1. Identity and contact details of the data processer
The Controller attaches great importance to your privacy and therefore processes your personal data in accordance with the European Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (hereinafter "GDPR") as well as any future or additional legislation in implementation thereof, as applicable.
For further questions or comments relating to the way we handle your personal data, you can always contact us, either by e-mail to email@example.com or by post to the aforementioned postal address.
2. What does "processing personal data" mean?
3. What data do we process?
Below, we clarify which of your data we may process. Depending on the specific situation, your preferences and the way you contact us, we do not process all the data below.
We may process the following data from all our contacts:
- Electronic identification and usage data (e.g. IP address, browser type, location data);
- Identification data (e.g. copy of your identity card in the context of a GDPR request);
- Contact data (e.g. name, first name, address, email address, etc.);
- Contact history (e.g. email messages, messages sent via web forms, etc.);
- Images of security cameras (e.g. for surveillance and monitoring of our premises).
- Company data (company number, registered office, etc.).
Customers and prospects
From our customers, prospects and participants in competitions or events in the context of our commercial activities, we may additionally process the following data:
- Order and payment data
- Installation data
- Contracts, offers, order forms
- Aftersales data
- Feedback, testimonials and promotional content such as photos and videos
Suppliers - service providers
From our suppliers and service providers we may additionally process the following data:
- Contractual data (e.g. company name, address, VAT number, agreement, etc.);
- Payment and billing data (e.g. payment card details, invoices, etc.);
- Platform account details (e.g. account creation registration details);
- Feedback, testimonials, quotes, promotional content such as photos and videos (e.g. reviews and experiences related to our (cooperation) work, testimonials, quotes, attendance at events, etc.)
From candidate employees we may additionally process the data below. Of course, this will largely depend on which data you yourself wish to provide us with in relation to your application.
- Personal details;
- Work-related data;
- Personality data;
- Contact details of references (if provided).
4. For what purposes do we process your data?
Personal data is processed exclusively within the framework of the company and in particular for the following purposes:
- Within the framework of our main activities
- Organising events, competitions and meetings
- Participating in trade fairs
- Compliance with administrative and tax obligations
- Communication with customers and prospects
- Recruiting employees
5. On the basis of which processing grounds do we process your data?
We process your data for the purposes described below and do not collect and process more and no other types of data than those necessary for those purposes.
We only process your data to the extent based on one of the processing grounds listed in the GDPR, and as shown below.
Certain data are processed by us to comply with legal or regulatory obligations imposed on us. For example, in the context of tax, accounting or data protection obligations.
Necessary for the performance of the contract
Certain data are processed by us because it is necessary for entering into, performing or terminating a contract with you as a data subject. For example, for contacting, scheduling, responding to a request or requesting information within the framework of entering into a contractual relationship, as well as the effective performance of the contractual assignment within the framework of our main activity, in order to provide you with our services or receive them from you.
Certain data are processed by us on the basis of our legitimate interests which, in specific cases, outweigh any possible prejudice to your rights. For example, for promoting our activities to business contacts; improving the quality of our services; training employees and evaluating and maintaining data and statistics relating to our activities, in the broad sense; preserving and using evidence in the context of liability, proceedings or disputes and with a view to archiving activities; and ensuring security, both online on this website and on our premises.
Certain data are processed by us based on your consent. For example, for promoting activities to potential business contacts; using certain analytical or marketing cookies; posting photos containing personal data on our website and social media channels. Data from job applicants after the recruitment process will only be retained subject to consent.
Read more about how our external partners handle your data:
- Google: https://www.google.com/policies/privacy/ , https://policies.google.com/te...
- Microsoft: https://privacy.microsoft.com/...
- Hotjar: https://www.hotjar.com/privacy...
- Facebook: https://www.facebook.com/priva...
- LinkedIn: https://www.linkedin.com/legal...
- Pinterest: https://policy.pinterest.com/e...
- TikTok: https://www.tiktok.com/legal/p...
6. Origin of data
We also obtain most of the data we process from you directly. Within the scope of our services, we may obtain data from you via external service providers or public sources.
