Data privacy is extremely important to us. Therefore, we want to communicate openly and be transparent on how we treats your personal data. This privacy policy has the objective to inform you of the data that we collect, why we collect this data, how we treat the data you provide to us, and what your rights are.
1. WHO PROCESSES YOUR DATA?
The Belgian company, DUVEL MOORTGAT NV, with registered office at 2870 Puurs-Sint-Amands, Breendonkdorp 58, registered in Crossroads Bank for Enterprises Antwerp, department Mechelen with company registration number 0400.764.903 (herein after referred to as “DUVEL”) and all subsidiaries are the responsible for processing and de beheerders onder het toepasselijke recht regarding protection of data of the personal data you provide to us.
Duvel Moortgat and her affiliated companies are concerned about privacy questions and we would like to inform you on how the data that relates to you as a person (herein after: “personal data”) is collected, treated and provided.
In this privacy policy (herein after: “the Privacy policy”) our policy regarding the processing of your personal data that we collect through our websites ww.duvel.be. In Website or Websites, we mean all potential website of the Duvel-Group (herein after: “the Website” or “the Websites”).
2. WHICH DATA DO WE COLLECT?
When you visit our website, we collect the following data from you, regardless of whether you are a registered user of the website or not:
We use your IP-address and cookies to collect personal data:
In general, you are not requested to log-in or to provide personal data before you can access our website. Potentially it can be requested to log-in to gain access to certain functions.
On the forms on our websites is each time indicated which fields are mandatory and which fields are optional.
3. HOW DO WE COLLECT YOUR DATA?
Duvel collects your personal data in the following ways:
4. WHY DO WE COLLECT PERSONAL DATA?
Most of our services do not require any form of registration. However, some of our services require registration:
If you choose not to provide your personal data, it is possible that you can’t access certain parts of our website or that we can’t answer to your request.
DUVEL can use your personal data for all or some of the following purposes:
5. DO WE SHARE YOUR PERSONAL DATA ?
Your personal data will in no case be given, transferred or sold to third parties. DUVEL can call upon service providers, representatives or contractors to provide services in name of DUVEL, such as providing you the DUVEL sites and the services that are available to you (such as delivery). It is possible that these external parties gain access to your personal data or need to process these. DUVEL requires by means of a written agreement of these third parties that they comply to all relevant legislation related to protection of data and security measures regarding personal data.
DUVEL only shares data that is needed to deliver our products or to offer our services.
Your personal data is provided to following processors:
The processors with whom we collaborate are bound by strict confidentiality rules. They cannot use your data with permission for other purposes then the ones we impose.
Your data is only provided to processors so they can take on part of the tasks that are described in this privacy policy.
As such, your personal data can be processed by the following processors:
6. WHAT ARE YOUR RIGHTS?
Rights to information and access to personal data
You have the right to request DUVEL to gain access and to rectify your personal data or to limit the processing of your data. More specifically, you have the right to gain access to your personal data and the following information: the purposes of processing, the categories of personal data, the recipients or categories of recipients to whom the personal data is provided or will be provided, more specifically recipients in third countries or International organizations, and, if possible, the period it is expected that your personal data will be stored and if not possible, the criteria that determine this retention period.
Right to rectification of data
The personal data needs to be accurate, and if needed, be updated. Therefore, you have the right to rectify your personal data.
Right to data portability
You have the right to obtain your personal data, provided to DUVEL, in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller, if this is technically possible.
Right to erasure (“right to be forgotten”)
You have the right to obtain from DUVEL the erasure of your personal data without undue delay, and DUVEL has the obligation to erase this data without undue delay when the personal data are no longer necessary in relation to the purposes for which they were collected (e.g. an order that was placed).
Right to restriction of processing
You have the right to obtain from DUVEL the restriction of processing when:
Right to object
You have the right to object to the processing of your personal data for the specified purpose, to the extent the processing of data is not required for legal obligations and for the normal operations of the organization. DUVEL shall no longer process personal data in this case, unless there are legitimate grounds for the processing which override your interests, rights and freedoms (e.g. in the context of a labor agreement).
