DATA PROTECTION POLICY - GDPR
This website has been created on the initiative of REVATECH SA, Rue du Parc Industriel, 2, 4480 Engis, Belgium, company number (VAT-BE) 0421.012.761, e-mail: firstname.lastname@example.org, hereinafter simultaneously referred to as "REVATECH" or "we".
All Users having a user profile (hereinafter "the User") on REVATECH’s websites or applications, and any Visitor, without a registered user profile, to the website (hereinafter "the Visitor") accept the gathering of their personal data during their visit to and/or use of the website as explained below.
REVATECH endeavours to collect and process personal data in accordance with the relevant applicable national and international laws governing personal-data processing, including European Regulation 2016/679 of 27 April 2016 on protecting individuals with regard to the processing of their personal data and the free movement of such data (hereinafter "GDPR") and the laws implementing or supplementing the GDPR (hereinafter jointly referred to as "Privacy legislation").
The User or Site Visitor declares that they have read and accept this Data Protection policy and, therefore, accept the processing of their personal data as described here.
REVATECH reserves the right to modify and make future changes to the present Data Protection policy. REVATECH will inform the User and/or Visitor of these modifications or changes in clear form, after which the User or Visitor will be deemed to have expressly accepted such modifications. Users and Visitors to our website should therefore regularly check this Data Protection policy.
1. WHO PROCESSES my PERSONAL DATA?
1.1. THE PERSON IN CHARGE OF DATA PROCESSING (DATA PROTECTION OFFICER)
The following person is designated as being responsible for the processing of data gathered on the website www.revatech.be:
Rue du Parc Industriel, 2, 4480 Engis, Belgium
Company number (VAT-BE): 0421.012.761
REVATECH relies on a certain number of subcontractors to process your personal data on its behalf, and to ensure the proper technical functioning of the website.
These subcontractors are carefully selected by REVATECH. All subcontractors are required to give sufficient guarantees that the necessary technical and organizational security measures shall be in place, and must be in compliance with relevant Privacy legislation.
REVATECH may have cause to use the services of the following kinds of subcontractor in operating its website:
- Subcontractors who collect and/or display website statistics
- Web application software providers
- Internet service providers
- Subcontractors who collect and/or post website reviews and evaluations
- Subcontractors providing email marketing and/or other communications services
- Subcontractors which carry out satisfaction surveys and/or which contact customers
- Subcontractors selling data to REVATECH
- Subcontractors offering logistics services
- Commercial agents
2. WHAT ARE THE PURPOSES OF THE PERSONAL DATA PROCESSING?
By collecting your personal data, REVATECH seeks to offer all Users and all Visitors to its website safe, optimal and personalized use of this. Where Users make more extensive use of our website, data collection and processing may accordingly be greater.
The proper functioning of our website and the services associated with it are dependent on processing incoming data. This processing is carried out for the following purposes:
- To enable the User to have access to his user-profile and thence to an order on our website
- To offer a general and customised service
- Sending (realistically) useful, necessary communications, whether commercial or otherwise. REVATECH may also transmit commercial communications on behalf of third parties
- Providing products and services and improving these
- To inform the User and/or Visitor about REVATECH’s and other companies’ (new) products and services
- To enable studies and compilation of statistics
- To provide support in responding to questions or comments
- Following-up complaints regarding the running of our website
- Detecting and protecting against fraud, errors, criminal or illegal behaviour and/or any other action that goes against the conditions and values met by our website
REVATECH may make new uses of personal data, such as the development of new services and features, insofar as they are compatible with the aims described above.
REVATECH stores and processes your personal data for as long as it is necessary for the purposes described above.
3. ON WHAT BASIS IS PERSONAL DATA PROCESSED?
REVATECH processes the personal data collected via the website, based on:
- The User’s and/or the Visitor’s explicit acceptance of this Data Protection policy; and or
- Compliance with legal requirements; and or
- The defence of REVATECH’s legitimate interests, insofar as this does not exceed the User’s or Visitor’s interests or fundamental rights and freedoms such as, for example, for purposes of direct marketing, fraud prevention, internal administrative tasks or guaranteeing network and information security, as the case may be; and or
- The setting up and fulfilment of the contract concluded between the Visitor or the User and REVATECH via the website.
4. HOW IS THE PERSONAL DATA GATHERED?
4.1. THROUGH THE REGISTRATION PROCEDURE
Contact data: this is the obligatory data that the User or Visitor completes by filling out the contact form (s), namely:
- First name
- Telephone and/or mobile number
- E-mail address
- Country of residence
Data voluntarily posted by the User: this is personal information that the User or the Visitor expressly communicates by filling in the empty text boxes provided for this purpose in the contact form (s), namely "Subject of the request" and "Message". The User or Visitor is strongly advised to avoid entering any personal data into these text boxes or, at all events, to limit such information to what is strictly necessary in order to process the User’s or Visitor’s request. Where REVATECH should come to gather such data in this way, it undertakes to only use such data as is strictly required in order to process the User’s or Visitor’s request.
