Privacybeleid

PRIVACY STATEMENT

Introduction

 

  1. This privacy policy explains how Corosa Ltd. handles the personal data of its customers, natural persons, and all other natural persons in contact with it (hereinafter referred to as ‘you’). Corosa, is a limited liability company with its registered office at Dennenlaan 77, 2243 Zandhoven and registered in the Crossroads Bank for Enterprises under number 0404.008.463.
  1. This privacy statement only applies to personal data of individuals, it does not regulate data of companies or other legal entities. Personal data means any form of information that allows you to identify yourself directly or indirectly as a natural person. However, information relating to single-person companies may consist of personal data if it allows the identification of a natural person. This privacy statement also applies to any personal data relating to natural persons in the context of a professional activity, such as employees of a company or organization, business e-mail addresses in the form of “voornaam.achternaam@bedrijf.eu” or business telephone numbers of employees.
  1. Corosa attaches great importance to the protection of your personal data and fully respects your privacy. Corosa handles and protects your personal data in a lawful, proper and transparent manner. When processing your personal data, Corosa evidently complies with the law, currently the European Data Protection Regulation No. 2016/679 of April 27, 2016 (better known as “GDPR” or “AVG”) or any other legislative act amending it.

More information on the protection of personal data can be obtained from the Belgian Commission for the Protection of Privacy, called the Data Protection Authority as of May 25, 2018.

  1. We invite you to read this statement carefully so that you know and understand Corosa’s policy in this area. This statement is updated regularly. The most recent version of the statement is available on our website. We will notify you through the usual communication channels if any significant changes are made.

Who is the data controller?

 

  1. Corosa is the data controller of your data. Its coordinates are: Corosa BV, Dennenlaan 77, 2243 Zandhoven, e-mail address. As such, Corosa is your contact and is the one who must answer to the Data Protection Authority regarding the processing of your personal data. Corosa determines the purposes for which your personal data will be processed as well as the means used and the characteristics of the processing.
  1. Corosa may engage specialized service providers to process your personal data on behalf of Corosa and according to Corosa’s instructions in accordance with this privacy policy. Only the personal data that are strictly necessary will be transmitted to these service providers (hereinafter referred to as Corosa’s processors).

What categories of personal data does Corosa process?

  1. The categories of personal data that Corosa may process are listed below. Other data may also be processed if necessary or useful for the continuation of the contractual relationship with Corosa. This will indicate the context in which Corosa obtains or processes this data.
  1. Corosa does not process data that reveals your racial or ethnic origin, or political opinions, religious or philosophical beliefs, trade union membership, health or life data or sexual orientation, genetic data or biometric data.
  1. Corosa processes your contact information so that it can schedule appointments and contact you if necessary (e.g., to process an order, schedule an appointment,…). Your financial data are also processed for accounting purposes. Your personal data will also be processed by Corosa, see article 10 and following below.
  1. Corosa also processes images, such as photographic and videographic images taken by Corosa and Corosa staff during recordings, events, etc. Corosa requests the waiver of portrait rights of the persons recognizable in the images for communication to the public and exploitation for promotional and/or publicity purposes (see the document “Waiver of portrait rights”.

For what purposes does Corosa process your personal data?

 

  1. Corosa collects and processes your personal data for the purpose of providing proper delivery in fulfillment of an agreement (oral or written) (Art. 6.1.b AVG).
  1. These data are processed based on the contractual relationship Corosa has with you for the provision of its services as a supplier.
  1. Corosa ensures that only necessary and relevant data are processed for a specific purpose.
  1. Corosa processes your data in the situations permitted by law, specifically:
  • To comply with legal obligations imposed on Corosa;
  • To serve the legitimate interests of Corosa, balancing these interests with your fundamental rights and freedoms;
  • In specific cases, with your consent, as a result of a specific and unambiguous request, preceded by clear and comprehensible information; you may withdraw this consent at any time in accordance with the law.

