This privacy statement informs you about how we process your Personal Data. We may ask you – throughout our website to share certain Personal Data with us, including but not restricted to your name, surname and phone number and email address (identification data).
We only collect Personal Data that is necessary to inform you about our projects and services, to carry out an agreement with you and to be in contact with you.
The processing of your Personal Data is subjected to this privacy statement. For questions and/or comments please contact [email protected]
By providing your Personal data you are considered to have acknowledged the use of your Personal data in accordance with this privacy statement.
Article 1 DEFINITIONS
“FLEXIROOM SARL” having its registered office at 153-155 Rue du kiem L-8030 Strassen Luxembourg, registered in Luxembourg Business Registers with number B 21 92 88
“Website” Means the website of Flexiroom : https://flexiroom.eu/
“Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, including any information that allows a natural person (also “data subject”) to be identified or with which a natural person can be identified.
“Controller” has the meaning as defined in the General Data Protection Regulation 2016/679. Flexiroom will be qualified as the Controller which determines the purposes and means for the processing of your Personal data.
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which processes the Personal data on behalf of and under orders of the Controller
ARTICLE 2 PROCESSING PURPOSES AND LEGAL GROUND
As part of our services and activities, we collect and process the identity and contact data of our clients. The purposes for these processing operations are the performance of agreements with our customers, customer management, and direct marketing activities such as sending newsletters, promotional or commercial information. The legal grounds are the performance of the agreement, the compliance with legal and regulatory obligations, our legitimate interest and in some cases permission.
Data of suppliers and subcontractors
We do not collect data of our suppliers and subcontractors, nor their (sub)subcontractors, personnel, workers, or agents
Data of personnel
We process the Personal Data of our employees as part of our HR management and payroll administration.
In addition to the data of customers, suppliers/subcontractors and personnel we also process Personal Data of others, such as potential new customers/prospective customers, useful contacts in our sector, network contacts, contacts of experts, etc. This is via our Website or via other channels. The purposes of these processing operations are in the interest of our activities, direct marketing and public relations. The legal ground is our legitimate interest, the performance of an agreement and/or in some cases permission.
Specifically, we may use the Personal data we collect for the following purpose:
• to provide information to you regarding our projects and services;
• to provide our services to you and perform possible agreements;
• to process and treat possible complaints or requests;
• to help us evaluate, correct or improve our services;
• for direct marketing purposes;
• for internal reasons, including business administration and archiving purposes.
ARTICLE 3 – CONFIDENTIALITY OF YOUR PERSONAL DATA
Every time you, as a visitor of our website, provide Personal data to us, we will treat this information in accordance with the provisions of this privacy statement and the legal obligations in connection with the processing of Personal Data, including the General Data Protection Regulation 2016/679.
We implement appropriate measures and procedures to secure and protect the Personal Data we collect through the website.
In this way we undertake, as far as can reasonably be expected, to prevent any illegal processing of Personal Data and unintentional loss or destruction of your Personal Data. Despite these precautions, we cannot guarantee that your Personal Data will be protected if it is forwarded outside the Website in an unsecured manner through other channels or otherwise communicated.
We try to optimize the security of your Personal Data by limiting access to your Personal data to individuals on a “need-to-know” basis (for example only employees, workers, suppliers or subcontractors who need your Personal Data for the purposes described in Article 2 will be able to access the data).
ARTICLE 4 – HOW DOES FLEXIROOM USE YOUR PERSONAL DATA AND HOW LONG IS IT SAVED?
We collect your Personal Data in the following cases – non exhaustive:
• when sending a request for information on the website (via the contact form);
• when booking a call on the website (using the designated form);
• When you reach out to us via the chat box on our website;
• when you reach a contract (of employment) with us;
• if you call, mail or correspond with us in any other way other than via the website
We can combine the Personal Data we collect with information you provide to us in another way or which third parties provide to us.
We save and process Personal Data for a period that is necessary to fulfil the purposes of the processing and to fulfil the (possibly contractual) relationship between the company and you.
Customer data and data of suppliers or subcontractors will in any case be deleted from our systems after a period of 7 years following the termination of the agreement or project, with the exception of Personal Data that we are required to save for a longer period following specific legislation or in the event of an ongoing dispute for which the Personal Data is still necessary.
Data collected via a form on our Website or via another channel (other data) is not saved for longer than a period of 2 years after the last time there was a meaningful contact with you.
