Select language FR NL
WinkelenOpAfspraak logotype

Privacy verklaring (NL)

1. Introduction

1.1. General

Vaimo Benelux NV and TailorFIT, a division of XePOS cvba (hereinafter "We" or "Our" or "Us") understand that your privacy is important to you and that you have concerns about how your personal data is used. We respect and appreciate the privacy of everyone who visits our website /www.winkelenopafspraak.be or uses our services. When you use our services or visit our website, we will only collect and use personal data as described here and consistent with our obligations and rights under applicable privacy laws.

This Privacy Statement applies when we act as data controller for the processing of personal data from our website and our services, in other words, when we determine the purpose and means of processing such personal data.

Transparency in the processing of personal data is a crucial element of the General Data Protection Regulation (GDPR, EU Regulation 2016/679) and all other applicable national laws affecting the processing of personal data, such as the Framework Act of 30 July 2018 on the protection of individuals with regard to the processing of personal data. The starting point of this Privacy Statement is that your personal data will be processed in accordance with the relevant laws and regulations. Principles such as proper and careful processing are also taken into account.

Please read this Privacy Statement carefully and make sure you understand it.

1.2. What are personal data?

Personal data is defined in the GDPR as "any information relating to an identifiable person that can be directly or indirectly identified". Personal Data is, in simpler terms, any information about you that enables you to be identified. Personal Data refers to obvious information, such as your name and contact details, as well as less obvious information, such as identification numbers, electronic location data and other online identifiers.

1.3. Principles governing the processing of personal data

In order to comply with the above, the following principles apply:

  • All processing of personal data is based on one of the grounds specified in Article 6 of the GDPR and the Framework Act of 30 July 2018;
  • Prior to processing, the justified purposes are formulated. The purposes for which the personal data are processed are explicitly described in plain language;
  • The processing of personal data, with a view to the purpose, is relevant. This means that the amount and type of personal data is limited to the personal data deemed necessary for the specified purpose;
  • The processing of personal data is reasonable in relation to the intended purpose. In line with this, the processing of personal data shall be carried out in the least intrusive manner possible;
  • Technical and organisational measures will be taken to ensure that the personal data to be processed are accurate and up to date;
  • In accordance with the applicable security standards, personal data will be adequately secured;
  • Personal data shall not be further processed in a way incompatible with the purposes for which they were originally collected;
  • Personal data shall not be processed for longer than is considered necessary for the defined purposes of the processing;
  • The rights of data subjects shall be respected and complied with.

2. Contact details

Our website and services are offered and operated by

  • Vaimo Benelux NV. We are registered in Belgium under registration number 0684.899.182 and our registered office is located at C-Mine 1/13, 3600 in Genk.
  • TailorFIT, a division of XePOS cvba. We are registered in Belgium under registration number 0818.536.775 and our registered office is located at Antwerpsesteenweg 124, 2630 in Aartselaar.

You can contact us:
(a) by post, to the above postal address;
(b) via the contact form on our website;
(c) by e-mail, using info@winkelenopafspraak.be.

3. What personal data are processed and how are these data used?

3.1. What personal data are processed and for what purposes?

In paragraphs 3.1.1 to 3.1.3 we will set out the following topics for each category of personal data:
(a) The purposes for which we may process personal data; and
(b) The legal bases of the processing

We may process any of your personal data identified in this privacy statement when necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in administrative or extrajudicial proceedings. The legal basis for this processing is our legitimate interests, namely the protection and exercise of our legal rights, your legal rights and legal rights of others.

In addition, we may process your personal data when necessary to comply with a legal obligation to which we are subject, or to protect your vital interests or the vital interest of another natural person.

3.1.1 Usage data

We may process data about your use of our website and services (“Usage data”). Usage data may include your IP address, geographic location, browser type and version, operating system, referral source, duration of your visit, page views and website navigation paths, as well as information on timing, frequency and pattern of your use of the service. The source of usage data is our analytical tracking system. This usage data may be processed for the purpose of analysing the use of the website and services. The legal basis for this processing is consent and/or legitimate interests, namely, to monitor and improve our website and services. We do this through the use of cookies. See in this respect our Cookie Policy.

3.1.2 User Data

We may process the information you provide us for scheduling an appointment (“User data”). The user data may include your first name, last name, telephone number, e-mail address. The user data may be processed to schedule your appointment at the relevant store and to enable and monitor our services. The legal basis for this processing is consent.

3.1.3 Correspondence details

We may process information contained in or relating to the communication you send us (“Correspondence details”). The correspondence data may include the content of the communication and the metadata related to the communication. The correspondence details may be processed for the purpose of communicating with you and maintaining records. The legal basis for this processing is our legitimate interests, namely the proper management of our website and our business and communications with users.

3.2 Processors

A processor is a natural or legal person who processes personal data at the request of or on behalf of us. We may sometimes enter into contract with this party to provide certain products and/or services. In other words: we use processors, because this is necessary for the provision of services. In this case, we will enter into a written agreement with the processor whereby the security of your personal data is guaranteed by the processor. The processor will always act in accordance with our instructions.

