Claudia Collections BV pays particular attention to protecting the privacy of its users and is therefore committed to taking reasonable precautions to protect the collected personal data against loss, theft, disclosure or unauthorized use.
The Claudia Collections BV Privacy Policy is available here. It informs you about how we collect, store and process your personal data and about your rights.
Therefore, and in accordance with the General Data Protection Regulation (GDPR), you have the right to object to this processing by Claudia Collections BV.
If you would like to comment on any of our practices/actions or have specific questions, please contact the Data Controller at the email address below: info@claudiacollections.com.
PRIVACY POLICY FOR THE CLAUDIA COLLECTIONS WEBSITE
This privacy policy (the Privacy Policy) has been drawn up by Claudia Collections BV, with registered office at Ringlaan 134 in 2240 Zandhoven, registered in the Crossroads Bank for Enterprises under number 0717.627.675
(hereinafter referred to as the “Controller”).
The Privacy Policy informs visitors of the following website: www.claudiacollections.com (hereinafter referred to as the “Website”) about the way in which personal data is collected and processed by the Controller.
The Privacy Policy is an expression of the Controller's intention to act in all transparency, in accordance with the Law on the protection of natural persons with regard to the processing of personal data in accordance with July 30, 2018 and with Regulation (EU ) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
(hereinafter referred to as the “General Data Protection Regulation”).
The Controller pays particular attention to the protection of the private life of its users and therefore undertakes to take all necessary and reasonable measures to protect the personal data of these persons against loss, theft, disclosure or unauthorized use thereof .
"Personal data" means any information about an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly.
If the user wishes to respond to one of the provisions mentioned below, he can contact the Controller at the postal address or e-mail address indicated in the point “contact details” of the Privacy Policy.
What data do we collect?
The Controller collects and processes, according to the modalities and principles described below, the following personal data:
● the user's domain (automatically picked up by the Controller's server), including the dynamic IP address
● the e-mail address of the user if the user has entered it in advance, for example by posting messages or asking questions on the Website, by communicating by e-mail with the Controller, by participating in discussion forums, by identify to access a limited part of the Website, etc.
● all information relating to the pages visited by the user on the Website
● all information provided voluntarily by the user, for example in the context of surveys and/or a registration on the Website, or by identifying himself in order to access a limited part of the Website.
The Controller may also collect data that does not have a personal character. These data are qualified as non-personal data and do not allow a specific person to be directly or indirectly identified. This data can therefore be used for any purpose, for example to improve the Website, to improve the products and services offered or to improve publications of the Controller.
In the hypothesis that personal data are combined with data of a non-personal nature, so that it is possible to identify the persons concerned, these data will be processed as personal data until the persons concerned can no longer be identified on the basis of the data in question, because the link between the personal and non-personal data is nullified.
Method of data collection
The Controller collects the data in the following ways:
● via a contact form
● by subscribing to a newsletter
● via the customer zone
● via the webshop
Purposes of processing
The personal data is collected and processed for the following purposes:
● ensure management and control over the implementation of the services offered;
● sending and following up on orders and invoices;
● sending promotional information regarding the products and services by the Controller;
● sending promotional material;
● answering user questions;
● realizing statistics;
● improving the quality of the Website and the products and/or services by the Controller;
● forwarding information regarding new products and/or services by the Controller;
● commercial prospecting;
● allow the user's interests to be better identified.
We also collect and process personal data for the following purposes:
● transfer of data to a business partner
● transfer of data to a subsidiary or member of the group to which the controller is affiliated
● data transfer outside the EU under a subcontract with contract clauses that meet the requirements
The Controller may be forced to carry out processing operations that have not yet been included/provided for in this Privacy Policy. In such a case, the Controller will contact the user before using his personal data, in order to inform the user of the changes and to give him the opportunity, where appropriate, to refuse such use.
Legitimate interests
Certain processing operations by the Controller are based on the legal basis of its legitimate interest. These legitimate interests are proportional to the respect of the user's rights and freedoms. If the user wishes more information about the processing purposes based on legitimate interest, he is invited to contact the Controller (see "contact details" in this Privacy Policy).
