Qviro Privacy Policy

Qviro (hereinafter ‘we’, ‘us’ and ‘our’) understands the importance of the privacy of its customers and users of its website visitors and the protection of their personal data. This policy sets out how we handle and process your personal data.

Qviro BV, with its registered office at André Dumontlaan 31, 3600 Genk, Belgium, KBO (Crossroads Bank for Enterprises) number BE 0746.778.353 manages this website. We act as the data controller when we process our customers’ and website users’ personal data.

We believe it is important to create and maintain an environment where our customers can be confident that their data will not be misused. We comply with the regulations applicable to data protection such as the Regulation (EU) 2016/679 (also referred to as the General Data Protection Regulation, hereinafter “GDPR”) and the Belgian Data Protection Act. The aforementioned regulations concern the protection of personal data and provide you with rights over the said personal data.

The objective of this policy is to indicate what personal data we collect, how we use your data after you have visited our website and to assure you that we process your data appropriately.

This privacy policy and the terms and conditions of use apply when you visit our website. The application of terms and conditions other than those set out herein is explicitly prohibited unless we have provided express permission in writing in advance. In the latter case, this policy applies alongside the specific agreement. The use of this website, the platform and the content contained therein is only permitted subject to compliance with this policy. The use of this website, the platform and the content contained therein is only permitted subject to compliance with the full text of this policy.

It is not necessary to provide personal data to use most of our website.

We collect and process data obtained via our website or the devices you use. The collected data may be:

• Identification data (Name, address)
• Login details (Name, Country, Email address, Company, Phone Number, and password) for the section of the website reserved for subscribers;
• Location data (collected via social media or the IP address of your device; GPS signals sent by your mobile device);
• Data collected using cookies, web beacons or from the internet. These data are automatically collected and can be related to the website you visited before you navigated to our website or the website you navigated to after visiting our website. We may also collect data on the website pages you have visited, your IP address, the type of browser you use, the access time and your operating system. Read our cookie policy www.qviro.com/cookies to find out more on how we use cookies.
• Data we obtain from other websites, for example if you ask us to link to your LinkedIn account
• Additional or optional data are provided by filling out forms on our website or when we contact you (by telephone, email or at trade fairs or events).
  

We may also collect data from the public domain to check data previously collected or to manage or broaden our activities.

We collect the aforementioned data to create a profile in order to understand your needs and to provide better service, and for the following specific purposes:

We can share your personal data with:

• Third parties with whom you have asked us to share your personal data, such as LinkedIn or other social media if you have asked us to link these to your account; or
• Organisations with whom you have agreed to share your personal data, such as organisations selling products on the Qviro website/platform, in return for access to information such as the product price.

Based on our legitimate interest, we may also share your personal data with third parties that assist us with our products and services. Some examples of third-party activities include the hosting of web servers, data analysis, marketing support providers and customer service. These companies have access to your personal data but only when this is required to perform their activities. They are not permitted to use your data for any other purposes.

We may publish your personal data to enforce our policy, to comply with our legal obligations or in the interest of safety, in the public interest or for the purposes of legal enforcement. We may follow up a request from a law enforcement agency, regulatory authority or government agency. We may also publish data for the purposes of current or scheduled court cases or to protect our property, safety, people or other rights and interests.

Should Qviro be sold or merges with another company, your data will be accessible to the advisor of the potential buyer and transferred to the new company owners. In that case, we will take the appropriate measures to guarantee the integrity and confidentiality of your personal data. The use of your personal data will always be subject to this policy.

We may transfer your personal data to third parties in third countries (outside the European Economic Area (EEA)), i.e. Switzerland, Canada, Japan, South Korea, United States, China, …. The said transfer of data outside the EEA is legal if the recipient of the data resides in a country with a level of protection deemed adequate by the European Commission, such as Switzerland, Japan, Cananda, South Korea. Some of these countries may not have enacted equivalent data protection legislation to protect the use of your personal data. In such cases, we have researched whether appropriate preventive measures similar to those implemented within the EU are possible, for example by adopting standard contractual clauses. In specific cases, we will request your prior consent to the transfer of your personal data outside the EEA. Please follow the procedure set out in Rights of the data subject for further information on data transfer.

Data protection legislation provides various rights for the data subject with regard to the processing of personal data to ensure the data subject has sufficient control over the processing of their personal data.

You are entitled to:

a. Right of access/inspection

You are entitled to receive confirmation from us of whether your personal data is processed by us. If we do process your personal data, you are entitled to request to view your personal data.

