PRIVACY POLICY

Privacy policy

Last updated on 31-08-2023.

1. Welcome

We are Cara Europe, a IVZW, located at TEUTSEWEG 25, 3520 ZONHOVEN BELGIUM, with company registration number BE0649867534.

In this Privacy Policy, we explain the personal information we collect as a ‘data controller’ and how we use and share it to improve our services.

This Privacy Policy is an integral part of our General Terms and Conditions.

2. Personal Data

The limited personal data we retain is collected in the following ways:

  • Website: When you visit our website, certain data is recorded through cookies (including your IP address) to maintain and improve our website. More information about these cookies can be found in our separate Cookie Policy.
  • Business Relationship: When you contact us in the context of our services as a (potential) customer or partner, we process your full name, contact details (email address, phone number, office and/or residential address), and other necessary data for orders, invoicing, or collaboration (such as your bank details, contact history, or data related to your previous orders).
  • Marketing: If you explicitly grant us permission, we process your full name and email address to send you direct marketing, newsletters, promotions, and offers related to our products and services. You can easily opt out of this at any time.

[additional personal data if relevant]

While you are never obligated to provide personal data, refusing to provide necessary information may hinder or make it impossible for us to provide our services.

3. Processing Purposes

We process personal data for general customer and order management or to deliver our services. This includes customer administration, order and delivery tracking, invoicing, responding to inquiries, and for marketing purposes.

Processing is based on the following legal bases:

  • Your consent
  • Necessary for the performance of a contract
  • Necessary to comply with a legal obligation
  • To protect your vital interests or those of another person
  • For the performance of a task carried out in the public interest
  • Necessary for the purposes of legitimate interests pursued by us Where personal data processing is based on your explicit consent, you have the right to withdraw consent at any time.

4. Sharing with Third Parties

If necessary for the stated purposes, we may share personal data with employees and professional partners. Our partners will take the necessary technical and organizational measures to protect this data.

We will never commercialize your personal data to third parties. In the event of potential reorganization, bankruptcy, or business transfer, data related to our operations might be transferred to third parties.

In limited cases, we might also be obligated to share personal data based on a court order or mandatory legislation, such as for fraud prevention or security issues, or to protect our rights.

5. Retention Period

We process and retain personal data for a reasonable period necessary to achieve the specified purposes, based on our contractual relationship, to comply with legal requirements, or within reasonable time-limited retention mechanisms (backups).

6. Your Rights

All individuals whose personal data we hold have the right to:

  • Access their personal data
  • Correct or complete their personal data if inaccurate or incomplete
  • Erase their personal data
  • Restrict processing of their personal data
  • Object to the processing of their personal data for legitimate reasons
  • Transfer their personal data to another company To exercise these rights, you can contact us by mail or at [email address]. We will need to verify your identity upon receiving your request.

7. Complaints

If you have comments or questions about our privacy policy, we’d like to hear from you.

All individuals whose personal data we hold also have the right to lodge a complaint with the Commission for the Protection of Privacy (Drukpersstraat 35, 1000 Brussels, commission@privacycommission.be).

8. Security

We implement at least the usual technical and organizational security measures reasonably expected to safeguard your personal data from destruction, loss, alteration, forgery, dissemination, or unlawful access.

Personal data is only transferred to a partner outside the European Economic Area if that country ensures an adequate level of protection for your personal data. Before sharing personal data with a partner in the United States, we require a separate processing agreement or certification according to the Privacy Shield Framework (www.privacyshield.gov).

We cannot be held liable for incorrect or unlawful use of personal data by a third party. Additionally, you remain responsible for the confidentiality and use of your computer, IP address, login, and identification data.

9. Your Privacy

Your privacy is important to us.

We make every effort to protect it and attach great importance to complying with (i) the Law of 8 December 1992 on the protection of privacy with regard to the processing of personal data (as amended by the Law of 11 December 1998, “Personal Data Processing Act”); (ii) the anti-spam provisions of Book XII of the Economic Law Code regarding the right of the electronic economy; and (iii) the European Regulation 2016/679 of 27 April 2016 on the protection of personal data (“General Data Protection Regulation”).