Duration of storage
The Controller generally only retains personal data for the period reasonably necessary to achieve the stated purposes and in accordance with legal and regulatory requirements.
The personal data of a customer is stored for a maximum of 10 years after the termination of the contractual relationship that binds the customer to the Controller.
At the end of the retention period, the Controller will make every effort to ensure that the personal data has been made unavailable and inaccessible.
Exercise of rights
With regard to all rights mentioned below, the Controller reserves the right to verify the identity of the person concerned.
This additional information will be requested by the person concerned within a period of one month after the request.
Access to the data and copies
The user can obtain, free of charge, his written correspondence or a copy of his personal data processed by the Controller.
The Controller may require the user to pay all reasonable costs, based on the administrative costs for each additional copy requested by the user.
As soon as the user submits this request electronically, the information will also be delivered electronically, unless the user wishes otherwise.
Unless otherwise stipulated in the General Data Protection Regulation, the copy of his data will be communicated to the data subject no later than one month after receipt of his request.
Right to improvement
The user can request, free of charge, the correction of his personal data if they contain errors, are incomplete or irrelevant, as well as request that his data be completed if they prove to be incomplete.
Unless otherwise stipulated in the General Data Protection Regulation, the application will be processed within one month of its submission.
Access to the data and copies
The user can obtain, free of charge, his written correspondence or a copy of his personal data processed by the Controller.
The Controller may require the user to pay all reasonable costs, based on the administrative costs for each additional copy requested by the user.
As soon as the user submits this request electronically, the information will also be delivered electronically, unless the user wishes otherwise.
Unless otherwise stipulated in the General Data Protection Regulation, the copy of his data will be communicated to the data subject no later than one month after receipt of his request.
Right to improvement
The user can request, free of charge, the correction of his personal data if they contain errors, are incomplete or irrelevant, as well as request that his data be completed if they prove to be incomplete.
Unless otherwise stipulated in the General Data Protection Regulation, the application will be processed within one month of its submission.
The right to object to the processing
The user can, at any time, for reasons related to his personal situation, oppose the processing of his personal data free of charge:
● when the processing is necessary for the performance of a task in the public interest or for a task in the exercise of public authority;
● where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, provided that the interest or fundamental rights and freedoms of the data subject do not override that interest (particularly when the data subject is a child).
The Controller may refuse to implement the user's objection if it establishes the existence of compelling and legitimate reasons justifying the processing, which prevail over the interests or rights and freedoms of the user, or if they are used for a legal dispute, conducting a legal defense or for the exercise of rights. In the event of a dispute, the user can appeal against this in accordance with what has been determined in the point “objection and complaints” of the Privacy Policy.
The user can, at any time, without any justification and free of charge, oppose the processing of his personal data, if these data were collected for commercial prospecting (including profiling).
If the personal data are used in the context of scientific or historical research or for statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object to the processing of his personal data, for reasons related to his personal situation, unless the processing is necessary for a task in the exercise of official authority.
Unless otherwise stipulated in the General Data Protection Regulation, the Controller is obliged to answer the user's question within a reasonable period of time and at the latest within one month and must justify its answer if it does not intend to respond favorably to the user's question. grant to the user.
The right to restriction of processing
The user can obtain the restriction of the processing of his personal data in the following cases:
● when the user disputes the correctness of a data and only for the period that the Controller needs to verify this;
● when the use is unauthorized or when the user prefers the limitation of the operation to the erasure of the data;
● when the user needs this restriction for a dispute, exercise or defense in legal proceedings, although this is no longer necessary for the continuation of the purposes of the processing;
● during the period necessary to examine the merits of an objection request, in other words, the period that the Controller needs to weigh up the legitimate interests of the Controller against those of the user.
The Controller will inform the user as soon as the limitation of operation is lifted.
The right to erasure (right to be forgotten)
The user can obtain the erasure of his personal data if one of the following reasons applies:
● the data is no longer necessary in relation to the purposes of the processing;
● the user has withdrawn his consent to the processing of his data and there is no legal basis for further processing;
● the user opposes the processing and there is no compelling legitimate reason for further processing and/or the user exercises his special right of opposition with regard to direct marketing purposes (including profiling);
● the personal data has been the subject of unauthorized use;
● the personal data must be erased in order to comply with a legal obligation (under European Union law or the law of a Member State) to which the Controller is subject;
● the personal data was collected in the context of an offer to provide services aimed at children.
