sec | Steven Albrecht, sole trader.
Last modified on 01 May 2023.
First of all, we are pleased that you are interested in the products and services of 'Sec'.
In this privacy statement we inform you about the way in which Personal Data is processed by us.
We may ask you to share certain Personal Data with us, including but not limited to your first name, last name and email address (identifiers). For certain specific obligations, you may be required to provide us with additional information, such as payment and billing information.
We only collect the Personal Data that is necessary to inform you about our products and services, to execute an agreement with you and to contact you.
We base this on the processing grounds of the agreement, the legal obligation, our legitimate interest and, in some cases, your consent (see also Article 2).
The processing of your Personal Data is subject to this privacy statement. For questions and/or comments, please contact firstname.lastname@example.org.
'Sec', a one-man business Steven Albrecht under Belgian law, with registered office at 2640 Mortsel (Belgium), Ter Varentstraat 37 and registered with the Crossroads Bank for Enterprises with company number 0833.640.962.
“Personal data” has the meaning as defined in the General Data Protection Regulation 2016/679, which includes any information from which a natural person (also referred to as “data subject” or “data subject”) is identified or may be identified.
“Responsible” has the meaning as defined in the General Data Protection Regulation 2016/679. 'Sec' will be qualified as the controller who determines the purposes and means of the processing of your Personal Data.
“Associated Company” means a company associated with 'Sec' to the extent that it meets the conditions of an “Associated Company” within the meaning of Article 1:20 of the Belgian Companies and Associations Code.
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which Processes Personal Data on behalf of/on behalf of the Controller.
“Website” means the Sec website: www.secclothing.be
Processing purposes and legal bases
In the context of our services and our activities, we collect and process the identity and contact details of our customers and clients, their staff and employees. The purposes for this processing are the execution of the agreements with our customers, customer management, accounting and direct marketing activities such as sending promotional or commercial information. The legal bases are the performance of the agreement, the fulfillment of legal and regulatory obligations (in particular accounting legislation), our legitimate interest and, in some cases, your consent.
Data from suppliers and subcontractors
We collect and process the identity and contact details of our suppliers and subcontractors, as well as their possible (sub)subcontractor(s), their personnel and employees. The purposes of these processing operations are the execution of the agreement, management of suppliers/subcontractors and accounting. The legal bases are the performance of the agreement, the fulfillment of legal and regulatory obligations (in particular accounting legislation) and/or our legitimate interest.
We process the Personal Data of our employees in the context of our personnel management and payroll administration.
We process the identity and contact details as well as work history and other data that are usually indicated on a curriculum vitae of applicants when they provide us with this information. The Personal Data is processed to investigate whether they are eligible for a job with us based on our legitimate interest.
If we want to keep their Personal Data longer after the relevant vacancy has been filled, we will inform them about this and request their permission to do so.
In addition to the data of customers, suppliers/subcontractors, staff and applicants, we also process Personal Data of others, such as potential new customers/prospects, useful contacts within our sector, network contacts, etc. This is done through our Website or through other channels. The purposes of this processing are in the interest of our activities, direct marketing and public relations. The legal basis is our legitimate interest, the performance of a contract and, in some cases, your consent.
Specifically, we may use the Personal Data we collect for the following purposes:
- to provide you with information about our products and services;
- to provide you with our products and services and to perform any agreements;
- to process and deal with possible complaints or requests;
- to help us evaluate, correct or improve the Website and any related products or services;
- for direct marketing purposes;
- for internal reasons, including business administration and archiving purposes.
The confidentiality of your Personal Data
Whenever you provide Personal Data to us, we will treat this information in accordance with the provisions of this privacy statement and the legal obligations in the context of the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.
We implement appropriate measures and procedures to secure and protect the Personal Data we collect. In this way, we are committed, insofar as can reasonably be expected, to prevent illegal processing of Personal Data and accidental loss or destruction of your Personal Data.
We aim to optimize the security of your Personal Data by limiting access to your Personal Data to persons on a need-to-know basis (for example: only 'Sec' and its employees, associates, Affiliates or subcontractors who process your Personal Data need for the purposes described in Article 2 will have access to the data).
How do we collect your Personal Data and how long is it kept?
Collection of your Personal Data
We collect your Personal Data – without being exhaustive – in the following cases:
- when you conclude an (employment) contract with us;
- when you register on the Website to receive information;
- when you call, email or correspond with us in any way other than through the Website.
- We avoid collecting Personal Data that is not relevant for the purposes set out in Article 2.
- We may combine the Personal Data we collect with information that third parties provide to us.
Keeping your data
The Personal Data is stored and processed by us for a period that is necessary in function of the purposes of the processing.
Customer data and data from suppliers or subcontractors will in any case be removed from our systems after a period of 7 years after the termination of the agreement, except in the event of an ongoing dispute for which the Personal Data are still necessary.
Personal data of personnel will be deleted immediately after the termination of the employment relationship, except for the Personal data that we have to keep for longer on the basis of specific legislation or in the event of an ongoing dispute for which the Personal data are still necessary.
