GENERAL PRIVACY AND DATA PROTECTION POLICY
Briganti respects your privacy. Whether you deal with Briganti as a customer, a consumer, a member of the general public, etc., you are entitled to the protection of your Personal Data. This data may relate to your name, telephone number, email address but also to other data, such as your IP-address, location, etc.
In this General Privacy and Data Protection Policy (“Policy”) we describe how we collect your Personal Data and why we collect it, what we do with your Personal Data, with whom we share it, how we protect it, and the choices you can make relating to your Personal Data.
This Policy applies to the processing of your Personal Data in the framework of various services, tools, applications, websites, portals, (online) sales promotions, marketing actions, sponsored social media platforms, etc. that are provided or operated by us or on our behalf.
If you accept the provisions of this Policy, you are agreeing to us processing your Personal Data in the ways that are set out below.
In this Policy, capitalised terms will have the meaning as defined below:
Data Controller means the organisation which determines the purposes for which, and the manner in which, your Personal Data is processed. Unless we inform you otherwise, the Data Controller is Briganti.
Data Processor means the person or organisation which processes your Personal Data on behalf of the Data Controller.
EEA means the European Economic Area (= member states of the European Union + Iceland, Norway, and Liechtenstein).
Personal Data is any data relating to you directly or which allows your identification, such as, for example, your name, telephone number, email address, location, etc.
Processing means the collection, accessing and all forms of use of your Personal Data.
3. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?
The entity which is responsible for the processing of your Personal Data is and acts as Data Controller:
Name: Briganti BV
Address: Amerlolaan 17, 2900 Schoten, Belgium
Company Reg. Nr.: 0764.659.809
4. WHO CAN YOU CONTACT IN CASE YOU HAVE QUESTIONS OR REQUESTS?
We have organised a Data Protection Contact Point who will handle your questions or requests relating to this Policy, any specific privacy notice, your Personal Data (and its Processing).
For any questions or requests or complaints concerning the application of this Policy or to exercise your rights, as described in this Policy, you may contact us at the Data Protection Contact Point: email@example.com
5. KEY PRINCIPLES
We value your Personal Data entrusted to us and we are committed to processing your Personal Data in a fair, transparent and secure way.
The key principles Briganti applies are as follows:
Lawfulness: we will only collect your Personal Data in a fair, lawful and transparent manner.
Data minimisation: we will limit the collection of your Personal Data to what is directly relevant and necessary for the purposes for which they have been collected.
Purpose limitation: we will only collect your Personal Data for specified, explicit and legitimate purposes and not process your Personal Data further in a way incompatible with those purposes.
Accuracy: we will keep your Personal Data accurate and up to date.
Data security and protection: we will implement technical and organisational measures to ensure an appropriate level of data security and protection considering, among others, the nature of your Personal Data to be protected. Such measures provide for the prevention of any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and any other unlawful form of Processing.
Access and rectification: we will process your Personal Data in line with your legal rights.
Retention limitation: we will retain your Personal Data in a manner consistent with the applicable data protection laws and regulations and no longer than is necessary for the purposes for which they have been collected.
Protection for international transfers: we will ensure that any of your Personal Data transferred outside the EEA is adequately protected, either via an adequacy decision by the European Commission, by implementing the standard contractual clauses as approved by the European Commission in our agreements with our partners.
Safeguards towards third parties: we will ensure that Personal Data access by (and transfers to) third parties are carried out in accordance with applicable law and with suitable contractual safeguards.
Lawfulness of direct marketing and cookies: when we send you promotional materials or place cookies on your computer, we will ensure that we do so in accordance with applicable law.
6. PROCESSING OF YOUR PERSONAL DATA: WHICH PERSONAL DATA DO WE COLLECT AND ON WHAT LEGAL GROUNDS
Whenever we require your Personal Data, we will always clearly inform you which of your Personal Data we collect.
Please note that in accordance with applicable data protection law, your Personal Data can be processed if:
you have given us your consent for the purposes of the Processing. Please note that you will always have the right to withdraw your consent at any time; or
it is necessary for the performance of a contract to which you are a party, or in order to take the steps at your request to enter into a contract; or
with such Processing, we pursue a legitimate interest that is not outbalanced by your privacy rights. For example to provide you with information on our similar products and services and to respond to your questions/complaints/inquiries, to compile anonymized statistical data; or
it is required to comply with a legal obligation, for example tax purposes, social security purposes, providing information to a public body or law enforcement agency, following a court order, etc.