We work with the following categories of processors:

  • Companies we have engaged for ICT technical support and hosting purposes;
  • Companies we have engaged for analytical purposes.

4. Provision of your personal data to third parties

We may disclose your personal data to a partner identified on our website for the purpose of scheduling the appointment. This partner acts as data controller. The partner has its own privacy statement, which applies to the further use of your personal data.

We may disclose your personal data when necessary to comply with a legal obligation to which we are subject, or to protect your vital interest or the vital interests of another natural person.

5. International transfer (outside the EEA) of your personal data

We will only store or transfer your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU Member States plus Norway, Iceland and Liechtenstein. This means that your personal data will be fully protected under the GDPR or equivalent legal standards.

6. Storage and deletion of your personal data

Personal data that we process for the purposes as described in paragraph 3.1 will not be kept longer than 14 days after the appointment has been scheduled.

Without prejudice to the above, we may retain your personal data when necessary to comply with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.

7. Security of your personal data

We will take appropriate technical and organizational measures to secure your personal data and to prevent the loss, misuse or alteration of your personal data.

Standard security measures.

8. Modifications

We may update this policy from time to time by posting a new version on our website. This may be necessary, for example, if the law changes, or if we change things in a way that affects the protection of personal data. We encourage you to check this page from time to time to ensure that you are happy with any changes to this privacy statement.

We will notify you of important changes to this privacy statement by e-mail.

9. Your rights

Some rights are complex and not all details are included here. Therefore, please read the relevant provisions and guidelines of supervisory authority for a full explanation of these rights.

Your most important rights under the GDPR are:
A. The right of inspection;
B. The right of rectification;
C. The right of erase (oblivion);
D. The right to limit processing;
E. The right to object to the processing:
F. The right of data portability:
G. The right to lodge a complaint with a supervisory authority, and
H. The right to revoke your consent

You can exercise your rights with regard to your personal data by means of a written notification to us. See section 2 for contact details.

We will respond to your request within one month of receiving it. We normally aim to provide a full response within that time. However, in some cases, especially if your request is more complex, more time may be required, up to a maximum of three months from the data we receive your request. You will be kept fully informed of the progress.

9.1. The right of inspection

You have the right to confirm whether or not we are processing your personal data and, if we do so, to access the personal data, together with certain additional information. This additional information includes details of the purpose of the processing, the categories of personal data concerned and the recipients of the personal data. Provided that the rights and freedoms of others are not affected, we will provide you with a copy of your personal data. The first copy will be provided free of charge, but additional copies may be provided for a reasonable fee.

9.2. The right of rectification

You have the right to have inaccurate personal data about you corrected and, taking into account the purposes of the processing, to have incomplete personal data about you filled in.

9.3. The right of erase (oblivion)

In some cases, you have the right to have your personal data erased, without undue delay. These circumstances include: the personal data is no longer necessary in connection with the purposes for which they were collected or otherwise processed; you withdraw your consent to a processing based on consent; you object to the processing according to certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data has been unlawfully processed. However, there are exclusions form the right to delete data. The general exclusions include where processing is necessary: for the exercise of the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.

9.4. The right to limit processing

In certain cases you have the right to limit the processing of your personal data. These circumstances are: you dispute the accuracy of the personal data; the processing is unlawful, but you oppose the deletion; we no longer need the personal data for our processing, but you need personal data for the establishment, exercise or defence of legal claims; and you have objected to the processing, pending verification of that objection. If the processing is limited on this bases, we may further store your personal data. However, we will only process them otherwise: with your consent; for the establishment, exercise of defence of legal claims; for the protection of rights of another natural of legal person; or for reasons of overriding public interest.

9.5. The right to object to the processing

You have the right to object to our processing of your personal data for reasons relating to your specific situation, but only to the extent that the legal basis for the processing is that the processing is necessary for the purposes of the legitimate interests pursued by us or a third party. If you object, we will cease processing the personal data, unless we can demonstrate that there are compelling legitimate reasons for processing which outweigh your interests, rights and freedoms, or that the processing is intended to establish, exercise or defend legal claims.

Furthermore, your have the right to object to our processing of your personal data for scientific purposes for reasons relating to your specific situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

9.6. The right of data portability

Insofar as the legal basis for our processing of your personal data is based on:
(a) Consent; or
(b) That the processing is necessary for the performance of a contract to which you are a party or to take action at your request before you enter into a contract, and this processing is automated, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However this right does not apply where this would infringe the rights and freedoms of others.

9.7. The right to lodge a complaint with a supervisory authority

If you believe that our processing of your personal data violates the data protection laws (GDPR), you have the right to lodge a complaint with a data protection supervisory authority. In Belgium, the supervisory authority is the Data Protection Authority (DPA).

Contact details DPA

Data Protection Authority

Drukpersstraat 35, 1000 Brussels

+32 (0)2 274 48 00

contact@apd-gba.be

https://www.gegevensbeschermingsautoriteit.be

9.8. The right to withdraw your consent

Insofar as the legal basis for our processing of your personal data is consent, you have the right to withdraw this consent at any time. Revocation does not affect the lawfulness of the processing prior to revocation.

10. Updating your personal data

Please let us know if the personal data we have about you, needs to be corrected or updated.