Skip to main content

Privacy Policy

Object

This privacy policy (the Privacy Policy) has been prepared by BVBA Pa – Piet Andries, with registered office at Singelken 20, 9980 Sint-Laureins, Belgium, registered in the Crossroads Bank for Enterprises under the number BE 0538.981.587(hereinafter referred to as the “Controller”).

The Privacy Policy informs visitors to the following website: www.pietandries.be (hereinafter referred to as the “Website”) about how personal data are collected and processed by the Controller.

The Privacy Policy is an expression of the Controller’s intention to act in all transparency, this in accordance with the Law of December 8, 1992 on the protection of privacy in relation to the processing of personal data and in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection Regulation”).

The Controller is particularly attentive to the protection of the private lives of its users and, consequently, undertakes to take all necessary and reasonable measures to protect the personal data of these persons from loss, theft, dissemination or unauthorized use.

“Personal data” refers to any information about an identified or identifiable natural person. A natural person is considered identifiable who can be directly or indirectly identified.

If the user wishes to respond to any of the provisions listed below, they may contact the Controller at the mailing address or email address shown in the “contact information” section of the Privacy Policy.

What data do we collect?

What data do we collect? The Controller collects and processes, according to the modalities and principles described below, the following personal data:

  • The domain of the user (automatically picked up by the Controller’s server), herein included the dynamic IP address;
  • the email address of the user if the user has previously entered it, for example, by posting messages or asking questions on the Website, by communicating with the Controller via email, by participating in discussion forums, by visibly identifying to access a restricted area of the Website, etc;
  • The set of information related to the pages visited by the user on the Website;
  • any information voluntarily communicated by the user, for example in the context of surveys and/or registration on the Website, or by identifying oneself in order to access a restricted area of the Website.

The Controller may also collect data that is not personal in nature. These data are qualified as non-personal data and do not allow the direct or indirect identification of any particular person in particular. Consequently, this data may be used for any purpose, for example, to improve the Website, to improve the products and services offered or to improve publications of the Controller.

In the hypothesis in which personal data are combined with non-personal data so that it is possible to identify the individuals concerned, these data will be processed as personal data until the individuals concerned can no longer be identified on the basis of the data in question, because the link between the personal data and non-personal data has been destroyed.

Mode of data collection

The Controller collects data in the following ways:

web forms
∙newsletter
∙phone number via whatsapp or similar chat features

 

Purposes of processing

Personal data are collected and processed for the purposes listed below:

  • Ensure the management and control as far as the execution of the offered services is concerned; -Send and follow up orders and invoices;
  • The sending of promotional information regarding the products and services by the Processor;
  • sending out promotional materials;
  • answering users’ questions;
  • realizing statistics;
  • improving the quality of the Website and the products and/or services by the Controller;
  • forwarding information regarding new products and/or services by the Controller;
  • commercial prospecting;
  • allow user interests to be better identified.

The Controller may be led to perform processing operations not yet included/provided for in this Privacy Policy. In such case, the Controller shall contact the User before using its personal data in order to inform the User of the changes and to give the User the opportunity, if appropriate, to refuse such use.

Legitimate interests

Certain processing operations by the Controller are grounded on the legal basis of its legitimate interest. These legitimate interests are proportional to respect for the user’s rights and freedoms. If the user wishes more information on the processing purposes based on the legitimate interest, they are invited to contact the Controller (see “contact details” in this Privacy Policy).

Duration of preservation

The Controller generally retains personal data only for the period of time reasonably necessary to achieve the predefined purposes and in accordance with legal and regulatory requirements.

A customer’s personal data will be kept for a maximum of 10 years after the termination of the contractual relationship that binds the customer to the Controller.

Upon expiration of the period of retention, the Controller shall make every effort to ensure that the personal data were made unavailable and inaccessible.

Exercise of rights

With respect to all rights listed below, the Controller reserves the right to verify the identity of the person concerned.

This additional information will be requested within a period of one month from the request by the person concerned.

Access to data and copies

Users may obtain, free of charge, their written correspondence or a copy of their personal data processed by the Controller.

The Controller may demand payment from the user of all reasonable costs, based on administrative costs for each additional copy requested by the user.

As soon as the user submits this question electronically, the information will also be delivered electronically, unless the user requests otherwise.

Unless otherwise stipulated in the General Data Protection Regulation, the copy of his data will be communicated to the person concerned no later than one month after receiving his request.

Right of improvement

The user may request, free of charge, the correction of his personal data if they are

would contain errors, be incomplete or irrelevant, as well as request that his data be supplemented if found to be incomplete.

Unless otherwise stipulated in the General Data Protection Regulation, the application will be processed within one month of its submission.

The right to object to processing

The user may at any time, for reasons related to his personal situation, object to the processing of his personal data free of charge:

  • when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
  • when the processing is necessary to pursue the legitimate interests of the Controller, provided that the interest or fundamental rights and freedoms of the data subject do not override that interest (in particular when the data subject is a child).

The Controller may refuse to carry out the User’s opposition, if it establishes the existence of compelling and legitimate motives justifying the processing, which prevail over the interests or the rights and freedoms of the User, or if they are used for a dispute in court, the conduct of a defense in court or for the exercise of rights. In case of dispute, the user may appeal this in accordance with what has been provided in the “objections and complaints” section of the Privacy Policy.

The user may at any time, without justification and free of charge, oppose the processing of his personal data if these data have been collected for the purpose of commercial canvassing (including profiling).

If the personal data are used in the context of scientific or historical research or with statistical purposes in accordance with the General Data Protection Regulation, the user has the right to oppose the processing of his personal data, for reasons related to his personal situation, unless the processing would be necessary for a task in the exercise of public authority.

