At Sativall, the European General Regulations on Data Protection (abbreviated “RGPD” or “GDPR”) and the Protection of your Data: we got it covered!
Our data protection policy applies to all your data related to your physical person, which we collect from you or obtain from our customers, our leads, our prospects, our suppliers, our partners, all our subcontractors, as well as through other channels, authentic sources, public domain databases, or other organizations which provide us with the data we need.
By browsing our website or our pages on social networks, we directly communicate your data collected during our meetings or events, or when visiting our premises, or concluding contracts with our company, or purchasing our products or services and / or expressly agreeing with us to our sending you an e-mail, newsletter, commercial offer or other document of any kind, you agree to our data protection policy.
If you do not accept our data protection policy, we recommend that you do not visit our website or our pages on social networks any longer, do not give us your data and inform us without delay of your request for withdrawal or removal of your processed data, insofar as the processing is not based on anything else than your consent.
Unless the processed data is based on something else than your consent, such as a legal obligation or the contract we have entered into, you can of course exercise all the rights recognized by law. If you object to our data processing related to sales and marketing of our products and services, or if you ask to be removed from our database, you agree not to be informed any longer about our activities, or that your contract might not be executed anymore.
2. Details of the Data Processing Manager
Our company Sativall s.a., whose main office is located at Rue Tienne Trappe, 5 – 6530 Thuin, email@example.com, represented by Raymonde Sauvage, who is the manager of our data processing related to your physical person.
3. Which of your data do we process?
Your personal data, which we process during managing our business according its necessities, are primarily your data which you communicate directly to us, such as your identification data: your name, your first names, your mailing address, your landline or mobile phone number, your mail address, your job function and your responsibilities.
If you provide us with information about your credit card, we handle these data to process payment for your purchase. When you purchase our products on our Websites, the details of your credit card are protected by the encryption technologies of specialized companies, with whom we work under contract.
When you browse our website or our pages on social networks, you agree to our use of “cookies”. By browsing, you agree we place cookies on your connected device. Cookies allow us to offer you an optimal navigation experience. For example, cookies record your browsing history and help us to remind what your interests are.
4. For what purposes do we process your data?
Our company processes your data related to your physical person, for well-defined and legitimate purposes, which are listed below:
Should our company intend to carry out additional processing for another purpose, we will not fail to provide you with prior information about this other purpose and any other relevant information covered by the EU Regulation on Data Protection and / or Belgian law.
5. What is the legal basis of our data processing?
Your data is processed by our company based on our legal obligations, the contracts we concluded with you, our legitimate interest in protecting our company and our activities, and where applicable, your expressed, free and informed consent, to promote our products and services.
6. Who are the recipients of your processed data?
The recipients of this data are our managers and employees, our subcontractors and our partners, established in Belgium and / or abroad.
Your data may be transferred for these purposes to third countries, outside the European Economic Area, with appropriate or adapted safeguards, without necessarily having a decision of adequacy made by the competent authorities for these countries. Our company, however, has implemented the procedure to obtain a copy of your data and can also communicate to you where your data have been made available.
During the performance of our duties, we may distribute all or part of your data to our subcontractors, from who we require to provide us with the necessary guarantees under the necessary conducted contracts.
Our company requires its subcontractors to comply with the Regulations and provide adequate safeguards through the implementation of appropriate technical and organizational measures, so that all data processing they are associated with meets the requirements of the regulations, and that the possibility to exercise your rights is kept intact.
7. Which rights can you exercise?
In general, you have the right to:
Right of access to your data
In addition to your right to be informed about how your data is processed by our company, you have the right to obtain confirmation from our company whether or not your data is processed and, where it is available, have access to these data, as well as to other information, such as the purposes of processing, the categories of data, the categories of recipients of these data or the storage period.
Right to correct your data
In addition, you have the right to demand our company the correction of your data if they are not accurate. Given the purpose of processing, you have the right to have your incomplete data completed, including providing a supplementary declaration.
