This privacy notice (“Privacy Notice”) describes how and why Sprimoglass S.A. and its affiliates (“we”, “us”, “our”, or “Sprimoglass”) may access, collect, use, and/or share your personal data when you use our services, including when you download and use our mobile application “Sprimoglass Racks”, or any other application of ours that links to the Privacy Notice.
“Sprimoglass Racks” is designed to help users of the application to get their racks picked up quickly and easily by scanning the QR code on the side of the racks. After scanning, users are requested to indicate whether the rack is loaded or empty. In this way, Sprimoglass knows if a rack is liberated for pick-up or not.
Questions or concerns? Reading this Privacy Notice will help you understand your rights and how you can exercise them. By using our services and/or Sprimoglass Racks, disclosing your personal data, or accepting this Privacy Notice, you acknowledge the manner in which Sprimoglass collects and processes your personal data as described herein. If you do not agree with our policies and practices, please do not use our services and/or Sprimoglass Racks. If you still have questions or concerns, please contact us at info@sprimoglass.com.
WHAT CATEGORIES OF PERSONAL DATA DO WE PROCESS?
After downloading the application, Sprimoglass can grant access to users, upon request, by providing a unique login and password to the respective user.
As part of this process, we process the following categories of personal data:
name, e-mail address, and login credentials; and
such personal data that you voluntarily provide to us (e.g. when you express an interest in obtaining information about us or our products and services, when you participate in activities on the services, or otherwise when you contact us);
If you use our application(s), we will also request access or permission to certain features from the device you use to access the application, including your mobile device’s camera, and other features. If you wish to change our access or permissions, you may do so in your device’s settings.
All personal data that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal data.
If you share any personal data of third parties with us, you guarantee that you have informed those third parties and you have received all necessary consents to communicate the third parties’ personal data to us.
FOR WHICH PURPOSES DO WE PROCESS YOUR PERSONAL DATA AND ON WHICH LEGAL BASIS?
Depending on your use of our application, we may process your personal information for the purposes specified hereunder.
Purpose
To create your user account and to ensure that you can log in, access and use Sprimoglass Racks via your user account.
To provide and administer our services.
Category of personal data:
All personal data you provide to us which is necessary for the creation of your login and to allow you to access and use Sprimoglass Racks, such as your name, e-mail address, and login credentials
If you don’t provide this information, we cannot create an account for you and you cannot access the application.
Performance of the contract we have with you.
Personal data that may be collected through the use of your devices’ features for which you have granted your permission (via your device’s settings).
Legal basis
Performance of the contract we have with you.
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
We may share your personal information with third parties when necessary for the purposes described in section 2 above. This includes service providers (such as IT, security, or hosting providers), professional advisors (such as lawyers and auditors) and third parties to whom we intend or choose to sell, transfer or merge (parts of) our shares, business or assets.
Upon your requests, we can provide you with a list of third parties with whom your personal data has been shared.
In addition, we may disclose your personal data if this is required by law, or if we determine in good faith that such disclosure is required in order to comply with any pending judicial inquiry, judicial order or litigation and/or to safeguard our rights.
Processors and sub-processors of Sprimoglass always act under the responsibility of Sprimoglass. If we engage processors or sub-processors, this will always be done in accordance with a data processing agreement that meets the requirements of the GDPR. We require all our processors or sub-processors to take appropriate technical and organizational (including security) measures to protect your personal data in line with our policies. We do not allow our processors or sub-processors to use your personal data for their own purposes. In the event we disclose your personal data as described above, we will implement appropriate safeguards to ensure the integrity and confidentiality of your personal data.
Your personal information will only be viewed and made available to processors, sub-processors, employees and other third parties on a “need-to-know” basis, limited to the extent necessary to perform their services.
DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE THE EEA?
In principle, Sprimoglass does not transfer your personal data to third countries located outside the European Economic Area (“EEA”), but it is possible that through its (sub-)processor, Sprimoglass does transfer your personal data to countries outside the EEA. In this event, Sprimoglass will only transfer your personal data outside the EEA in accordance with the applicable data protection legislation and subject to appropriate safeguards.
