Privacy policy Whyte Corporate Affairs

Effective since: May 25, 2018

We make it a matter of pride to respect the privacy of our users and to treat their personal data in the strictest confidentiality and in accordance with the legislation in force.

The privacy policy is intended to inform you, in a transparent manner, about the data we collect, the purpose for collecting it, the way we use it and the rights you have regarding the processing of such data.

On this page, we provide you with a simplified version of our privacy policy in the form of questions and answers. We invite you to also read the detailed version available here.

We draw your attention to the need to read this privacy policy carefully. If you have any other questions, do not hesitate to contact us at the following address: privacy@whyte.be

  1. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?

Whyte Corporate Affairs is the controller of your personal data.

Here is our complete contact information:

Whyte Corporate Affairs SA/NV,
Clos Lucien Outers / Lucien Outers Gaarde 11-21 – 1160 Brussels

Belgian business registry (BCE) number: BE0806.144.927.

info@whyte.be

We have appointed as a single point of contact within our company a data protection officer (more commonly known as “DPO”) whose contact details are: Eveline de Ridder – edr@whyte.be

  1. WHAT DATA DO WE COLLECT?

 We collect your data – personal or otherwise – for various reasons which are defined in the following point (see point 3). It includes the following data:

  • your identifying information (surname, first name, marital status, e-mail address, date of birth and delivery address);
  • your bank details (credit card number, IBAN and BIC/SWIFT) and invoicing details;
  • our communications (by email or other);
  • the type of domain with which you connect to the Internet;
  • the IP address assigned to you;
  • the date and time of your access to our website;
  • location data or other data relating to the communication;
  • the pages you viewed on our website;
  • the type of browser, platform and/or operating system you are using;
  • the search engine and the keywords used to find the website;
  • your browsing preferences;

any other data that you would communicate to us.

  1. WHY DO WE COLLECT YOUR DATA?

 We collect your data mainly to send our newsletter, improve our service and, more generally, to easily communicate with each other. Finally, your data also allow us to improve and facilitate your navigation on our website. The legal bases for processing your data are listed in the full version of the Privacy Policy.

  1. HOW DO WE COLLECT YOUR DATA?

 Most of your data is communicated to us by your active intervention. Other data, such as the date and time of your access to our website, the pages you have viewed, or your location data, are collected automatically through servers consulted and “cookies” placed on our website.

We may also collect data about you through other companies in which case we will inform you.

  1. ARE YOUR DATA PROTECTED?

 We take pride in respecting the privacy of our users. We maintain a strict privacy policy and take all appropriate measures to ensure that our servers prevent, to the extent possible, any unauthorized leak, destruction, loss, disclosure, use, access or modification of your data.

  1. HOW LONG DO WE STORE YOUR DATA?

 We keep your data for the time necessary to accomplish the objectives pursued (see point 3). Once this goal is achieved, we delete them. 

  1. WHAT ARE YOUR RIGHTS AND HOW CAN THEY BE EXERCISED?

You may, at any time, request to verify, access, rectify, delete, transfer and object to the use of your data, as well as request the limitation of such use of your data. To do so, simply send us an email at the following address: privacy@whyte.be.  We will then make every effort to take the necessary action as soon as possible.

  1. WHO HAS ACCESS TO YOUR DATA AND TO WHOM ARE THEY COMMUNICATED?

 Our employees and subcontractors have access to your data only to the extent necessary for fulfilling the objectives pursued (see point 3). Each of them is subject to a strict obligation of confidentiality. The categories of recipients are listed in the full version of the Privacy Policy.

  1. DO WE TRANSFER YOUR DATA ABROAD?

We only transfer your data to a non-EU country if it provides a level of protection equivalent to what you can find in your country of residence (for more information, please check: https://goo.gl/1eWt1V).

  1. WHAT HAPPENS IN THE EVENT OF A CHANGE TO THE PRIVACY POLICY? 

If we had to make any changes to this privacy policy, you would be notified through our website. 

  1. WHAT TO DO IN THE EVENT OF A DISPUTE?

Lengthy trials do not benefit anyone. In the event of a dispute between us, we commit to give priority to dialogue and openness in search of an amicable solution. You can also contact the Data Protection Authority.

_____________________________________________________

PRIVACY POLICY
Whyte Corporate Affairs

Effective since: May 25, 2018

  1. GENERAL WARNING 

1.1       The Whyte Corporate Affairs SA/NV (hereinafter, «Whyte Corporate Affairs») respects the privacy of its users (hereinafter, the “Users“).

