Privacy Statement
IMBOORLING BV, with company number 0465.804.391 and registered office at 9090 Melle, Regenboog 5, box 203;
Hereinafter referred to as "IMBOORLING";
Declares the following:
IMBOORLING processes personal data in execution of the order entrusted by the customer or data subject, as well as in case of a visit to the website (www.imboorling.be). This as a controller, or as a processor, depending on the concrete circumstances.
IMBOORLING is a data controller insofar as the processing of personal data takes place for its own purposes and IMBOORLING itself determines the means for this. Insofar as personal data of data subjects are processed by order of the customer or data subject, IMBOORLING acts as processor.
IMBOORLING recognizes the importance of secure processing of personal data. In this sense, both IMBOORLING and the customer or data subject acknowledge that any processing will take place in accordance with the prevailing national regulations, including the Act of July 30, 2018 on the protection of natural persons with regard to the processing of personal data, as well as Regulation (EU) 2016/679 (hereinafter: AVG) in force since May 25, 2018 and to comply with them. In case of substantive legislative changes, IMBOORLING undertakes to adapt the privacy policy accordingly.
The privacy policy as well as any changes can be consulted at any time on the IMBOORLING website, www.imboorling.be.
Definitions
For a proper understanding of this privacy policy, the terms below have the following meanings:
- AVG: Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, also referred to as General Data Protection Regulation or GDPR;
- Personal Data: Any information about an identified or identifiable natural person such as a name, mailing address, location data, an online identifier or one or more elements characterizing physical, physiological, genetic, psychological, economic, cultural or social identity;
- Data subject: The identified or identifiable natural person;
- Data Subject's Consent: Any freely given, specific, informed and unambiguous expression of will by which the data subject accepts, by means of a statement or an unambiguous active action, the processing of personal data;
- Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller;
contact personal data, whether or not carried out by automated processes, such as collecting, recording, organizing, structuring, storing, updating or modifying, retrieving, consulting, using, forwarding, disseminating or otherwise making available, aligning, combining, blocking, erasing or destroying data; - Controller: A natural or legal person, a government agency, department or other body which, alone or jointly with others, determines the purposes and means of processing personal data;
- Data Breach: Any breach of security leading accidentally or unlawfully to the destruction, loss, alteration or unauthorized disclosure of, or unauthorized access to, data transmitted, stored or otherwise processed;
Scope of privacy policy
1. Contractual relationships.
The present privacy policy applies to the contractual relationship between IMBOORLING and the customer or data subject and is valid for the entire duration of the agreement. Deviations from the privacy policy are only permissible in the event of a contractual relationship between the customer or data subject and IMBOORLING if prompted by legal requirements, or following the consent, implicit or otherwise, of both parties. Substantial changes will be expressly communicated on the website.
2. Website
By consulting the IMBOORLING website (www.imboorling.be) and/or by making use of the contact form and/or by subscribing to the newsletter, etc., the customer or data subject acknowledges to have taken note of the privacy policy and declares to agree with the fact that IMBOORLING can and may make use of the personal data collected taking into account the scope of the request for which the data were provided (art. 6.1.a and 6.1.b AVG).
IMBOORLING in no way guarantees the completeness, correctness and up-to-dateness of the information contained on the website, nor the content of third-party websites to which reference is made.
Processing of Personal Data
IMBOORLING guarantees that personal data will be collected and processed in a transparent manner and only for specified, explicit and legitimate purposes. Any processing shall be limited to what is necessary for the purposes for which the processing is carried out. IMBOORLING shall ensure that personal data are correctly recorded and updated when necessary.
In the context of the services provided by IMBOORLING, the personal data collected include the first name, name, e-mail address, address, and telephone, as well as any other personal information that the client or data subject chooses to communicate in his request for information or services. No data are processed that fall under a special category of personal data and can be considered sensitive.
IMBOORLING shall not retain the personal data it processes for longer than is necessary for the purpose of processing or as required by law.