Right to remove or right to erase
If you no longer want your data related to your physical person to be processed and you find in the conditions the right to obtain their removal, you also have the right to obtain removal of these data from our data processing.
Right to limitation of treatment
In certain situations, you have the right to obtain from our company the limitation of the processing of your data, such as when you dispute the accuracy of your data, for a period allowing our company to verify their accuracy, when the treatment by our company is allegedly unlawful, you oppose to their removal and instead require the limitation of their use, when our company no longer needs your data for processing but your data is still necessary for establishing, exercising or defending legal rights, when you object to the processing of your data during the verification period as to whether the legitimate motives pursued by our company prevail over yours.
Right to transfer your data
You have the right to receive the data which provided to our company, in a structured, commonly used and device readable format, and the right to transmit your data to another organization, without our company obstructing the transfer.
On your request, our company will deliver all your data related to your physical person via a durable medium, without any restriction or limitation.
Right of opposition and automated individual decision-making
When your personal data are processed by our company for the purposes of prospecting, you have the right to object at any time to the processing of your data for such purposes, including profiling to the extent it is linked to this prospection.
From the moment you do not wish to receive mass messages or newsletters, we invite you to inform us that you oppose the use of your data for purposes of promotion and direct marketing of our products and services.
8. How long do we keep your data?
Unless the law imposes a different duration, your data are kept for a limited period of time, as we are authorized by law, based on the purpose of the data processing, and not longer than twenty years from the date of the fact concerned, for events related to our extracontractual liability.
Our company has organized and implemented organizational and technical measures, to prevent a violation of your data, for example a security breach, resulting in accidental or unlawful destruction, loss, tampering, unauthorized disclosure of your data which have been transmitted to us, have been stored or otherwise processed, or unauthorized access to your data.
The liability of our company is limited with regards to direct damage, excluding any indirect damage, such as loss of data, financial or commercial loss, loss of profits, increase of overhead costs or disruption of schedule.
Our company is not liable for damage resulting from illegitimate manipulation of data, by a third party, such as theft, loss or destruction of your data, implementation of a virus, hacking, phishing, or any other computer infringement. In the event our company is involved, the liability of our company would be limited to 10,000 (ten thousand) euro.
The website of our subcontractors may contain hypertext links and references to other sites which we do not manage and control. Our company is not responsible for the content of these websites nor for the offers, products and services offered by these sites. We recommend that you read the policy of each site you visit and, if necessary, do not to continue browsing these sites.
11. What happens in case of litigation?
Any request relating to exercising your rights, any claim, any complaint or any grievance will have to be addressed to the headquarters of our company, by means of dated and signed writing, accompanied by the copy of a proof of identity so that we are able to verify your identity.
Our company strives to comply as best as possible with the legal and regulatory environment of Belgian and European regulation. With the best intention and in good faith, the company makes every effort to get there as soon as possible.
If you feel our company is failing one of its obligations, do not hesitate to contact us (see contact page on our website). We will answer your questions and we will take, without any delay, the actions you encourage us to take, related to the risks which we should have identified, evaluate and should control better.
12. Who is the supervisory authority, in case of dispute?
In case you are not satisfied with our answers, you can also contact the competent Belgian authority:
Data Protection Authority
Rue de la Presse, 35, 1000 Brussels
+32 (0) 2 274 48 00
+32 (0) 2 274 48 35
13. Applicable law and competent jurisdiction
These provisions will be governed, interpreted, executed and, if necessary, amended in accordance with Belgian law.
Any dispute which cannot be settled amicably within a period not exceeding 1 (one) month from its occurrence, this period may be extended by agreement, may be brought by the most diligent party before the Courts and Tribunals of the judicial district of Brussels, which will be the only ones competent.
14. Date of effect
This policy comes into effect on May 25th, 2018. Our company reserves the right to change, modify, add or delete this policy at any time.