The website DOMAIN (hereinafter referred to as: the “Website”) is brought to you by:
COMPANYNAME (hereinafter referred to as “COMPANYNAME”, “We” and “Us”) ADDRESS
Don’t hesitate to contact us if you have any privacy-related questions. We promise we’ll get back to you quickly!
What is this privacy statement for?
Every person who visits the website (hereinafter referred to as: the “Visitor”) as well as anyone using our services (hereinafter referred to as: the “Customer”) almost inevitably divulges certain personal data. This personal data constitutes information which allows us to identify you as a natural person, regardless of whether we actually do so. You’re identifiable as soon as it is possible to create a direct or indirect link between one or more elements of personal data and you as a natural person. In addition to the Visitor and the Customer, these parties are hereinafter also collectively referred to as the “Party Concerned”.
We use and process your personal data in accordance with the GDPR and other relevant legal provisions. Every reference to the GDPR in this Privacy Statement is a reference to the Regulation of 27 April 2016 regarding the protection of natural persons in connection with the processing of personal data and regarding the free movement of this data (General Data Protection Regulation). This Privacy Statement informs each Party Concerned of the processing activities that COMPANYNAME can carry out with his or her personal data. COMPANYNAME reserves the right to modify this Privacy Statement at any time. Any substantial modification will be clearly communicated to the Party Concerned. We recommend that the Party Concerned consults this document regularly.
Who processes your personal data?
COMPANYNAME determines alone or in collaboration with others which personal data is collected, as well as the purpose and means of the processing of this personal data. Therefore, COMPANYNAME is a “controller” within the meaning of the GDPR. COMPANYNAME has taken appropriate technical and organisational measures to protect the personal data of its Visitors and Customers. COMPANYNAME uses various adequate security technologies and procedures to protect your personal data from unauthorised access, use or publication. COMPANYNAME ensures that the personal data provided is stored safely in a controlled environment.
COMPANYNAME uses carefully selected “data processors” for the processing of the personal data of Visitors and Customers. A processor is a natural person or legal identity that processes personal data at the request of or on the behalf of the controller. The processor is obligated to guarantee the security and confidentiality of the personal data. The processor always acts according to the instructions of the controller.
COMPANYNAME employs the following categories of « processors »:
- Companies that we employ for marketing purposes;
- Companies that we employ for ICT/technical support and hosting purposes;
- Companies that we employ for administrative purposes (i.e. CRM system);
- Companies that we employ for analytical purposes.
With a view to optimal protection of the personal data of the Party Concerned, COMPANYNAME has made the necessary contractual agreements with the data processors mentioned above to make sure that they apply the same high standards as COMPANYNAME.
A transfer of personal data to a processor outside of the European Economic Area (EEA) can only take place to countries for which the Data Protection Authority in Belgium has determined that they offer an equivalent level of protection or, if this is not the case, insofar as COMPANYNAME has made the necessary contractual agreements with this processor, taking into account the standard provisions as imposed by the Belgian Data Protection Authority.
On what legal grounds is your personal data processed?
In accordance with the GDPR, we process personal data on the basis of the following legal grounds:
- On the basis of the execution of the agreement as agreed upon with the Customer, or the execution of the precontractual steps taken at the request of the Party Concerned; or
- On the basis of complying with legal or regulatory provisions related to the management of the contractual relationship with the Customer, invoicing in particular;
- On the basis of our legitimate interest to answer the information requests of Visitors and Customers;
- On the basis of our legitimate interest to send promotional offers (direct marketing) to our Customers;
- On the basis of our legitimate interest to send promotional offers (direct marketing) to Visitors;
Which personal data is processed?
COMPANYNAME undertakes to only collect and process the personal data necessary and relevant for the purposes for which it is processed.
The amount and type of personal data that COMPANYNAME collects about you depends on your use of the Website and/or our services. The collection of personal data is further expanded as the Website and our services are used more intensively. In general, Customers will dilvuge more personal data than Visitors. Specifically, we process the following categories of personal data:
Personal identification data (name, first name, address); Contact details (telephone number and email address); Personal data (gender, age, date and place of birth, nationality).
Electronic identification data (cookies, IP address); Other data sent to us via email. This personal data is collected when you visit our Website and/or when you email us.