If the personal data are used in the context of scientific or historical research or with statistical purposes in accordance with the General Data Protection Regulation, the user has the right to oppose the processing of his personal data, for reasons related to his personal situation, unless the processing would be necessary for a task in the exercise of public authority.

The right to restrict processing

The user may obtain the restriction of the processing of his personal data, in the following cases:

  • when the user disputes the accuracy of any data and only for the period of time necessary for the Controller to verify it;
  • when the use is unauthorized or when the user prefers the restriction of operation to the exchange of data;
  • when the user needs this restriction for a challenge, exercise or defense in court, although it is no longer necessary for the continuation of the purposes of processing;
  • for the period necessary to examine the merits of an objection request, in other words, the period of time necessary for the Controller to balance the legitimate interests of the Controller with those of the user.

The Controller will notify the user as soon as the restriction of operation is lifted.

The right to erasure (right to be forgotten)

The user may obtain the erasure of his personal data, if one of the motives defined below applies:

  • the data are no longer necessary in relation to the purposes of the processing;
  • the user has withdrawn his consent to the processing of his data and there is no legal basis for further processing;
  • the user opposes the processing and there is no compelling legitimate motive for further processing and/or the user exercises his special right to object with respect to direct marketing purposes (including profiling);
  • the personal data has been the subject of an unauthorized use;
  • the personal data must be erased in order to comply with a legal obligation (of European Union law or the law of a Member State) to which the Controller is subject;
  • the personal data were collected in the context of an offer to provide services directed to children.

the personal data were collected in the context of an offer to provide services directed to children.

  • as soon as the processing is necessary for the exercise of the rights to freedom of expression and information;
  • as soon as the processing is necessary for compliance with a legal provision requiring processing as provided for by the law of the European Union or by the law of one of the Member States to which the Controller is subject, or when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
  • as soon as the processing is necessary for reasons of public health interest;
  • as soon as the processing is necessary for archival purposes in the public interest, for scientific or historical research or for statistical reasons, and provided that the right to erasure may make the realization of the purposes of the processing impossible or seriously interfere with the conduct;
  • as soon as the processing is necessary to contest, exercise or defend in court.

Unless otherwise stipulated in the General Data Protection Regulation, the Controller shall be obliged to respond to the User’s request for erasure within a reasonable period of time and, at the latest, within one month, and shall motivate its response if it intends not to respond favorably to the User’s request.

The right to ” data portability “

The user may at any time request to obtain, free of charge, their personal data in a structured and commonly used format, readable by machines, with a view to transferring it to another controller:

  • If the processing of the data is performed using automated processes; and
  • if the processing is based on the consent of the user or on an agreement concluded between the latter and the Controller.

Under the same conditions and following the same modalities, the user also has the right to demand from the Controller that the personal data pertaining to him would be transferred directly to another controller for the processing of personal data, insofar as this is technically possible.

The right to data portability shall not apply to processing that is necessary for a task of public interest or is part of the exercise of public authority vested in the Controller.

Appropriation of data and disclosure to third parties

The recipients of the data collected and processed are, in addition to the Controller itself, the employees or other subcontractors, the carefully selected commercial partners, located in Belgium or the European Union, who cooperate with the Controller within the framework of the commercialization of the products or the provision of services.

In the hypothesis in which the data would be disclosed to third parties for direct marketing purposes or for commercial prospecting purposes, the user will be informed in advance in order to allow him to accept or not the processing of his data by third parties.

Since this transfer is grounded on the basis of the user’s consent, the latter may revoke his consent at any time.

The Controller shall comply with all applicable legal and regulatory provisions

observe and will in any case ensure that its partners, staff members, subcontractors and other third parties who have access to the personal data comply with this Privacy Policy.

The Controller reserves the right to disclose the user’s personal data if a law, legal proceedings or an order of a public authority would require such disclosure.

No transfer of personal data will take place outside the European Union by the Controller.

Safety

The Controller shall provide appropriate technical and organizational measures to ensure a level of security as regards the processing of the data collected, in accordance with the risks that may arise in the processing of the data and adapted to the nature of the data to be protected. The Controller shall ensure appropriate technical and organizational measures to guarantee a level of security in the processing of the data collected, in accordance with the risks that may arise in terms of the data and adapted to the nature of the data to be protected.

The Controller, when receiving or sending data on the Website, always uses encryption technology recognized within the IT sector as being the industry standard.

The Controller has taken the necessary security measures in order to protect the information obtained through the Website and to avoid its loss, misuse or alteration.

In case the personal data processed by the Controller would be violated, the Controller shall act quickly in order to identify the cause and remedy the situation.

The Processor shall notify the User when required to do so by law.

Objections and complaints

The user may file an objection with the Belgian Data Protection Authority at the following address: Press Street, 35 at 1000 Brussels. Phone: + 32 2 274 48 00. Fax. + 32 2 274 48 35, contact@apd-gba.be.

The user may also file a complaint with the competent courts.

Contact details

For any question and/or complaint, in particular regarding the clarity and accessibility of the Privacy Policy, the user may contact the Controller:

Per e-mail: info@pietandries.be

By post: Singelken 20, 9980 Sint-Laureins, Belgium

Applicable law and competent jurisdiction

This privacy policy is subject to Belgian law.

The courts of the following judicial district shall have jurisdiction in case of dispute: judicial district e.g. Ghent.

Miscellaneous provisions

The Controller reserves the right to change the provisions of this Privacy Policy at any time. The amendments will be published with notification regarding their entry into force.

This version of the Privacy Policy is dated 26/08/22.