7. With whom do we share your data?
We do not pass on your data to third parties, except when strictly necessary in the light of the above-mentioned purposes, or if we are required to do so by law.
Where necessary, we use external service providers (processors) to support our operational purposes such as the management of our websites and IT systems. Where appropriate, these external service providers carry out certain data processing operations on our behalf. We will only share your data with these external service providers to the extent necessary for the relevant purpose. The data may not be used by them for other purposes. Furthermore, these service providers are contractually bound to ensure the confidentiality of your data by means of a "processing agreement" concluded with these parties.
Specifically, where relevant in your situation, we share your data with the following third parties for the following purposes, with these third parties acting as processors on our behalf in certain cases:
- Postal, transport and delivery companies if we need to send you something by post;
- Payment service providers if we receive payments from you, or vice versa;
- External representatives and consultants or any other parties involved as part of our main or ancillary activities;
- Processors who assist us in the IT field to operate our organisation, for the purpose of secure and efficient digital data management within our organisation;
- Government bodies, judicial authorities and practitioners of regulated professions such as accountants and lawyers, for the purpose of complying with our legal obligations and defending our interests, as required.
8. How long do we keep your data?
We do not retain your data for longer than is necessary for the purpose for which the data was collected or is processed. As the period for which the data can be kept depends on the purposes for which the data was collected, the storage period may vary in each situation. Sometimes specific legislation will require us to keep the data for a certain period of time. Our retention periods are always based on legal requirements and a balancing of your rights and expectations with what is useful and necessary to fulfil the purposes. At the end of the retention period, your data will be deleted or anonymised.
9. Where do we store your data and how is it protected?
We provide appropriate technical and organisational security measures to prevent the destruction, loss, falsification, alteration, unauthorised access or unauthorised disclosure to third parties and any other unauthorised processing of this data within the scope of our activities.
In addition, we also take care to ensure that the processors we use also implement appropriate security measures to minimise risks of incidents.
If, when using specific services or software tools, your data are processed outside the European Economic Area (EEA), this will only be done in/to countries that have been confirmed by the European Commission to ensure an adequate level of protection of your data, or measures will be taken to ensure the lawful processing of your data in these third countries.
10. What are your rights?
Right of access and copy
You have the right to inspect and obtain a copy of your data. This right also includes the possibility to request further information about the processing of your data, including about the categories of data processed about you and for what purposes.
Right of adaptation or rectification
You have the right to have your data amended if you believe that we have incorrect data.
Right of data erasure (right to oblivion)
You have the right to request that we delete your data without unreasonable delay. However, we will not always be able to comply with such a request, including when we still need the data in function of an ongoing contract, or when keeping certain of your data for a certain period of time is required by law.
Right to restriction of processing
You have the right to restrict the processing of your data. In this way, processing is temporarily stopped until, for example, there is certainty about its accuracy.
Right to withdraw your consent
If the processing is based on your consent (see above under titles 5 and 6), you have the right to withdraw this consent at any time by contacting us. For marketing messages you receive from us via e-mail based on your consent, you can easily withdraw this consent by clicking on the unsubscribe link at the bottom of any such message.
Right of objection
You have the right to object to the processing of your data based on legitimate interest. This should be based on reasons specific to your situation. You may also object to the use of your data for direct marketing purposes. An opt-out will always be provided for marketing messages by e-mail.
Right to portability
You have the right to obtain in electronic form your data that you yourself have provided to us with your consent or in performance of a contract. That way, they can be easily transferred to another organisation. You also have the right to request us to transfer your data directly to another organisation, if this is technically possible.
Right to complain to your supervisory authority
Should you consider that we process your data in an incorrect manner, you always have the right to lodge a complaint with your data protection supervisory authority.
Belgian Data Protection Authority (GBA)
11. How can you exercise your rights?
You may exercise your rights by contacting us, either by email to firstname.lastname@example.org or by post to Nijverheidslaan 60A, 8540 Deerlijk, provided that you enclose a copy of the front of your identity card or other document that identifies you. The copy will only be used to identify you in accordance with the GDPR.