1.2       Whyte Corporate Affairs processes the personal data transmitted to it in accordance with the legislation in force, and, in particular, Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, applicable from 25 May 2018 (hereinafter the “General Data Protection Regulation“).

1.3       Access to the website [WEBSITE LINK] (hereinafter, the “Website”) implies the User’s full and unreserved acceptance of this Privacy Policy (hereinafter the “Policy”), as well as its general terms of use (hereinafter the “Terms”) and the cookie policy (hereinafter, the “Cookie Policy”).

1.4       The Policy is valid for all pages hosted on the Website and for the registrations of this Website. It is not valid for the pages hosted by third parties to which Whyte Corporate Affairs may refer and whose privacy policies may differ. Whyte Corporate Affairs cannot therefore be held responsible for any data processed on these websites or by them. 

  1. DATA CONTROLLER AND DATA PROTECTION OFFICER

 2.1       Simply visiting the Website shall take place without having to provide any personal data, such as first name, surname, postal address, e-mail address, etc.

 2.2       As part of the Service, the User may be required to provide certain personal data. In this case, the data controller is:

WHYTE CORPORATE AFFAIRS SA/NV
Clos Lucien Outers / Lucien Outers Gaarde 11-21 – 1160 Brussels
Belgian business registry (BCE) number: BE0806.144.927

2.3       The data protection officer appointed by Whyte Corporate Affairs shall have at least the following task:

a) to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to the legislation in force in relation to the protection of personal data ;

b) to monitor compliance with the legislation in force and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;

c) to provide advice where requested as regards the data protection impact assessment and monitor its performance ;

d) to cooperate with the supervisory authority;

e) to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation and to consult, where appropriate, with regard to any other matter.

2.4       Any question regarding the processing of this data may be sent to the following address: privacy@whyte.be

  1. DATA COLLECTED 

3.1       By completing the order form on the Website and using the Service, the User allows, in particular, Whyte Corporate Affairs to record and store, for the purposes mentioned in point 4, the following information:

  • identifying data, such as the first name and surname, marital status, e-mail address, date of birth and delivery address;
  • the banking information necessary for the Service, such as bank account numbers, IBAN and BIC/SWIFT;
  • invoicing information;
  • communications between the User and [COMPANY NAME];
  • The User also authorizes Whyte Corporate Affairs to record and store the following data for the purposes mentioned in point 4:
    • information voluntarily provided by the User for a purpose specified in the Policy, the general terms and conditions of sale (hereinafter the “GTC“), the Terms, the Cookie Policy, on the Website or on any other medium of communication used by Whyte Corporate Affairs;
    • additional information requested by Whyte Corporate Affairs to the User in order to identify him or to prevent him from violating any of the provisions of the Policy;

3.3       In order to facilitate browsing the Website as well as to optimize technical management, the Website may use “cookies”. These “cookies” record, in particular:

  • the User’s browsing preferences;
  • the date and time of access to the Website and other data related to traffic;
  • the pages visited;

3.4       When the User accesses the Website, the servers consulted automatically record certain data, such as:

  • the type of domain with which the User connects to the Internet;
  • the IP address assigned to the User (when connected);
  • the date and time of access to the Website and other data related to traffic;
  • location data or other data relating to the communication;
  • the pages visited;
  • the type of browser used;
  • the platform and/or operating system used;
  • the search engine as well as the keywords used to find the Website.

3.5       No nominative data identifying the User is collected through the cookies and servers consulted. This information is kept for statistical purposes only and to improve the Website.

  1. PURPOSES OF PROCESSING THE DATA

4.1       We process your data for various purposes. For each purpose, only the data relevant to the pursuit of the purpose in question are processed. The processing consists of any operation (manual or automated) on a personal data. Whyte Corporate Affairs  collects, stores and uses its Users’ data for the following purposes, in particular:

  • to establish, carry out and conduct the contractual relationship with the User;
  • to analyse, adapt and improve the content of the Website;
  • to provide the Service;
  • to allow the User to receive messages;
  • to facilitate the availability and use of the Website;
  • to personalize the User’s experience on the Website;
  • to respond to requests for information;
  • for any marketing activities and promotions proposed by [COMPANY NAME] to Users who have given their consent;
  • to inform them about any changes on the Website and its features;
  • for any other purpose to which the User has expressly consented.