Please contact us if you want further information on the specific mechanism(s) used by us when transferring personal data out of the EEA.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will only keep your information for as long as your user account remains active. Upon your request to deactivate your account, your personal data will be deleted, unless retention is required by law or necessary for the establishment, exercise, or defence of legal claims.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
HOW DO WE KEEP YOUR INFORMATION SAFE?
We take the security of your personal information seriously and have implemented appropriate and reasonable technical and organisational measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our services is at your own risk. You should only access the application within a secure environment.
WHAT ARE YOUR PRIVACY RIGHTS?
Within the limits defined in Articles 15-22 of the GDPR, you have the following legal rights in relation to your personal data:
Right of access: you have the right to obtain confirmation from us as to whether or not we are processing your personal data, to access that personal data and how and why it is being processed, as well as to receive a copy of that data.
Right to rectification: you have the right to obtain a rectification of your personal data or to request that we complete your personal data when you become aware that we are processing incorrect or incomplete data about you.
Right to erasure (‚right to be forgotten‘): you have the right to obtain erasure of your personal data in certain specific cases.
Right to restriction: you have the right to have the processing of your personal data restricted in certain specific cases.
Right to portability: you have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable form, and to transfer (have transferred) that personal data to another controller.
Right to object: you have the right to object to the processing of your personal data on the basis of our legitimate interest for reasons relating to your specific situation.
If we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time by contacting us by mail at info@sprimoglass.com.
However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
The exercise of your rights is in principle free of charge. Only in the event of unreasonable or repeated requests we may charge a reasonable administrative fee. We will always inform you of the applicable fee before charging it.
You can exercise your rights by sending an email to: info@sprimoglass.com.
In your request, make sure to clearly specify which right you wish to exercise so we can help you as efficient as possible. Please note that in some case we may require you to give more information about yourself to ensure that we are dealing with the correct person.
If you contact us to exercise your rights, we will respond within 1 month. Exceptionally this may take longer (up to 3 months), but then we will inform you within 1 month of the reasons why.
LIABILITY
If Sprimoglass has legitimately transmitted your personal data to a third party (not being its (sub-)processor), Sprimoglass shall not be liable for any unlawful processing or unlawful use by that third party.
Sprimoglass is in any case only liable for the damage caused by the processing of personal data if it did not comply with its specific obligations under the GDPR and our liability shall not exceed an amount equal to the amounts actually paid out by our insurer for the damage causing event. Sprimoglass shall in no event be liable for any special, incidental, indirect or consequential losses or damages.
The foregoing exclusions and limitations shall only apply to the maximum extent permitted by applicable law.
Sprimoglass Racks may contain links to third party platforms, websites and/or applications. We are not responsible for the content of these platforms, websites and applications nor for the privacy standards and practices of such third parties. We recommend you to read the relevant privacy policies of these third parties and their platforms, websites and/or applications before you accept their cookies and visit them to ensure yourself that your personal information is sufficiently protected.
DO WE MAKE UPDATES TO THIS NOTICE?
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated ‘revised’ date at the top of this Privacy Notice. If we make changes to this Privacy Notice that materially affect your rights or the way we process your data, we will provide a clear notice by appropriate means before the changes take effect.
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may email us at info@sprimoglass.com or contact us by post at:
Sprimoglass S.A.
Rue de Louveigné 94
Sprimont 4140
Belgium
YOUR RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
If you believe that our processing of your personal data infringes GDPR, you have the right to lodge a complaint with a supervisory authority. You can file a complaint in the EU member state of your habitual residence, your place of work, or the location of the alleged infringement.
In Belgium, the competent authority is the Data Protection Authority:
www.gegevensbeschermingsautoriteit.be
Drukpersstraat 35
1000 Brussels
Belgium
+32 (0)2 274 48 00
contact@apd-gba.be
However, we would appreciate the opportunity to resolve your concerns before you escalate the matter. Please contact us, and we will do our best to assist you.
WHAT LAWS APPLY TO THIS PRIVACY NOTICE?
This Privacy Notice is governed by and interpreted in accordance with Belgian law.
The courts in Brussels are exclusively competent to decide on any dispute that may arise from the interpretation or implementation of this privacy policy, without prejudice to the consumer’s right to present a dispute before a competent court on the basis of a mandatory statutory provision.