processes your data only on our instructions and under a Data Processing Agreement, and each keeps the data within the European Union. The categories are:
- a database, authentication, and file-storage provider;
- an email provider, used to send account-related messages such as invitations and password resets;
- an application hosting provider.
All personal data stays within the EU. Where a provider is operated by a company whose parent is outside the EU, that transfer is covered by the provider's Data Processing Agreement and the EU Standard Contractual Clauses. A current list of the specific providers we use is available on request.
6. Where your data is stored and transferred
All personal data in the Document Centre is stored in the European Union. We do not transfer your personal data outside the EU for storage. Where an EU-based service is operated by a company whose parent is outside the EU, the relevant Standard Contractual Clauses apply as the legal transfer mechanism.
7. How long we keep your data
We keep personal data only for as long as it is needed for the purposes described in this policy. The periods we apply, by category, are:
- Account data (name, email address, password): kept while your account is active. When your account is deleted, this data is removed from the live system and disappears from backups once the backup cycle has rolled over (typically within 30 days).
- Your dealer company data (company name, contact email): kept for as long as the business relationship with the dealer continues.
- Invitations: an invitation expires after 14 days. Accepted, revoked, or expired invitations are cleared within 30 days.
- IP address used for security: not stored; held only briefly in memory and discarded immediately afterwards.
- Technical logs from the hosting environment: kept briefly and then rotated automatically.
You can ask us to delete your data at any time (see Section 9, "Your rights"). When the business relationship ends, we delete the relevant account and company data, unless we are legally required to keep certain data for longer.
8. How we protect your data
- Access to data is enforced by the database itself (Row-Level Security), so one dealer can never see another dealer's data, even by guessing.
- All documents are private and are served only through short-lived secure links, and only after an access check.
- All traffic is encrypted in transit (HTTPS/TLS), with strict browser-security headers.
- Passwords are stored only as secure one-way hashes.
- Administrative access is restricted to authorised PION staff.
9. Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- ask us to correct inaccurate data (rectification);
- ask us to delete your data (erasure / "right to be forgotten");
- ask us to restrict or object to certain processing;
- receive your data in a portable format (data portability).
To exercise any of these rights, contact us at info@alpareto.nl. We will respond within one month. Account deletion and erasure can be carried out by the Document Centre administrator on request; where a self-service option is not available, we handle it manually.
You also have the right to lodge a complaint with your data protection supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).
10. Changes to this policy
We may update this policy from time to time. When we make a material change, we will update the version and effective date above and, where appropriate, notify Document Centre users.
11. Contact
Questions or requests about this policy or your personal data: Alpareto, info@alpareto.nl.