Personal Data of personnel is removed after a period of five years following termination of the working relationship.
We avoid the collection of Personal Data that is not relevant for the purposes set out in Article 2.
ARTICLE 5 – TRANSFER OF PERSONAL DATA
Personal Data will not be transferred to third parties outside the European Union, with the exception of subcontractors or workers who save the data on servers in the United States, and who have agreed to respect the “Privacy Shield” or the Standard Contract provisions of the European Commission and offer an adequate level of security for the processing of personal data
Furthermore, we will not transfer Personal Data to parties located within the European Union other than with your consent, unless:
the transfer is necessary to allow Affiliated Enterprises, workers, agents or subcontractors to provide their services or perform a task on our behalf (including the provision of marketing support, conducting market research or providing customer services); this is required by law.
Any transfer of Personal Data to a recipient as listed above is in accordance with the provisions of the General Data Protection Regulation 2016/679.
We shall ensure that measures are adopted so that the recipients cannot use this Personal Data for purposes other than those listed exhaustively in Article 2 and also, that the recipients have taken sufficient technical and organizational measures to protect these data.
To guarantee the security of Personal Data, we will always reach a processor agreement with the aforementioned recipients of this Personal Data, and where applicable also Standard Contract Provisions as provided by the European Commission.
We will take all necessary precautions to ensure that employees and workers who have access to Personal Data process this exclusively in accordance with this privacy statement and the legal obligations under the General Data Protection Regulation 2016/679.
ARTICLE 6 – RIGHTS OF THE DATA SUBJECT
On the grounds of both Belgian and European legislation on the protection of Personal Data you have the following rights. If you want to use these rights, you must send a written request with a copy of your identity card to [email protected]
We will inform you within 1 (one) month after receipt of the request about the action that will be taken. However, this period may be extended to a maximum of 3 (three) months, in which case you will be informed of the reasons for this delay within 1 (one) month of the original request.
Right of access to Personal Data
You have the right to instruct us to disclose any Personal Data that we hold about you, provided that the rights of other data subjects are not affected.
Right to rectify Personal Data
We kindly ask you to ensure that the Personal Data in our database is as accurate and complete as possible. If you believe that the data provided to us is incorrect or incomplete, please inform us as described above. Your Personal Data will be corrected or supplemented as soon as possible.
Right to erase Personal Data
You have the right to delete your Personal Data without undue delay in the following cases:
• if it is no longer necessary to retain the Personal Data for the purposes for which it was collected or otherwise processed;
• in the event of withdrawal of consent for permission-based processing;
• processing intended for direct marketing; and
• if the Personal Data was unlawfully processed.
However, there are certain general exclusions to the right to erase. These general exclusions comprise the cases where processing is necessary:
• For exercising the right of freedom of expression and information.
• for compliance with a legal obligation. or
• for the establishment, exercise or defense of legal claims.
Right to limit the processing of Personal Data
• In the following cases you have the right to limit the processing of your Personal data:
• to dispute the correctness of your Personal Data;
• when the processing is unlawful, but you do not want the Personal Data to be erased; or
• if you object to the processing of your Personal Data, and verification of that objection is pending.
• If processing is restricted on this basis, we may continue to store your Personal Data. However, we will only process the data with your express consent to institute, exercise or defend legal claims, to protect the rights of another natural or legal person or for reasons of substantial public interest.
Right to object
You have the right to object to our processing of your Personal Data.
The right of data portability
If you wish to exercise your right of data portability, we will transfer the Personal Data in a structured, common and machine-readable form to a data controller of your choice.
Right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is your consent, you have the right to withdraw your consent at any time. However, such withdrawal shall not affect the lawfulness of the processing that took place before the withdrawal.
Right to make a complaint with the supervisory authority
You can contact the Data Protection Authority at any time by sending an email to [email protected] or by sending a written request to the Data Protection Authority, located at 1000 Brussels, Drukpersstraat 35.
ARTICLE 7 – REFERRAL TO THIRD PARTIES
The Website or Member Platform may contain links to other websites that are not managed by us. While we do our utmost to ensure that links only lead to websites that have corresponding security and confidentiality standards, we are in no way responsible for the protection and confidentiality of Personal Data, including the data you provide on other websites, after you leave the Website.
We reiterate that you must work carefully and always consult the privacy statement that applies to the website in question before providing Personal Data on other websites.