Legal obligations

 

  1. Corosa must comply with legislation that, in specific circumstances, obliges it to process your personal data in the context of its activities. These obligations may require Corosa to cooperate with the competent authorities and/or third parties, and possibly transfer certain of your personal data to them.

These include:

  • The obligation to contribute to the prevention of money laundering and terrorist financing
  • The obligation to respond to a formal request from Belgian tax and judicial authorities
  • The list of legal obligations that require Corosa to process your data is not exhaustive and is subject to change.

Contractual relations between Corosa and you as a client

 

  1. Before entering into contracts, Corosa may need to obtain and process certain information, in particular to, among other things:
  • respond to your request,
  • assist you in providing information and concluding the contract
  • follow up a request, evaluate the suitability and assess the risks related to a possible contract.

In the context of ongoing contracts or the management of contracts, Corosa needs to process some data, in particular to comply with administrative and accounting obligations.

In this context, your data may be sent internally by Corosa to various departments, including to those who are not directly responsible for the relationship with you or the execution of a particular contract.

Specifically, Corosa holds your data in the execution of contracts as follows:

  • Management of current contracts/requested services,
  • Central management and general picture of clients.

Corosa may process your personal data for additional purposes in the context of the relationship with you and the execution of contracts.

Legitimate interests of Corosa

 

Corosa processes your data for the fulfillment of its legitimate interests as a supplier. In doing so, Corosa strives to strike a fair balance between the need to process data and respect for your rights and freedoms, including the protection of privacy.

Personal data is processed for, among other things:

 

  • Personalizing the projects of Corosa
  • Improving the quality of the services provided to you by:
    • Evaluating and improving deliveries, …
    • Monitoring Corosa’s activities, including the volume of sales, the number of deliveries, the number of calls and visits to Corosa’s website, the nature of customer inquiries made to Corosa, etc.
  • The training of our staff,
    • The use of cookies to improve the user experience of visitors to its website. For more information on how cookies work and ways to limit the use of cookies and delete them, please see our Cookie Policy (add hyperlink).
    • Retaining notes from previous projects to optimize subsequent projects (archives).
  • The establishment, exercise, defense and preservation of the rights of Corosa or all persons it represents, for example for collection procedures or disputes.
  1. Corosa may process your personal electronic contact data (namely your cell phone number and email address) in order to send you personal information and data. In this case, Corosa must first seek your specific consent.

By accepting this privacy policy, you give your consent to the processing of your personal data for sending electronic advertisements.

To whom does Corosa transfer your personal data?

 

  1. Corosa treats your personal data with the utmost care. You can request access to the data yourself so that you can see at any time what information Corosa holds. Corosa only transfers your data to your specific service provider in order to provide the best possible service for projects. You may request access. Your information will not be shared with third parties except with your express written consent. You may withdraw this consent at any time.
  1. In some cases, Corosa is required by law to share your information with third parties, including:
  • Government agencies or supervisory authorities when there is a legal obligation to transfer information
  • Judicial investigative bodies upon their express request

Likewise, your personal information may be communicated to bailiffs or lawyers in the context of legal proceedings.

In the aforementioned cases, Corosa will ensure that third parties only have limited access to personal data necessary to perform the specific tasks required. Corosa will also ensure that third parties undertake to use and use the personal data in a secure and confidential manner in accordance with Corosa’s instructions and its data protection policy.

  1. Corosa keeps your personal data within the EEA. Therefore, no data is transferred to countries outside the EEA.

How long will your personal data be kept?

 

  1. Corosa will retain your personal data for no longer than is necessary to fulfill the purposes for which the data was collected.

This period is linked to Corosa’s legal and tax obligations, as well as the legal need to keep your data beyond the retention period for evidence or to respond to requests for information from the competent authority, for example:

  • 10 years in the context of anti-money laundering legislation
  • 10 years in the context of Corosa’s contractual liability.