4.2       The legal basis of the processing of your personal data is based on:

  • your consent ;
  • the execution of any request from you; ,
    We do need to collect some of your data to answer any request from you. If you choose not to share this data with us, it may render the performance of the contract impossible.
  • a legal obligation imposed on the controller ;
    We do need to collect and store some of your data to meet various legal requirements, including tax and accounting.
  • the protection of vital interests; ,
  • for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or
  • our legitimate interest, provided that it is in accordance with your interests, freedoms and fundamental rights.

We have a legitimate interest in providing you with this information and interacting with you, especially to respond to your requests or improve our services, prevent abuse and fraud, control the regularity of our operations, exercise, defend and preserve our rights, for example in litigation, as well as evidence of a possible violation of our rights, manage and improve our relations with you, continually improve our website and our products/services, unless such interests are supplanted by your interests or your fundamental rights and freedoms requiring the protection of your personal data. We take care in any case to maintain a proportionate balance between our legitimate interest and respect for your privacy.

If the legal basis of our treatment is your consent, you have the right to withdraw it at any time without prejudice to the lawfulness of the processing performed prior to withdrawal.

In the context of direct marketing, this means that you can unsubscribe at any time from newsletters and other commercial communications from us. You will be put in “opt-out”. You can unsubscribe by sending us an email at the following address: privacy@whyte.be or by clicking on the unsubscribe link at the bottom of each email.

  1. RIGHTS OF THE DATA SUBJECT

5.1       According to the regulations on the processing of personal data, the User has the following rights:

  • Right to be informed about the purposes of the processing (see above) and the identity of the data controller.
  • Right of access: the User may at any time have access to the data that Whyte Corporate Affairs has on him or check if it is included in the database of Whyte Corporate Affairs .
  • Right to rectification : we take all reasonable steps to ensure that the data we hold is up to date. We encourage you from time to time to access your account (if applicable) or to consult us to check that your data is up to date. If you find that your data is inaccurate or incomplete, you have the right to ask us to correct it.
  • Right to object: the User may, at any time, object to the use of his data by Whyte Corporate Affairs and by its active partners (…) .
  • Right to erasure: the user may, at any time request the deletion of his personal data, except those which Whyte Corporate Affairs has a legal obligation to keep on record.
  • Right of limitation of processing: the User may, in particular, obtain a limitation of processing when he has objected to the processing, when he disputes the accuracy of the data, or when he considers that the processing is illegal.
  • Right of portability: The User has the right to receive the personal data that he has communicated to Whyte Corporate Affairs and may also ask said company to send this data to another data controller.

5.2       In order to exercise his rights, the User sends a written request, accompanied by a copy of his identity card or his passport, to the data controller:

  • by e-mail: cs@whyte.be
  • by mail: Whyte Corporate Affairs – Caty Stinkens – Clos Lucien Outers Gaarde 11-21 – 1160 Brussels

5.3       Whyte Corporate Affairs will then take the necessary steps to satisfy this request as soon as possible and in any case within one month of receipt of the application. If necessary, this period can be extended by two months, given the complexity and the number of requests. 

  1. PERIODE OF STORAGE

6.1       Whyte Corporate Affairs will keep the personal data of its Users for the duration necessary to achieve the objectives pursued (see point 4).

6.2       Whyte Corporate Affairs may also continue to keep personal data concerning the de-registered User, including all correspondence or request for assistance sent to Whyte Corporate Affairs in order to be in a position to reply to all questions or complaints that may be sent to it after the order, and in order to comply with all applicable laws, namely in tax matters or as part of other legal requirements. 

  1. COMPLAINT WITH THE SUPERVISORY AUTHORITY

The User is informed that he has the right to lodge a complaint with the Data Protection Authority:

Data Protection Authority
Rue de la Presse, 35, 1000 Brussels
Tel : +32 (0)2 274 48 00
commission@privacycommission.be

  1. SECURITY

8.1       Whyte Corporate Affairs has taken the appropriate organizational and technical measures to ensure a level of security adapted to the risk and that, to the extent possible, the servers hosting the personal data processed prevent:

  • unauthorized access to or modification of this data;
  • improper use or disclosure of such data;
  • unlawful destruction or accidental loss of such data.