7. COOKIES
Certain categories of data are received and stored each time you have contact with us.
For example, like a lot of other websites, we use “cookies” and we receive certain types of data when your web browser opens DUVEL (e.g. which pages are visited and how intensely these are used). This way, we can adapt our site better to your expectations.
More information on cookies you can find in our “cookie policy”, as well as instruction on how to disable these cookies.
8. SAFETY
DUVEL makes efforts to implement and maintain the appropriate measures to ensure that the safety, integrity and privacy of the personal data you provided is not abused. When processing your personal data, we take reasonable measures to protect this information from loss, abuse, unauthorized access, disclosure, modifications or deletion.
We use different technical and organizational measures to protect your personal data and to help prevent theft, abuse and unauthorized access, disclosure, modifications and deletion of your information. For example, we maintain the data provided by you on computer systems with limited access and in controlled environments. In addition, we require our external datacenter providers to take appropriate security measures. While transferring your data through internet, your data is protected by encryption. Your password is encrypted and can’t be made legible, which means it can’t be recovered or be disclosed by anybody, not even by DUVEL.
When you place an order online and choose online payment by Visa, Master Card or Eurocard, you will be requested to provide the card number. The processing of this transaction is done by the certified payment provider Ingenico who guarantees a 100% safe transaction. DUVEL will not see you card number or other data.
For questions about the safety of your personal data you can contact us through dataprotection@duvel.com.
9. LINKS TO OTHER WEBSITES
The site can contain links to other websites. When you leave the site and visit another website, it is possible that other privacy practices are applied and that another privacy policy is applicable of which DUVEL has no control and for which we are not responsible.
10. RETENTION
DUVEL retains personal data no longer then strictly needed for the offering of our services or products, to perform transactions you have requested or for essential purposes like respecting our legal obligation, the settlement of potential disputes and to comply with our agreements. Because these needs can differ, the retention periods can also differ considerably.
We can maintain your personal data after a last interaction with DUVEL for a reasonable period for example to follow-up on an order. When the personal data we collected is no longer required for the purpose for which they were maintained, we will delete them in a secure way.
11. CHILDREN
This website is not aimed at individuals that don’t have the legal age of 18 years. We don’t purposefully collect data of these individuals. They can only use the services of our site in the presence of a parent or guardian and only with their permission.
If, after reporting of a parent or guardian, or after discovery in another way, it seems that a child younger than 18 years is registered unjustly with false data, we shall remove the account of the child and delete the personal data of the child from our registration.
12. LEGAL REQUIREMENTS
DUVEL can divulge your personal data if it legally needs to or if DUVEL, in good faith, judges that such divulgation is reasonably necessary to fulfill legal procedures or to react on potential claims.
13. MERGERS AND ACQUISITIONS
In case of a partial or complete merger or partial or complete acquisition of DUVEL by another company, the company that acquires DUVEL shall receive access to the information that is maintained by DUVEL, but is also bound to the same obligations with regard to your personal data.
14. TRANSFER OF DATA (OUTSIDE EEA)
DUVEL has implemented appropriate measures to protect your personal data when these are transferred internationally, for example by using standard contractual clauses as approved by the European Commission. Your protection is hereby guaranteed.
15. ENTRY INTO FORCE AND MODIFICATIONS
This policy is created and enters into force as from 22/02/2020.
We maintain the right to, if it is deemed necessary, to change, modify, add or delete (parts) of this policy.
It is your responsibility to be aware of the most recent version of this Policy. Using this Site means you agree to the content of this Policy.
16. QUESTIONS?
If you have questions on the use of your personal data or about the security of our website, contact us by sending an e-mail to dataprotection@DUVEL.com.
Unless specifically mentioned otherwise, DUVEL is controller for the personal data we collect and to which this privacy policy applies. Our address is 2870 Puurs-Sint-Amands, Breendonkdorp 58, Belgium.