Our personal data protection policy
PHONOTECH BVBA, whose registered office is at 4890 THIMISTER-CLERMONT, Rue des Waides, 8, and identified with the ECB under the number 0472.982.490, in its capacity as data controller (hereinafter referred to as "PHONOTECH") attaches great importance to the protection of your data and respect for your private life.
The purpose of this Data Protection Policy is to explain how PHONOTECH collects, uses and stores personal data (hereinafter referred to as "personal data") relating to its customers, natural persons, and any natural person who is in contact with it, including potential customers, representatives or guarantors of our customers, natural persons or legal entities (e.g. company directors, agents, legal representatives, other contact persons), our suppliers, partners, etc. (hereinafter referred to as "You"). (hereinafter referred to as "you"). (hereinafter referred to as "you").
By "personal data" PHONOTECH means any information that directly or indirectly identifies You as a natural person.
Data processing" refers to any operation or set of operations relating to your personal data. The term processing includes all aspects of the collection, recording, organisation, storage, adaptation or alteration, extraction, consultation, use, communication by means of dissemination or any other form of making available, alignment or combination, as well as the archiving, erasure or destruction of such personal data.
PHONOTECH, as the controller, determines the purposes for which your personal data is processed, the means used and all the characteristics of the processing, as set out in this Policy. PHONOTECH is your contact person and is responsible for ensuring compliance with the regulations concerning your data with the supervisory authorities.
If you are in contact with PHONOTECH through a legal entity, please note that PHONOTECH provides a copy of this policy to the legal entity and requests it to bring it to the attention of any person involved in the processing of personal data by PHONOTECH.
PHONOTECH processes your data transparently and in accordance with all applicable data protection and privacy laws, including the "GDPR" (Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data).
2. What personal data do we process?
PHONOTECH collects personal data when You contact us by email, post or via the contact form on our website, during a meeting with our team with a view to signing a contract, in the context of the performance of services agreed on the basis of a contract or during a telephone call to our support teams.
PHONOTECH collects and uses only the personal data that are necessary for our activities and that enable us to offer you personalised, high-quality services and products.
We collect and process different categories of personal data, including :
Identification data: e.g. surname, first name, date of birth.
Contact details: e.g. postal address, e-mail address, telephone number.
Accounting and financial data: e.g. bank account number, VAT number.
Under no circumstances do we collect or process sensitive data.
Some of the personal data that we collect from you is needed to fulfil our contractual obligations towards you. In some cases we are obliged by law to collect certain information. Depending on the type of personal data and the purposes for which we process it, if you refuse to provide it to us, we may not be able to fulfil our contractual obligations or, in extreme cases, continue our relationship with you.
3. Why and on what basis do we use your personal data?
We process your personal data for different purposes and on the following legal grounds:
a. To allow us to process your request (consent).
We use your personal data when you contact us to ask questions (e.g. via the contact form on our website) about our products or services or to obtain information, either to:
Provide you with information about our services and products;
Put you in touch with the right department;
Assist you and answer your requests and questions;
Assess the conditions under which we can offer you our services and products.
b. To perform a contract concluded with you or to carry out (pre)contractual measures.
We use your personal data to enter into and perform our contracts, including:
Contact you to complete your order;
Provide our services and products;
Assist you and respond to your requests and queries;
Manage the contractual relationship;
Issue, collect and verify invoices.
c. To comply with our legal and regulatory obligations.
We use and retain (archive) your personal data to comply with our legal and regulatory obligations, including our tax and accounting obligations.
d. To further our legitimate interests.
We use your personal data to implement and develop our products and services, to optimise our risk management and to defend our legal interests, including
Maintain the security of our website and protect it against fraud;
To evaluate customer satisfaction to better understand their needs and expectations in order to improve our services and products;
To compile statistics;
To manage customers, suppliers and partners (customer loyalty, customer appointments, suppliers and partners);
To manage any disputes;
Management of contacts (having an address book, managing a network of contacts);
Contacting one person at the request of another (sponsorship).
4. With whom do we share your personal data?
a. Your personal data may be processed on our behalf by trusted service providers.
For the performance of certain tasks, we use specialised partners who act as subcontractors. We only provide them with the information they need to perform the service and ask them not to use your personal data for other purposes. We always do our utmost to ensure that all these third parties with whom we work keep your data confidential and secure. For example, we may make your personal data available to third parties who assist us in providing IT and storage services (platform providers, hosting services, maintenance and technical support services).
b. We may also provide your personal data to other third parties
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions or any other terms and conditions you have agreed to;
Or to protect the rights, property, or safety of PHONOTECH, its customers, or employees;
If we have your permission;
Or if the law allows us to do so.