Processing ground
By calling upon the services of IMBOORLING, completing the contact form on the website and/or subscribing to the newsletter etc. and thereby transferring personal data, the customer or data subject acknowledges and accepts that these data may be processed (art. 6.1.b) AVG). However, the customer or data subject remains the owner of the data made available.
For the personal data received by IMBOORLING as controller due to the customer or data subject that are used for marketing purposes and customer management, IMBOORLING falls back on the legal bases of necessity for the performance of the agreement and of legitimate interest consisting of the situation where the data subject is a customer of IMBOORLING as a result of placing an order (art. 6.1.b) and f) AVG).
For the personal data that IMBOORLING receives as responsible due to a lead, the explicit consent of the lead is invoked (art. 6.1.a) AVG).
The customer in his capacity as data subject shall at all times have the option of amending or withdrawing the consent given, insofar as the processing hereof is based solely on his consent and no other legal basis can be invoked by IMBOORLING to justify the further processing of the personal data.
Processing purposes
IMBOORLING processes personal data for the following purposes:
Type of personal data | Purposes |
Identifying information: First name, name, mailing address, phone number and VAT number | Execution of services, sales and customer management |
Identifying information: First name, surname, mailing address and/or phone number | Informing about the services, processing requests directed to IMBOORLING via email or via the contact form on the website, marketing purposes |
Identifying information: First name, name, mail address, phone number and VAT number | Accounting purposes (invoicing) |
Identifying information: First name, name, address, mailing address, phone number and VAT number | Legal obligations (identification and money laundering prevention) |
Id: First name, name, address, mailing address, phone number, image | For the purpose of hiring new employees (job application purposes), evaluation of existing employees and personnel management |
Identifying information: First name, name, national registration number, address, mailing address, phone number, sick bills, date and place of birth, marital status, gender | Payroll |
When you visit the IMBOORLING website and, where applicable, use the contact form or subscribe to the newsletter, etc., it is possible that certain data may have to be made available in order to facilitate contact. This information will only be used internally, unless the person concerned grants permission to use their personal data for other purposes as well.
Also when calling upon IMBOORLING, it needs to have certain personal data at its disposal which are necessary for the execution of the agreement.
IMBOORLING will only use those personal data that are minimally necessary within the framework of the requested service.
IMBOORLING also makes use of cookies on its website that may register certain information of the website visit, including personal data. More information about this can be found in IMBOORLING's cookie policy, which is published on the website, www.imboorling.be.
Appropriate technical and organizational measures
IMBOORLING will take appropriate technical and organizational measures for a secure processing of personal data, such that the risk of destruction, loss, unauthorized modification or processing is limited. This will take into account industry practices, the state of the art, the nature, scope, context of the processing, processing purposes and the possible associated risks to the rights and freedoms of data subjects. Upon written request, IMBOORLING shall provide detailed information on the security policy used.
(Sub)Processors
IMBOORLING uses (sub)processors, who process personal data on behalf of and under the supervision of IMBOORLING. Such processing shall at all times be limited to what is strictly necessary for the performance of the respective assignment.
IMBOORLING shall ensure that its appointed (sub)processors, including its employees and freelancers, process personal data in accordance with the applicable legislation and hereby commit themselves, contractually or otherwise, to the necessary technical and organizational security measures on the basis of Art. 28 AVG.
IMBOORLING's employees and (sub)processors have furthermore undertaken (contractually) to observe the confidentiality of personal data.
The (sub)processors decide autonomously on the way in which the personal data are processed, taking into account the risks associated with their expertise. In the absence of the same expertise, IMBOORLING as controller shall not be liable for any unlawful processing that may take place as a result of an erroneous assessment by the (sub)processors. IMBOORLING therefore bears no responsibility in the event of loss or corruption of data, theft of data, viruses or other attacks on the computer systems and (cloud) servers of these (sub)processors.