Should it not be included in this policy, we will provide you with information on:

• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipient to whom the personal data have been or will be disclosed;
• the transfer thereof to recipients in third countries or international organisations;
• where possible, the intended period for which the personal data will be retained, or if this is not possible, the criteria used to determine that period;
• your entitlement with regard to your personal data as listed in this section;
• where the personal data are not collected from you, all the information available regarding the source of the data;
• the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the intended consequences of the said processing for the data subject.

We will produce a copy of the personal data relating to you in our records upon request. Should you make repeated and disproportionate requests for copies of the said data, we reserve the right to charge you a reasonable fee.

b. Right to rectification

Should you determine that the personal data on our records is incomplete or incorrect, you are entitled to notify us in order for the necessary steps to be taken to rectify or add to the said data.

c. Right to be forgotten

You are entitled to request we delete your personal data should the processing not be in accordance with the data protection legislation or should the said processing not fall within the limitations laid down by law.

d. Right to restriction of processing

You are entitled to request we limit the processing of your personal data if:

• the accuracy of the personal data has been called into question during the period required to check the accuracy thereof
• the processing is unlawful and you do not wish the data to be deleted;
• we no longer require the data but you do not request we delete the data because the data is required for the pursuance or defence of legal claims
• an objection is made to the processing pending an explanation of the legitimate interests that outweigh your interests.

e. Right to data portability

You are entitled to receive the data you have provided to us in a structured, standard and machine-readable format. You are entitled to request we transfer the personal data to another data controller (directly from us). This is an option when the processing is based on your consent and processing via an automated procedure.

f. Right to object

Where your personal data is processed for direct marketing purposes (including profiling), you remain entitled to object to the said processing.

You are entitled to object to the processing based on a specific situation related to the data subject. The organisation will no longer process the personal data unless the organisation demonstrates compelling legitimate grounds for the processing which outweigh your interests or the interests of the pursuance or defence of legal claims.

g. Automated individual decision-making

The data subject is entitled not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, such as the evaluation of personal aspects related to performance at work, reliability, creditworthiness, etc.

The said right not to be subjected to such automated decision-making processes does not apply where the process is allowed on the basis of a mandatory legal provision.

The data subject is not entitled to invoke this right when the decision is required to enter into, or to execute, an agreement between the data subject and the organisation or is based on the explicit consent of the data subject. In the latter two cases, the data subject is entitled to human intervention by a member of the organisation staff and is entitled to notify the organisation of their position and to contest the automated decision.

h. Right to withdraw consent

If you have consented to the processing of your personal data for a specific purpose of processing, you are entitled to withdraw your consent by sending an email or via your account.

If you opted in to receiving commercial email messages, newsletters, etc. from us when you registered on the website, you can unsubscribe if you change your mind.

i. Procedure to exercise rights and other provisions

We can request you verify your identity to ensure your request is lawful and that we are sending the reply to a person entitled to make such a request and to receive the data.

Please note that we may refuse access to your personal data or may not be able to grant your request under specific circumstances when we are entitled to do so under the applicable data protection legislation.

For further information on the processing of your personal data or if you wish to exercise your rights, please contact us at [email protected].

You are entitled to lodge a complaint with the competent supervising authority (for data protection). In Belgium, the Data Protection Authority, Drukpersstraat 35, 1000 Brussels ([email protected]).

Security

We make every effort to guarantee the security of your data. We have implemented reasonable technical and organisational measures to guarantee your personal data against accidental or unlawful destruction, loss, modification, unauthorised disclosure and/or unauthorised access to the data transmitted, saved or otherwise processed. Please note that the internet is an open network; we cannot therefore guarantee that unauthorised third parties will not be able to circumvent these measures or use your personal data for inappropriate purposes.

This website may include links to third-party websites. We will not be held liable for the content of these websites, nor for the privacy standards and practices of the corresponding third party. You must read and understand the relevant third-party and website privacy policies before accepting cookies and visiting a website, to ensure your personal data is sufficiently protected.

Belgian law is applicable to our website, this policy and disputes that may arise with regard to these. In the event of a dispute, only the courts of Antwerpen – division Tongeren shall have jurisdiction.

Qviro may amend or update this policy to ensure the provision of information on how we process your personal data at that time. The updated version of this policy is available on the same website and will take effect upon publication. Please visit this webpage regularly to ensure you remain up-to-date on how we collect and process personal data, how and under what circumstances we use your personal data and when we share your personal data with third parties.

Version November 23, 2023.