The website www.stijl.be (hereafter: the “Website”) is provided by:
STIJL BV (hereafter “STIJL”, “We” en “Us”)
RUE ANTOINE DANSAERTSTRAAT 74
VAT BE 0841.677.413
Phone: +32 2 513 42 50
1. WHY THIS PRIVACY STATEMENT?
Every person who visits the Website (hereinafter the "Visitor") as well as everyone who uses our services (hereinafter the "Customer") almost inevitably discloses certain personal data. These personal data constitute information that allows us to identify you as a natural person, regardless of whether we actually do so. You are identifiable as soon as it is possible to create a direct or indirect link between one or more personal data and you as a natural person. The Visitor and the Customer are hereinafter also referred to collectively as the "Data Subject".
We use and process your personal data in accordance with the GDPR and other relevant legal provisions. Any reference to the GDPR in this Privacy Statement is a reference to the Regulation of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).
Through this Privacy Statement, each Data Subject is informed of the processing activities that STIJL may carry out with their personal data. STIJL reserves the right to modify this Privacy Statement at any time. Any substantial amendment will be clearly notified to the Data Subject. We advise the Data Subject to consult this document regularly.
2. WHO PROCESSES YOUR PERSONAL DATA?
STIJL determines alone or in cooperation with others which personal data are collected, as well as the purpose and means of processing these personal data. Consequently, STIJL is a 'controller' within the meaning of the GDPR.
STIJL has taken appropriate technical and organizational measures to protect the personal data of its Visitors and Customers. STIJL uses various appropriate security technologies and procedures to protect your personal data from unauthorized access, use or disclosure. STIJL ensures that the personal data provided is kept secure in a controlled environment.
STIJL uses carefully selected "data processors" to process the personal data of Visitors and Customers. A processor is a natural or legal person who processes personal data at the request of or on behalf of the controller. The processor is obliged to ensure the security and confidentiality of the personal data. The processor always acts in accordance with the instructions of the controller.
STIJL relies on the following categories of « processors »:
• Companies we have engaged for marketing purposes;
• Companies we've engaged for ICT technical support and hosting purposes;
• Companies that we have engaged for administrative purposes (e.g. CRM system);
• Companies that we have engaged for communication purposes (e.g. live chat on the website);
• Companies that we have engaged for logistic purposes (e.g. order picking, delivery, etc.);
• Companies that we have engaged for analytical purposes;
• Companies that we have engaged for payment purposes.
In order to ensure optimal protection of the personal data of the Data Subjects, STIJL has entered into the necessary contractual arrangements with the above-mentioned data processors to ensure that they apply the same high standards as STIJL.
A transfer of personal data to a processor outside the European Economic Area (EEA) can only take place to countries for which the European Commission has determined that they offer the same adequate level of protection or, if this would not be the case, to the extent that STIJL has made the necessary contractual arrangements with this processor, taking into account the standard provisions as imposed by the European Commission.
3. ON WHAT LEGAL BASIS ARE YOUR PERSONAL DATA PROCESSED?
In accordance with the GDPR, we process personal data on the basis of the following legal grounds:
• On the basis of the performance of the contract as agreed with the Customer, or the exercise of pre-contractual steps taken at the request of the Data Subject; or
• On the basis of compliance with legal or regulatory provisions, relating to the management of the contractual relationship with the Customer, in particular invoicing;
• Based on our legitimate interest in responding to requests for information from Visitors and Customers;
• Based on our legitimate interest in sending promotional offers (direct marketing) to our Customers;
• On the basis of our explicit consent to the sending of promotional offers (direct marketing) to Visitors.
4. WHAT PERSONAL DATA ARE PROCESSED?
STIJL undertakes to collect and process only those personal data that are relevant and necessary for the purposes for which they are processed.
How much and which personal data STIJL collects about you depends on your use of the Website and/or our services. The collection of personal data is further expanded as more intensive use is made of our Website and our online services. In general, Customers will disclose more personal information than Visitors. Specifically, we process the following categories of personal data:
• Personal identification details (surname, first name, address, login details);
• Contact details (telephone number and e-mail address);
• Financial identification data (bank details);
• Personal data (gender, age, date and place of birth, nationality);
These personal data are collected when the Customer places an order via our Website. Other personal data may be collected at a later date, for example as part of our after-sales service.
• Personal identification data (surname, first name, address, login details);
• Contact details (telephone number and e-mail address);
• Electronic identification data (cookies, IP address);
These personal data are collected when you visit our Website and in particular when you fill in and submit our contact form.