However, the deletion of the data does not apply in the following cases:
● as soon as the processing is necessary for the exercise of the right to freedom of expression and the right to information;
● as soon as the processing is necessary to comply with a legal provision that requires processing as provided for by European Union law or by the law of one of the Member States to which the Controller is subject, or when the processing is necessary for the fulfillment of a task of general interest or of a task in the exercise of public authority;
● as soon as the processing is necessary for reasons of public interest in the field of public health;
● as soon as the processing is necessary for archiving purposes in the public interest, for scientific or historical research or for statistical motives, and provided that the right to erasure may make it impossible to achieve the purposes of the processing or seriously impair the conduct;
● as soon as the processing is necessary for the contestation, exercise or defense in legal proceedings.Unless otherwise stipulated in the General Data Protection Regulation, the Controller is obliged to respond to the user's request for deletion within a reasonable period of time and at the latest within one month and must justify his response if he does not intend to the user's query.
The right to « data portability »
The user may, at any time, request to obtain, free of charge, his personal data in a structured and commonly used format, readable by machines, with a view to transferring it to another controller:
● if the processing of the data is carried out using automated processes; and
● if the processing is based on the consent of the user or on an agreement concluded between the latter and the Controller.
Under the same conditions and following the same modalities, the user also has the right to demand from the Controller that the personal data concerning him be transferred directly to another controller for the processing of personal data, insofar as this is technically possible.
The right to data portability does not apply to processing necessary for a task carried out in the public interest or in the exercise of official authority vested in the Controller.
Data recipients and disclosure to third parties
The recipients of the collected and processed data are, in addition to the Controller himself, the employees or other subcontractors, the carefully selected commercial partners, located in Belgium or the European Union, who collaborate with the Controller in the context of the commercialization of the products. or the provision of services.
In the event that the data would be disclosed to third parties for direct marketing purposes or for commercial prospecting purposes, the user will be informed in advance in order to allow him to accept or not the processing of his data by third parties.
Since this transfer is based on the consent of the user, the latter can revoke his consent at any time.
The Controller complies with all applicable legal and regulatory provisions and will in any case ensure that its partners, employees, subcontractors and other third parties who have access to the personal data comply with this Privacy Policy.
The Controller reserves the right to disclose the user's personal data if a law, a legal procedure or an order from a public authority would make such disclosure necessary.
Safety
The Controller takes appropriate technical and organizational measures to guarantee a level of security with regard to the processing of the collected data, in accordance with the risks that may arise with regard to the processing of the data and adapted to the nature of the data to be protected. facts. The Controller takes into account the state of knowledge, the costs of the works and the nature, purpose, context and purpose of the processing, as well as the risks to the rights and freedoms of users.
When receiving or sending data on the Website, the Controller always uses encryption technology that has been recognized within the IT sector as being the industry standard.
The Controller has taken the necessary security measures to protect the information obtained via the Website and to prevent its loss, misuse or alteration.
In the event that the personal data processed by the Controller is violated, it will act quickly to find out the cause and to remedy the situation. The Controller shall inform the user of this when required to do so by law.
Objections and complaints
The user can lodge an objection with the Belgian Data Protection Authority at the following address:
Data Protection Authority
Drukpersstraat 35, 1000 Brussels
+32 (0)2 274 48 00
+32 (0)2 274 48 35
contact(at)apd-gba.be
The user may also file a complaint with the competent courts.
Contact details
For any question and/or complaint, in particular with regard to the clarity and accessibility of the Privacy Policy, the user can contact the Controller:
By email: info@claudiacollections.com
By post: Ringlaan 134, 2240 Zandhoven
Applicable Law and Competent Jurisdiction
This privacy policy is subject to Belgian law.
The courts of the following judicial district have jurisdiction in the event of a dispute: Zandhoven
Miscellaneous provisions
The Controller reserves the right to change the provisions of this Privacy Policy at any time. The amendments will be published with notification of their entry into force.
This version of the Privacy Policy dates from 31/07/2023.