7. FOR WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
We will only process your Personal Data for specified, explicit and legitimate purposes and we will not process your Personal Data further in a way that is incompatible with those purposes.
Such purpose can be to deliver our goods and/or services, payment transaction processing, the improvement of your visit on one of our websites or portals, the improvement of our products and services more generally, the offering of services or applications, marketing communications and actions, sending you our newsletter and/or promotional content, call/e-mail necessary to enable our services, enable you to make a personal account, to comply with legal obligations, etc.
8. KEEPING YOUR PERSONAL DATA ACCURATE AND UP TO DATE
It is important for us to maintain accurate and up-to-date records of your Personal Data. Please inform us of any changes to or errors in your Personal Data as soon as possible by contacting us (see section 3 “Who can you contact in case you have questions or requests?”). We will take reasonable steps to make sure that any inaccurate or outdated Personal Data is deleted or adjusted accordingly and within a reasonable time.
9. ACCESS TO YOUR PERSONAL DATA
You have the right to access your Personal Data that are being processed by Briganti. If your Personal Data is inaccurate or incomplete, you can request the rectification or erasure of your Personal Data. If you require further information in relation to your privacy rights or would like to exercise any of these rights, please contact us (see section 3 “Who can you contact in case you have questions or requests?”).
10. HOW LONG DO WE KEEP YOUR PERSONAL DATA
We will keep your Personal Data in a manner consistent with applicable data protection law. We will only keep your Personal Data for as long as necessary for the purposes for which we process your Personal Data or to comply with the law. For information on how long certain Personal Data is likely to be kept before being removed from our systems and databases, please contact us (see section 3 “Who can you contact in case you have questions or requests?”).
11. PROTECTING YOUR PERSONAL DATA
We have a set of technical and organisational security measures in place to protect your Personal Data against unlawful or unauthorised access or use, as well as against accidental loss or damage to their integrity. They have been designed taking into account our IT infrastructure, the potential impact on your privacy and the costs involved and in accordance with current industry standards and practice.
Your Personal Data will only be processed by a third-party Data Processor if that Data Processor agrees to comply with those technical and organisational data security measures.
Maintaining data security means protecting the confidentiality, integrity and availability of your Personal Data:
(a) Confidentiality: we will protect your Personal Data from unwanted disclosure to third parties.
(b) Integrity: we will protect your Personal Data from being modified by unauthorised third parties.
(c) Availability: we will ensure that authorized parties are able to access your Personal Data when needed.
Our data security procedures include access security, backup systems, monitoring, review and maintenance, management of security incidents and continuity, etc.
13. DISCLOSURE OF PERSONAL DATA
Depending on the purposes for which we collect your Personal Data, we may disclose it to the following categories of recipients.
a) Within our organisations and our brand environment:
Our authorised staff members;
b) Third party business partners:
Advertising, marketing and promotional agencies: to help us deliver and analyse the effectiveness of our advertising campaigns and promotions;
Business partners: for example, trusted companies that may use your Personal Data to provide you with the services and/or the products you requested and/or that may provide you with marketing materials (provided that you have consented to receiving such marketing materials). We ask such companies to always act in compliance with applicable laws and this Policy and to pay high attention to the confidentiality of your personal information;
Service providers of Briganti: companies that provide services for or on behalf of Briganti, for the purposes of providing such services (for example, Briganti may share your Personal Data with external providers of IT related services);
c) Other third parties:
When required by law or as lawfully necessary to protect Briganti:
- to comply with the law, requests from authorities, court orders, legal procedures, obligations related to the reporting and filing of information with authorities, etc.;
- to verify or enforce compliance with Briganti policies and agreements; and
- to protect the rights, property or safety of Briganti and/or its customers;
In connection with corporate transactions: in the context of a transfer or divestiture of all or a portion of its business, or otherwise in connection with a merger, consolidation, change in control, reorganisation or liquidation of all or part of the business of Briganti.
