Privacy

  1. Objective of this policy

1.1 Information

This policy informs you (as the data subject) about how we process your personal data in the framework of our website DERBIGUM, in our capacity as controller, in accordance with all applicable data protection and privacy laws and regulations, including the “GDPR” – Regulation (EU) 2016/679 (hereinafter referred to as “Data Protection Laws”), and in particular pursuant to Articles 13 and 14 of the GDPR.

This policy is also intended to inform you of your rights regarding the processing of your personal data.

1.2 Informed consent

In some cases (specified below), the legal basis for our processing is your informed consent. In such cases, the other purpose of this policy is to provide you with the information necessary to obtain valid consent from you.

Where our processing of personal data is based on your consent, you have the right to withdraw your consent at any time, but this withdrawal may not affect the lawfulness of the processing carried out prior to this withdrawal. To withdraw your consent, you are invited to use the easy unsubscribe procedures provided to you by our communications tools or by sending us an e-mail (to the address below).

When our processing of personal data is based on your consent, it is our duty to be able to demonstrate that you have consented to the processing of your personal data. To do so, we retain data relating to your consent as long as we need to demonstrate our full and complete compliance with data protection laws.

If you are under 16 years of age, it is our duty to make reasonable efforts to verify, in such cases, that consent is given or authorized by the person having parental authority, taking into account the available technology. This explains why, if necessary, we may ask for more information about this holder of parental authority.

  1. Information on the controller

By “controller“, it is meant any natural or legal person who determines, alone or with others, the purpose, legal and technical means for the processing of personal data.

The following person is the controller:

Imperbel SA  (hereinafter referred to as “DERBIGUM” or “We”)
Bergensesteenweg 32
B-1651 Beersel
Belgium
Number (VAT-BE) 0400.456.085
Email:dataprotection@derbigum.com

  1. For what purposes and on what legal basis are your data used?

3.1 In general

DERBIGUM specializes in the efficient and targeted dissemination of waterproofing and roofing information. This website forms a central platform containing all kinds of information and data, some of which can be personal data (IP addresses, cookies, data exchanged through web forms, account information).  These personal data are provided directly to DERBIGUM by the User. Personal data are only processed to provide information or services and to improve or personalize our services, offers and commercial relations. The information collected will not be made visible to other Users of our website.  When the User makes more intensive use of the site, the collection of personal data will be more extensive.  This form of data processing is therefore essential for the functioning of the website and related services.

The data are processed only for the following (internal) purposes, which are based on the following legal bases:

  • Give the User access to his User profile and the functionalities resulting from it (execution of the service provision contract).
  • To offer and improve our services, both general and personalized, including, where applicable, the offer of information through this website and of support (legitimate interest).
  • Detection and protection against fraud, errors, criminal conduct (legitimate interest).

We never share your personal data for external analysis without first anonymizing it.

3.2 Registration procedure

The use of certain parts of our website requires the creation of an individual profile and your registration as a User. We collect all the data necessary for a personalized service, such as your gender, age, as well as essential demographic and contact data, such as your postal address, email address, telephone number and fax number. The User himself determines the extent of the information he provides via the website.

3.3  Good technical operation

In addition, we collect and process personal data in order to guarantee the User the proper technical use of the site.

The website makes use of various means to optimize the User experience and to detect the presence of possible (technical) errors on the website:

  • Cookies: this information allows us to identify the user and to make efficient use of the website’s features, such as staying connected, browsing information, using features, displaying personalized advertising messages, etc. For more details about our cookies, we refer you to our[Cookie policy];
  • Logs: this concerns information such as IP address, as well as various telecommunication data;
  • Information about the device, software or network used;
  • Information about local data storage.

The website also collects anonymous data, i.e. technical data that are used solely for internal purposes, to obtain a overview of Users’ navigation on the website.

3.4 Marketing

We only use your data for marketing purposes if we have obtained your specific prior (consent).

  1. Are your data transferred outside the EU (and/or transmitted to third parties)?

Personal data are first of all processed only for internal use within DERBIGUM. We can assure you that the data collected is not sold, transmitted or shared with third parties except as described below.

However, the data may be passed on to third parties if:

  • The User has explicitly consented to this;
  • The transfer is necessary for the performance of the contract. This will be the case with workers, employees, agents, subcontractors, suppliers, business partners, marketing departments, etc;
  • The transfer is necessary for the conclusion or performance of a contract, concluded or to be concluded in the interest of the User, between the controller and a third party (in the context of fraud, for example);
  • The transfer is necessary or required by law (significant public interest or right).

DERBIGUM is a Belgian company, but is part of a group that has many establishments around the world. Derbigum can therefore send data to other countries, including countries outside the European Union. The transmission of personal data is normally limited to countries that offer a similar level of protection and where identical or similar privacy provisions are respected. If it is not the case, DERBIGUM guarantees in any case that no data will be transferred to third countries for processing or storage without the necessary measures (contractual clauses) having been taken to meet the protection requirements laid down by law.

  1. How long do we keep your data?

Your data is kept only during the time necessary to perform the corresponding operation, and are erased afterwards.

For instance: the data from a web form are only kept during the period that is necessary to answer a question that you would have asked through such web form, your account data are kept as long as your account is active (until you unregister), etc.

If your data is processed on basis of your consent, it is kept until your consent is withdrawn (unless another period is specified in the consent form).

For the cookies, please refer to the [Cookie Policy].

Data used for security purposes are kept during one year.

  1. What are your rights?

Data protection laws grant you rights in certain cases and under certain conditions, including the rights of access, rectification, request for deletion of your personal data, as well as the right to request the limitation of processing or to oppose processing. In certain cases and under certain conditions, you also have a right to the portability of your data.

Please contact us as specified in the “Who to contact about your personal data” section below to make any request to exercise your rights or if you have any questions or concerns about how we handle your personal data.

You can, in principle, exercise these rights free of charge. Please note, however, that the processing of external requests, which are found to be unfounded or excessive, may sometimes be subject to reasonable administrative fees.

Please note that some personal data may be exempted from the rights of access, rectification, objection, deletion, limitation or portability in accordance with personal data protection laws or other legislation.

  1. Safety and security

DERBIGUM will take appropriate technical, physical, legal and organisational measures, which comply with the Personal Data Protection Laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that an interaction with us is no longer secure (for example, if you believe that the security of any personal data you may have with us has been compromised), please notify us immediately. See the section “Who to contact about your personal data” below.

When DERBIGUM provides personal data to a service provider, the service provider will be carefully selected and must use appropriate measures to protect the confidentiality and security of personal data.

  1. Complaints and complaints

If you are not satisfied with our processing of your personal data and you think that contacting us will not solve the problem, the Data Protection Laws give you the right to file a complaint with the competent supervisory authority (more information on the latter’s website: https://www.autoriteprotectiondonnees.be/).

Autorité de Protection des DonnéesRue
de la Presse, 351000
Brussels (Belgium)
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
Email: contact(at)apd-gba.be

  1. Who to contact about your personal data

If you have any questions about our use of your personal data you can send us an e-mail to dataprotection@derbigum.com, or write to DERBIGUM, Data protection, Bergensesteenweg 32, 1651 Beersel, Belgium.

  1. Changes to this Privacy Policy

We regularly review this Privacy Policy and reserve the right to make changes at any time to reflect changes in our business or new legal requirements.

To inform you of the changes, we will post the updates on our website. In some cases (and if we have your address), we may also inform you by email.

Please check the “last updated” date at the top of this Privacy Policy to see when it was last revised.