Outside these periods, your personal data will be deleted or anonymized.

How are your personal data protected?

 

  1. Corosa applies strict standards to protect the personal data under its control from unauthorized or unlawful processing and from accidental loss, destruction or damage.
  1. Corosa only handles documents in a digital system, no physical copies are maintained. In this system all documents related to the person or treatment are kept.

Corosa takes measures of technical and organizational nature such as encryption, antivirus, firewalls, access controls, strict selection of employees and suppliers, in order to prevent and detect inappropriate access, loss or disclosure of your personal data.

In the unlikely and unfortunate event that your personal data under Corosa’s control is compromised by an information security breach, Corosa will act promptly to identify the cause of such breach and take action through appropriate remedial measures. If necessary, Corosa will notify you of this incident in accordance with applicable law.

What are your rights when processing your personal data?

 

Right of access, rectification, restriction, erasure, portability of data and objection

 

  1. For the purposes stated above, you have:
  • A right to access your personal data with Corosa. This means that you can ask Corosa whether it processes your personal data, for what purposes they are processed, which categories of data are processed, and to whom they are communicated.
  • A right of rectification if you determine that your personal data is incorrect or incomplete.
  • A right of limitation if, for example, you dispute the accuracy of your personal data for a period that allows Corosa to verify it.
  • A right to erase your personal data. Once your contract with Corosa has ended, you may ask Corosa to delete your personal data if it is no longer necessary for the purposes for which it was collected. You may also at any time request the deletion of personal data processed by Corosa on the basis of your consent (unless Corosa has another legal basis for the processing) or on the basis of the legitimate interest of Corosa (unless there are overriding compelling legitimate grounds for the processing). In any case, Corosa may keep this personal data if it would be required for evidentiary purposes in the context of legal proceedings.
  • A right to portability of data that you yourself have provided to Corosa if your personal data are processed on the basis of an agreement or on the basis of your consent to the sending of electronic communications and these personal data are processed using automated processes. Under this right, you can ask Corosa to forward your personal data to yourself or directly to another data controller, insofar as this is technically possible for Corosa.

You have the right to object to the processing of your data for the purposes of legitimate interest or public interest. In this case, however, Corosa may continue processing the personal data if there are compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms or grounds related to the establishment, exercise or support of a legal claim.

You can exercise your rights by sending a written request by post, dated, signed and with a copy of your identity document enclosed to Corosa, Dennenlaan 77, 2243 Zandhoven or by email to email address or by visiting the contact form on the website via hyperlink. 

Right to oppose the sending of electronic advertising

 

  1. In art. 16 your consent was requested to process and use your electronic contact data to send commercial information and personal proposals to you. This applies in particular to communications to your cell phone number and e-mail address.

You have the right to object to the processing of your personal data for electronic direct marketing and to oppose the future receipt of such advertising.

You can make this known to us in the following ways:

  • By sending an e-mail with a copy of your identity card to e-mail address
  • By sending a letter by post with a copy of your identity card to Corosa, Dennenlaan 77, 2243 Zandhoven.
  • By sending a request via the contact page on our website via website: https://corosa.be/contacteer-ons/
  • However, the exercise of the right to object cannot prevent Corosa from contacting you for any other purpose, including a legal obligation or the performance of the contract, in accordance with this statement.

Right to file a complaint

 

  1. If you have any complaints regarding the processing of your personal data, you may contact Corosa as follows:
  • By post: Corosa, Dennenlaan 77, 2243 Zandhoven
  • Via the contact form on my website via hyperlink: https://corosa.be/contacteer-ons/.
  • You can also file a complaint with the Commission for the Protection of Privacy: by post at the address Drukpersstraat 15, 1000 Brussels or via their website: https://www.gegevensbeschermingsautoriteit.be/burger/acties/klacht-indienen. You can also reach the Commission by phone at +32 2 274 48 00 or by email at contact@apd-gba.be.