8.2       In this respect, employees of Whyte Corporate Affairs who have access to this data are subject to a strict confidentiality obligation. Nevertheless, Whyte Corporate Affairs may in no way be held liable in the event that this data is stolen or hijacked by a third party despite the security measures adopted.

8.4       Users undertake not to commit acts that may be contrary to this Policy, the Terms, the GTC, the Cookie Policy or, in general, the law. Violations of confidentiality, integrity and availability of information systems and data which are stored, processed or transmitted by these systems, or the attempt to commit one of these violations, shall be punishable by imprisonment of between three months and five years and a fine of between twenty-six euros and two hundred thousand euros, or one of these penalties only.

  1. COMMUNICATION TO THIRD PARTIES

9.1       Whyte Corporate Affairs treats personal data as confidential information. It will not communicate them to third parties under any condition other than those specified in the Policy, such as to achieve the objectives set out and defined in point 4, or under the conditions in which the law requires it to do so.

9.2       Whyte Corporate Affairs may communicate its Users’ personal information to third parties to the extent that such information is necessary for the performance of a contract with its Users. In such case, these third parties will not communicate this information to other third parties, except in one of the two following situations:

  • the communication of this information by such third parties to their suppliers or subcontractors to the extent necessary for the performance of the contract;
  • where such third parties are obliged by the regulations in force to communicate certain information or documents to the competent authorities in the field of combating money laundering, as well as, in general, to any competent public authority.

9.3       The communication of this information to the aforementioned persons shall, in all circumstances, be limited to what is strictly necessary or required by the applicable regulations.

  1. TRANSFER TO A COUNTRY OUTSIDE OF THE EUROPEAN ECONOMIC AREA

[COMPANY NAME] transfers data to a country outside the European Economic Area only when that country ensures an adequate level of protection within the meaning of the legislation in force and, in particular, within the meaning of the General Data Protection Regulation (for more information on the countries offering an adequate level of protection, see: https://goo.gl/1eWt1V), or within the limits permitted by the legislation in force, for example by ensuring the protection of data by appropriate contractual provisions.

  1. DIRECT MARKETING

11.1     The personal data will not be used for direct marketing purposes for articles or services that would not be identical or similar to those to which the User has already subscribed, unless the User has previously explicitly consented to such use by ticking the boxes provided for this purpose (“opt-in”).

11.2     When the User has given his consent to the use of this information for direct marketing purposes, the latter retains the right to object to such use at any time, upon request and free of charge. The User may simply communicate his request by writing to the following address: privacy@whyte.be .

  1. NOTE CONCERNING MINORS

Persons under the age of 18 and persons who do not have full legal capacity are not allowed to use the Website. Whyte Corporate Affairs asks them not to provide their personal data. Any infringement found in this provision must be reported without delay to the following address: privacy@whyte.be

  1. UPDATES AND CHANGES TO THE POLICY

By informing Users through the Website or email, Whyte Corporate Affairs may modify and adapt the Policy, in particular to comply with any new legislation and/or regulations applicable (such as the General Data Protection Regulation applicable from 25 May 2018), the recommendations of the Belgian Data Protection Authority, the guidelines, recommendations and best practices of the European Data Protection Board and the decisions of the courts and tribunals on this issue.

  1. VALIDITY OF THE CONTRACTUAL CLAUSES

14.1     Failure by Whyte Corporate Affairs to invoke – at any given time – a provision of this Policy, may not be interpreted as a waiver to subsequently make use of its rights under the said provision.

14.2     The invalidity, expiration or the unenforceable nature of all or part of one of the above or below mentioned provisions shall not give rise to the invalidity of all the Policy. Any fully or partially invalid, lapsed or unenforceable provision shall be deemed not to have been written. Whyte Corporate Affairs undertakes to substitute this provision with another which, to the extent possible, fulfils the same objective.

  1. APPLICABLE LAW AND COMPETENT COURT

 15.1     The validity, interpretation and/or implementation of the Policy are subject to Belgian law, to the extent permitted by the provisions of applicable private international law.

 15.2     In the event of a dispute relating to the validity, interpretation or implementation of the Policy, the courts and tribunals of Brussels have exclusive jurisdiction, to the extent permitted by the provisions of applicable private international law.

15.3     Before taking any step towards the judicial resolution of a dispute, the User and Whyte Corporate Affairs undertake to attempt to resolve it amicably. To this end, they shall first contact each other before resorting, where appropriate, to mediation, arbitration, or any other alternative method of dispute resolution.