Please be aware that third party recipients listed under points b) and c) above – especially service providers who may offer products and services to you through Briganti’s services or applications or via their own channels – may separately collect Personal Data from you. In such case, these third parties are solely responsible for the control of such Personal Data and your dealings with them will fall under their terms and conditions.
14. TRANSFERS OUTSIDE THE EEA
Your Personal Data may be transferred to recipients which may be outside the EEA and may be processed by us and these recipients outside the EEA. In connection with any transfer of your Personal Data to countries outside the EEA that do not generally offer the same level of data protection as in the EEA, Briganti will implement appropriate specific measures to ensure an adequate level of protection of your Personal Data, either via an adequacy decision by the European Commission, by implementing standard contractual clauses as approved by the European Commission in our agreements with our partners or through binding corporate rules that ensure an adequate level of protection of your Personal Data.
15. YOUR RIGHTS
Please note that you have the following rights in relation to our processing of your Personal Data:
Right to access and correction: you have the right to access your Personal Data. Before providing access, we may ask for proof of identity and the necessary information about your interactions with us for security purposes. If we agree that we are obliged to grant you access, we will do so free of charge but only for your first request. If the Personal Data we hold about you is incorrect, you may always ask us to correct any inaccuracies.
Right to restrict processing: you have the right to request a restriction of processing if we are not entitled to use your Personal Data (anymore) or if you contest its accuracy.
Right to object processing: where applicable, you have the right to object to us processing your Personal Data for certain purposes. In particular, you have the right to object to direct marketing (e.g. e-mails) free of charge and without any justification.
Right to erasure: you have the right to have any of your Personal Data erased (except in some cases, for example, to prove a transaction or when required by law).
Right to data portability: under certain conditions, you have the right to receive your Personal Data, which you have provided to us, in a commonly used, structured machine readable format and to transmit your Personal Data to any third party of your choice.
Right to withdraw consent: Where your Personal Data is processed based on your consent, you may withdraw this consent at any time without justification.
You can make a request or exercise these rights by contacting our Data Protection Contact Point and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.
Finally, please note that you have the right to file a complaint against the Data Controller with the Belgian data protection authority (“DPA”):
1000 Brussels (BELGIUM)
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
16. LEGAL INFORMATION
The requirements of this Policy supplement, and do not replace, any other requirements existing under applicable data protection law. In case of contradiction between what is written in this Policy and requirements in applicable data protection law, applicable data protection law will have priority.
Briganti may amend this Policy at any point in time. Where this happens we will alert you of any changes and we will then ask you to re-read the most recent version of our Policy and to confirm your acceptance thereof.
You can also check this Policy periodically to inform yourself of any changes.
This Policy was last updated on Thursday, August 5 2021
Address: Amerlolaan 17, 2900 Schoten, Belgium
Company Registration Number: 0764.659.809
2. WHAT IS A COOKIE?
A Cookie is a small text file that a website stores on your computer or mobile device whenever you visit us online (“Cookies”). The purpose is to enable the website to remember your preferences (such as user name, language, etc,) for a certain period of time.
When you visit our website at a later time, these Cookies will be sent to the website. This way, our website recognises your browser and can remember for ex. your language preferences to ensure that your user experience is optimised.
2.1. Types of cookies
There are different types of Cookies:
- Session Cookies are stored in the device’s memory only during a user’s browsing session and are automatically deleted from the user’s device when the browser is closed (“Session Cookies”);
Persistent Cookies are stored on the user’s device and are not deleted when the browser is closed, unless deleted by the user (“Persistent Cookies”). Persistent Cookies can retain user preferences for a particular website, allowing those preferences to be used in future browsing sessions.
2.2. Which cookies do we use?
2.3. Legal grounds
The applicable legislation allows us to process personal data if we have a processing ground under the law to do so.
When we process your personal data through Cookies, we rely on the following legal ground for processing:
- Legitimate interests: essential Cookies
3. HOW TO MANAGE COOKIES?
You can manage/disable Cookies, at any moment, by clicking on the “Advanced Cookie settings” button.
If you wish to delete the placed Cookies, you may do so by clearing your browser’s Cookies.
6. QUESTIONS AND/OR REMARKS
If, after reading this Policy, you still have some questions or remarks regarding Cookies, please contact us at firstname.lastname@example.org