For what purposes is your personal data used?
The processing of your personal data is essential for the proper functioning of the Website and the related services. The collection of personal data is further expanded as the Party Concerned uses the Website and our services more intensively.
The processing exclusively takes place according to the following well-defined purposes:
Customer management: customer administration, order administration, deliveries, invoicing, checking creditworthiness, support and handling complaints. Personalised marketing and advertising. In this case, the Customer always has the right to unsubscribe.
Answering information requests via email; Personalised marketing and advertising if the Visitor has expressly consented to this. In this case, the Visitor is always free to revoke his/her permission. Furthermore, the personal data of the Party Concerned can also be used for the following purposes:
- Mediating disputes.
- Protection against fraud and violations.
We in any case do not collect any sensitive personal data, such as data about your race, political affiliation, health, religion or other beliefs, sexual orientation and similar. The Party Concerned always provides the personal data to COMPANYNAME himself or herself and can as such exercise a certain degree of control. COMPANYNAME maintains the right to suspend or cancel certain operations if the required personal data is missing, incorrect or incomplete.
Who receives your personal data?
Your personal data is only processed for internal use within COMPANYNAME. Your personal data will not be sold, transferred or communicated to third parties, unless you have given explicit prior permission for this or if the transfer is necessary for the execution of the agreement or legally required.
For how long do we store your personal data?
Your personal data is stored for as long as is necessary in order to achieve the goals described above. They will be deleted from our database when they are no longer necessary for achieving these goals of when the Party Concerned exercises the right to delete the personal data.
What are your rights?
Guaranteeing a lawful and secure processing of the personal data
Your personal data is always processed for legitimate purposes, as described in article 5. It is collected and processed in an appropriate, relevant and proportional manner, and is not stored for longer than is necessary to achieve our predetermined goals.
Right to access
If you can prove your identity, you acquire the right to access information about the processing of your personal data. You thus have the right to acquire insight into the purposes of the processing, the categories of personal data, the categories of the receivers to whom the personal data is sent, the criteria that determine the period of data retention and the rights you can exercise with regards to your personal data.
Right to rectify personal data
Inaccurate or incomplete information can be improved. You can contact us with a request to modify the data.
Right to erase your personal data
You also have the right to request the deletion of your personal data, in the following cases:
- Your personal data is no longer necessary for the predetermined goal;
- You revoke your permission for the processing of your personal data and there is no other legal basis for processing your data;
- You have lawfully objected the processing of your personal data;
- Your personal data is processed unlawfully;
- Your personal data has to be deleted on the basis of a legal obligation.
The deletion of personal data is mainly related to visibility; it is possible that the deleted data will remain stored temporarily.
Right to limit the processing
In some case, you have the right to request limitations on the processing of personal data. This is applies in the case of a dispute regarding the accuracy of personal data, if the personal data is necessary in the context of legal proceedings or during the period that COMPANYNAME needs to determine that you can legitimately exercise your right to deletion.
Right to object
You have the right to at any time object to the processing of your personal data for ‘direct marketing’ purposes, profiling purposes or purposes resulting from the legitimate interests of the controller. COMPANYNAME will stop processing your personal data unless COMPANYNAME can demonstrate that there are compelling legal reasons to process your personal data which take precedence over your right to object.
Right to transfer data
You have the right to acquire the personal data provided to COMPANYNAME in a structured, conventional and machine-readable format. In addition, you have the right to transfer this personal data to another controller unless this is technically impossible.
Right to revoke your permission
You always have the right to revoke your permission, for instance if you have given this permission for marketing purposes as a Visitor.
How can you exercise your rights?
If you would like to exercise your rights, you must send a written request and proof of identity via registered mail to COMPANYNAME, ADDRESS or via email to EMAIL. We will respond as quickly as possible, but at the latest one (1) month after receiving your request.
Possibility of submitting a complaint
If you have comments or complaints about the way we treat your personal data, we ask you to first notify us of this. This will allow us to reach a mutually agreeable solution. If you, following this notification, are still not satisfied with the processing of your personal data by COMPANYNAME, you have the right to submit a complaint to the competent supervisory authority (for Belgium: https://www.gegevensbeschermingsautoriteit.be/).