5. FOR WHAT PURPOSES ARE YOUR PERSONAL DATA USED?
The processing of your personal data is essential for the proper functioning of the Website and the related services. The collection of personal data is further expanded as the Data Subject makes more intensive use of our Website and our online services.
Processing will only take place for the following specific purposes:
• Customer management: customer administration, order management, deliveries, invoicing, checking creditworthiness, support and complaints monitoring.
• Personalized marketing and advertising. In that case, the Customer has the right to unsubscribe at any time.
• Answering information requests via the contact form on the Website;
• Personalized marketing and advertising if the Visitor has expressly agreed to this. In that case, the Visitor is free to withdraw his/her consent at any time.
Furthermore, the Personal Data of the Complainant may also be used for the following purposes:
• Dispute management.
• Protection against fraud and offences.
When visiting the Website, some data is collected for statistical purposes. Such data is necessary to optimize the use of our Website. These data are: presumed place of consultation, time and day of consultation, which pages were visited, etc. In order to protect your privacy as much as possible, these data are always anonymized.
Under no circumstances do we collect sensitive personal data, such as data about your race, political opinions, health, religious and other beliefs, sexual orientation and the like.
The Data Subject always provides the personal data himself/herself to STIJL and can thus exercise a certain degree of control. STIJL reserves the right to suspend or cancel certain operations if the required personal data is missing, incorrect or incomplete.
6. WHO RECEIVES YOUR PERSONAL DATE?
Your personal data will only be processed for internal use within STIJL. Your personal data will not be sold, passed on or communicated to third parties, except if you have given us your explicit permission beforehand or if the transfer is necessary for the execution of the agreement or is required by law.
7. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
Your personal data will be kept as long as this is necessary to pursue the stated goals. They will be removed from our database when they are no longer needed to pursue these purposes or if the Data Subject validly exercises the right to remove the personal data.
8. WHAT ARE YOUR RIGHTS?
1. Guarantee of lawful and secure processing of personal data
Your personal data will always be processed for legitimate purposes, as set out in Article 5. They shall be collected and processed in an appropriate, relevant and proportionate manner, and shall not be kept longer than necessary to achieve the objectives pursued.
2. Right of inspection
If you can prove your identity, you acquire the right to obtain information about the processing of your personal data. Thus, you have the right to have access to the purposes of the processing, the categories of personal data, the categories of recipients to whom the personal data are sent, the criteria that determine the period of data retention and the rights that you can exercise with regard to your personal data.
3. Right of rectification of personal data
Inaccurate or incomplete information can be corrected. It is first and foremost the responsibility of the Data Subject to provide us with the correct information. If something has gone wrong, the Data Subject can also contact us with a request for a change.
4. Right to erase your personal data
You also have the right to obtain the deletion of your personal data, in the following cases:
• Your personal data are no longer needed for the intended purpose;
• You revoke your consent to the processing of your personal data and there is no other legal basis for processing your personal data;
• You have legitimately objected to the processing of your personal data;
• Your personal data is being processed in an unlawful manner;
• Your personal data must be removed on the basis of a legal obligation.
The removal of personal data is mainly related to visibility; it is possible that the deleted personal data will remain temporarily stored.
5. Right to restrict processing
In some cases, you have the right to request restrictions on the processing of your personal data. This is certainly the case in the event of a dispute regarding the accuracy of personal data, if the personal data is necessary in the context of legal proceedings or during the time necessary for STIJL to establish that you can validly exercise your right of deletion.
6. Right to object
You have the right to object at any time to the processing of your personal data for 'direct marketing' purposes, profiling purposes or purposes arising from the legitimate interests of the data controller. STIJL will cease processing your personal data unless STIJL can demonstrate that there are compelling legal reasons to process your personal data which take precedence over your right to object.
7. Right to data portability
You have the right to obtain the personal data provided to STIJL in a structured, common and machine readable form. In addition, you have the right to transfer these personal data to another data controller, unless this is technically impossible.
8. Right to revoke your consent
You have the right to withdraw your consent at any time, for example if you have given it as a Visitor for direct marketing purposes.
9. HOW CAN YOU EXERCISE YOUR RIGHTS?
If you wish to exercise your rights, you must send an e-mail to firstname.lastname@example.org. We will reply as soon as possible, at the latest one (1) month after receiving your request.
10. POSSIBILITY TO LODGE A COMPLAINT
If you have any comments or complaints about the way in which we handle your personal data, please report them to us first. In this way we can reach an amicable solution in mutual consultation.
If, after this notification, you are still not satisfied with the processing of your personal data by STIJL, you have the right to lodge a complaint with the competent supervisory authority (for Belgium: https://www.dataprotectionauthority.be/citizen