Transfer of personal data to third parties
Except in relation to the employees and (sub)processors involved within the framework of the provision of services, IMBOORLING will not exchange personal data with third parties, except in the event of express consent, at the request of the data subject, at the request of judicial authorities or when imposed by law. In the latter case, IMBOORLING will inform the data subject without delay of the request from the relevant authorities and/or authorities.
Data processing within the European Union
IMBOORLING shall endeavor to limit the transfer and processing of personal data to countries within the European Economic Area or to countries that ensure an adequate level of protection equivalent to that guaranteed under the AVG and this Privacy Policy, taking into account the intended processing, scope and category of personal data to be processed, the country of destination and the rules of law applicable in the country concerned. In the case of processing outside the boundaries of processing outside the European Economic Area, IMBOORLING will provide further explanations upon written request from the data subject.
The rights of the data subject
Within the framework of the AVG, the data subject has the following rights with respect to the personal data collected and processed (art. 12 to 22 AVG): the right to access, the right to rectify and/or supplement the data collected, the right to limit the purpose of the processing, the right to transferability of data, the right to be forgotten and the right to lodge an objection.
A question regarding the collection and processing of personal data or an appeal to your rights as a data: info@imboorling.be) or by mail to: 9090 Melle, Rainbow 5, Box 203. IMBOORLING processes each request without delay and provides feedback on this within a period of 30 days. In certain cases, IMBOORLING is entitled to extend this deadline by two months, in which case IMBOORLING will inform the data subject within 30 days of receipt of the request (Art. 12.3 AVG).
Retention period of personal data
IMBOORLING guarantees that it will not retain the personal data collected any longer than necessary to achieve the intended purpose, with the exception of accounting supporting documents and those relating to liability claims, which may justify a longer retention period according to the relevant legal provisions. Other data that may be necessary for an adequate after-sales service or future sales or services are kept anonymously as far as possible so that they cannot be traced to identifiable individuals for longer than necessary.
When retention of the personal data is no longer required, it will be securely destroyed or deleted, or made available to the data subject.
Measures in the event of a data breach
IMBOORLING takes the necessary measures to prevent a loss of data. However, should such a loss occur, IMBOORLING undertakes, if necessary, to report this to the Data Protection Authority (DPA) within the legal deadlines. This information obligation only applies insofar as the data breach appears to be large-scale or involves a far-reaching impact on security.
If a data breach also poses a high risk to the rights and freedoms of the persons concerned, IMBOORLING will inform the data subject thereof without unreasonable delay.
IMBOORLING shall fully cooperate with the competent authorities by providing the necessary information and mitigating the consequences of the breach.
Other provisions
IMBOORLING guarantees the necessary support to data subjects to fulfill their obligations, except in the case of information that is confidential or may not be communicated due to a legal regulation.
The person responsible for the processing of personal data at IMBOORLING is Mr. Frederik Imbo, frederik@imboorling.be In addition, for more information regarding the processing of personal data, you can always contact the Data Protection Authority at 1000 Brussels, Drukpersstraat 35 (022/74.48.00) or www.gegevensbeschermingsautoriteit.be.
In case of nullity of one or more provisions of this privacy policy, these provisions shall be interpreted in accordance with the AVG. The nullity of one of the provisions shall not affect the validity of the remaining provisions of this privacy policy. If discrepancies arise between the privacy policy and the agreement concluded between IMBOORLING and the customer or data subject, the provisions of the latter shall prevail.
IMBOORLING reserves the right to amend the privacy policy should this prove necessary to comply with its rights and/or obligations under the AVG. Material changes will always be announced on the website. You are advised to visit the website regularly to keep up to date with recent changes.
This privacy policy is governed exclusively by Belgian law. Only the courts belonging to the judicial district of the registered office of IMBOORLING shall be competent to take cognizance of any disputes arising herefrom.
The IMBOORLING privacy policy was last amended on 11.01.2022.