Personal data of applicants will be deleted after the relevant vacancy has been filled or after a period of 2 years after permission has been obtained to inform applicants about future job opportunities.
Other data will not be kept for longer than a period of 2 years after the last time a meaningful contact took place with you, except in the case of explicit permission to keep this data longer.
Transfer of Personal Data
We will not transfer Personal Data to third parties located outside the European Economic Area.
Furthermore, we will not transfer Personal Data to other parties located within the European Economic Area other than with your consent, unless:
the transfer is necessary to allow employees, agents or subcontractors to provide a service or perform a task on our behalf, which is necessary for the performance of the agreement we have with you or in the context of our legitimate interest (including but not limited to providing marketing support, conducting market research or providing customer service);
this is required by law.
Any transfer of Personal Data to a recipient as listed above is in accordance with the provisions of the General Data Protection Regulation 2016/679.
We ensure that measures are taken so that the recipients cannot use the Personal Data for purposes other than those exhaustively listed in Article 2 and that the recipients have taken sufficient technical and organizational measures to protect this data.
In order to guarantee the security of the Personal Data, we will always conclude a processing agreement with the aforementioned recipients of the Personal Data.
We will take all necessary precautions to ensure that the employees and collaborators who have access to the Personal Data only process it in accordance with this privacy statement and the legal obligations under the General Data Protection Regulation 2016/679.
Rights of the data subject
Under both Belgian and European legislation on the protection of Personal Data, you have the rights described below. If you wish to make use of these rights, you must send us a written request accompanied by a copy of the front of your identity card to email@example.com.
We will inform you within a period of 1 month after receipt of the request about the action that will be taken. This period can be extended to a maximum of 3 months, in which case you will be informed of the reasons for this delay within 1 month of the original request.
The right to access Personal Data
You have the right to instruct us to provide any Personal Data we hold about you, provided that the rights of other data subjects are not affected.
The right to rectification of the Personal Data
We kindly ask you to ensure that the Personal Data in our database is as accurate and complete as possible. If you believe that the information provided to us is incorrect or incomplete, please notify us as described above. We will then correct or supplement your Personal Data as soon as possible.
The right to erase Personal Data
You have the right to erase your Personal Data without undue delay in the following cases:
if it is no longer necessary to keep the Personal Data in relation to the purposes for which it was collected or otherwise processed;
in case of withdrawal of consent for consent-based processing;
the processing intended for direct marketing; and
if the Personal Data has been processed unlawfully.
However, there are certain general exclusions to the right to erasure. Those general exclusions include the cases where processing is necessary:
- for exercising the right to freedom of expression and information;
- for compliance with a legal obligation; or
- for the establishment, exercise or defense of legal claims.
The right to restrict the processing of Personal Data
You have the right to restrict the processing of your Personal Data in the following cases:
- to contest the accuracy of your Personal Data;
- when the processing is unlawful, but you do not want the Personal Data to be erased; or
if you object to the processing of your Personal Data, pending the verification of that objection.
If processing is restricted on this basis, we may continue to store your Personal Data. However, we will only process the data with your explicit consent for the establishment, exercise or defense of legal claims, to protect the rights of another natural or legal person or for reasons of essential public interest.
The right to object
You have the right to object to our processing of your Personal Data in the following cases:
if we process your Personal Data for direct marketing purposes (including profiling for these purposes) based on our legitimate interest; and
because of your specific situation (your special personal circumstances).
The right to data transfer (“data portability”)
If you wish to exercise your right to data portability, we will transfer the Personal Data in a structured, commonly used and machine-readable format to a data controller of your choice.
The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is your consent, you have the right to withdraw this consent at any time. However, this withdrawal does not affect the lawfulness of the processing that took place before the withdrawal.
The right to complain to a supervisory authority
You can contact the Data Protection Authority at any time by sending an e-mail to firstname.lastname@example.org or by sending a written request to the Data Protection Authority, located at Drukpersstraat 35, 1000 Brussels (Belgium).
Reference to third parties
It is possible that the Website contains links to other websites that are not operated by us. Although we make every effort to ensure that the links only lead to websites that have corresponding security and confidentiality standards, we are in no way responsible for the protection and confidentiality of Personal Data, including the data you provide on other websites, after you have left the Website.
We emphasize to proceed carefully and to always consult the privacy statement that applies to the website in question before providing personal data on other websites.
We have the right to change this privacy statement at any time by publishing a new version on our Website.
We recommend that you consult the Website on a regular basis to verify whether you agree with any changes to this privacy statement.
You will in any case be informed by e-mail of any changes to this privacy statement insofar as we have your e-mail address.
'Sec' uses "cookies" whenever you use the Website. A "cookie" is information that is sent to your device via the server and is stored on the device's hard drive. Cookies help 'Sec' to recognize your device when you use the Website. In this way 'Sec' is enabled to make the processing more user-friendly and to offer you a personalized service.
For more information, we refer to our cookie statement, which you can find on our Website.