5. Where do we store your personal data?
Your data will be stored in a data centre within the European Union in accordance with the general data protection regulations.
6. How long do we keep your personal data?
We cannot keep your personal data longer than is necessary for the processing for which it was collected. More specifically, we distinguish between a retention period and an archiving period.
The retention period is the maximum period of use of your data for a specific processing. When the period expires (the purpose has been fulfilled or disappeared, or your right to object has been successful), your data will be deleted from our database. For example, data relating to prospects is stored for a maximum of 1 year.
The archiving period is based on our legal obligation (e.g. to comply with our accounting and tax obligations we are obliged to keep your invoice data for a maximum of 7 years) or on the legal necessity to keep your data longer than the retention period for evidence purposes. Archived data can only be accessed for the purposes of inspection by a competent authority (e.g. tax authorities), for legal evidence, for internal audit purposes, etc. The length of the archiving period therefore varies from case to case.
7. How do we protect your personal data?
PHONOTECH attaches great importance to the protection of your personal data and takes all reasonable precautions to prevent the loss, misuse, disclosure, unauthorised access or modification of such data.
Appropriate measures are taken both technically (encryption, anti-virus, firewalls, access control, etc.) and organisationally (careful selection of employees, suppliers, etc.) to ensure a sufficient level of security. Moreover, these security measures are regularly evaluated and adjusted to ensure an adequate level of protection.
8. Links to social networks
Our website contains links to social networks that we use (Facebook, LinkedIn, Instagram, Twitter). Please note that these websites have their own privacy policies and that we are not responsible for the use that these websites make of the information collected when you click on these links. We encourage you to read their policies before submitting your personal information to them.
9. What are your rights and how can you exercise them?
a. Right of Access.
You have the right to access the personal data that we hold about you (subject to certain restrictions). You have the right to know the purposes of the processing, the categories of data involved, the categories of recipients to whom the data is transferred, the criteria used to determine how long the data is kept, and the rights you can exercise in relation to your data. We may charge a reasonable fee to cover the administrative costs of providing the information. Requests that are clearly unfounded, excessive or repetitive cannot be answered.
b. Right of rectification.
You have the right to request that your personal data be corrected if they are inaccurate or out of date, and/or supplemented if they are incomplete.
c. Right to be erased (or "right to be forgotten").
In some cases, You have the right to have Your personal data erased or deleted. This is not an absolute right, as we may be obliged to keep Your personal data for legal or legitimate reasons.
d. Right to restriction of processing.
You have the right to request that we restrict the processing of Your personal data. This means that we may only continue to keep your data, but not use it. This right applies in specific circumstances under the GDPR, namely:
Where You dispute the accuracy of the personal data we process about You. In this case, our processing of Your personal data will be restricted for the period necessary to verify the accuracy of the data;
When You object to our processing of Your Personal Data for the purpose of pursuing Our legitimate interests. You may request that the data be restricted while we verify the reasons for processing your personal data;
when your data has been unlawfully processed by us, but you would prefer that we restrict its processing rather than delete it;
when we no longer need to process your personal data, but it is still necessary for the establishment, exercise or defence of legal claims.
e. Right to object.
You may object to the processing of your personal data for reasons relating to your personal situation. PHONOTECH will cease processing your data unless it can demonstrate that there are compelling legitimate grounds for processing which override your right to object. You have the absolute right to object to the processing of your personal data for direct marketing purposes.
f. Right to data portability.
You have the right to recover the personal data you have provided to us in a structured, commonly used and machine-readable format or, if technically possible, to transfer it to a third party. This right only applies to data provided by You, where the processing is based on Your consent or on a contract, and is carried out using automated processes.
g. Right to withdraw consent.
If You have given permission for the processing of Your personal data, You may withdraw this permission at any time.
h. How to exercise your rights.
To exercise your rights, You must send a written request and proof of identity to us, by post to SPRL PHONOTECH, Rue des Waides, 8 in 4890 THIMISTER- CLERMONT or by e-mail to the address firstname.lastname@example.org.
We shall reply as soon as possible and at the latest 1 month after receipt of the request (subject to the extensions allowed by law).
11. Questions and Complaints.
In addition, if You are not satisfied with the processing of Your personal data by PHONOTECH, You have the possibility to lodge a complaint with the Data Protection Authority www.autoriteprotectiondonnees.be.