4.2. VARIOUS TECHNICAL RESOURCES
The website makes use of different technical facilities in order to optimize the User’s and/or the Visitor’s online experience, and to detect any (technical) errors on the website:
- Connection information: this is information such as the IP address, the presumed place of consultation, the date and time of the consultation, the website through which you reached our website, the webpages visited afterwards, the links on the User clicks, and other use of our website;
- Information about the access device used, namely information regarding the hardware and software in use on this specific device, and also information about the network;
- Information used in order to compile statistics and for carrying out analyses;
- Information enabling a better and more tailored service.
5. IS MY DATA TRANSMITTED TO THIRD PARTIES IN THE EU?
Personal data may be shared with REVATECH partners based within the European Union. Personal data may also be shared with those types of subcontractors listed in article 1.2. of this Data Protection policy.
REVATECH has taken technical and legal precautions to avoid any unlawful access to and processing of personal data. REVATECH does not sell, transmit or disclose personal data to third parties, unless:
- The User or Visitor expressly gives his or her consent to this, for purposes of direct marketing for example; or
- Where this is necessary in order to fulfil the order/contract. This is the case when disclosing data to employees, collaborators, agents, subcontractors, suppliers and business partners; or
- Where REVATECH has a legitimate interest in passing on data, in cases of fraud, for example; or
- Where this is necessary, for reasons of significant public interest or when required by law.
6. IS MY DATA PROCESSED OUTSIDE THE EU?
In some cases, your personal data may also be transferred and processed outside the EU. In this case, we make sure that your data is processed in line with privacy law, such that similar personal data protection is guaranteed.
7. WHAT ARE MY RIGHTS?
The User or Visitor is able to exercise a certain number of rights regarding REVATECH’s processing of his personal data, insofar as these rights are accorded him under applicable law.
Users or Visitors wishing to exercise this right can complete the contact form available on www.revatech.be. REVATECH will respond to your message, either fulfilling the request or not, depending on the applicable law, as a rule within a month, in accordance with the relevant legislation.
Users and Visitors can also send or file a complaint with the Data Protection Authority (email@example.com).
7.1. YOUR RIGHT TO OBJECT
The User or Visitor has the right, at any time, to challenge REVATECH’s legitimate interest in processing his or her personal data, given his or her specific situation. In the absence of compelling legitimate reasons why REVATECH’s use of his or her data should continue, where the User or the Visitor raises an objection, REVATECH will cease to process this personal data, unless it is able to give compelling legitimate reasons which take precedence over the User’s or Visitor’s interests, freedoms and fundamental rights, or which are linked to commencing, taking or founding legal action.
7.2. RIGHT OF ACCESS
All Users and/or Visitors proving their identity, have the right to peruse their personal data and to receive a copy of this personal data. Any User or Visitor who proves his identity, also has the right to access certain information relating to the processing of his personal data, in particular the purpose of this processing, the categories of personal data involved, the kinds of recipients to whom this data is transmitted, and the length of time this data is stored.
7.3. RIGHT OF CORRECTION
Users and Visitors may use the contact form to request the correction or completion of their personal data.
7.4. DELETION RIGHT
The User or Visitor has the right, within a reasonable period of time, to request the deletion of his or her data, insofar as:
a) The personal data concerned is no longer necessary for the purposes for which it was collected or otherwise processed;
b) The legal basis for processing it no longer exists;
c) The User or Visitor objects to the processing, and there is no overriding, legitimate reason why REVATECH should process it;
d) The personal data has been unlawfully processed; or
e) Personal data needs to be deleted in order to comply with a legal obligation incumbent on REVATECH.
Where REVATECH meets the request for deletion of data, it will confirm this in a message sent to the User or Visitor. Where data is partially deleted, REVATECH will also give the reason for this.
7.5. THE RIGHT TO RESTRICT PROCESSING
The User or Visitor has the right to require REVATECH to restrict processing of his or her personal data if, and insofar as one of the following conditions applies:
a) The User or Visitor contests the accuracy of the data, granting REVATECH a reasonable period of time in which to verify this;
b) Personal data has been unlawfully processed or the User or Visitor objects to the deletion of data, requesting only restricted use of it instead;
c) REVATECH no longer needs personal data for processing purposes, but it is still needed by the User or the Visitor in order to establish, exercise or defend legal claims;
d) The User or Visitor has objected to the processing of personal data while REVATECH is checking whether or not it has legitimate reasons for doing this that take precedence over the User’s and/or Visitor’s rights.
However, REVATECH may continue to store data for limited processing purposes.
7.6. RIGHT TO DATA PORTABILITY
Personal data that is processed in fulfilment of the agreement, and which is provided by the User or Visitor him- or herself and undergoes computerised processing, may be obtained from REVATECH, by these persons, in a structured format that is commonly used and machine-readable, and such data can be transferred to a similar provider or directly transferred if this is technically feasible.
Insofar as REVATECH can prove that it is in no way responsible for damages, it shall not be liable for damages caused by the processing or use of the website, such as loss or corruption of data, identity theft, data theft, viruses or Trojans, or SQL injections or other attacks on computer systems or online cloud portals.