Privacy policy

Details of the data controller and data protection officer

The controller for the purposes of the GDPR, other data protection legislation in the EU Member States and other relevant data protection regulations is:

The Service Company SRL

Chaussée de Louvain 47,

1410 Waterloo, Belgium

The data protection officer can be contacted at the following address: arnaud@servicecompany.be 

Purposes of processing and legal principles governing the processing of your personal data

We collect, process and use your personal data for the following purposes:

• Drawing up and executing contracts
• Distribution of newsletters and product reviews
• Marketing activities such as prize draws
• Customer service and support
• The provision of media services, e.g. for processing orders for the products and services we offer online.

Your personal data may be processed on the basis of the following legal principles: 

Article 6, paragraph 1, letter a), of the GDPR serves as the legal basis for processing activities for which we obtain your authorisation/consent for a specific processing purpose.

Article 6(1)(b) of the GDPR states that personal data may be processed for the performance of a contract, e.g. when purchasing a product. The same applies to any processing activity that is necessary for the performance of pre-contractual activities, such as the processing of requests for information about products or services.

Article 6(1)(c) of the GDPR applies in cases where we are bound by a legal obligation that requires personal data to be processed, for example to comply with tax obligations.

Article 6(1)(d) of the GDPR states that personal data may be processed in order to protect your vital interests or those of another natural person.

Article 6(1)(f) of the RGPD applies to our legitimate interests, for example when using service providers to carry out orders (e.g. delivery services), when carrying out surveys and statistical analyses or when attempting to log in. Our interest lies in providing you with a user-friendly, attractive and secure website and in optimising it to meet our commercial interests while at the same time meeting your expectations.

Pursuant to Article 6, paragraph 1, letter f) of the RGPD, our website collects a series of general data and information on each access, which are temporarily stored in the log files of a server. A log file is created as part of the automatic connection made by the processing computer system. The following data may be collected:

• Website access (date, time and frequency)
• • How you arrived on the website (landing page, hyperlink, etc.)
  • Volume of data transmitted
  • The browser and browser version you are using
  • The operating system you are using
  • The Internet service provider you use
  • The IP address that your Internet service provider assigns to your computer when you connect to the Internet
    

The collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to correctly deliver the content of our website. We also use the data to optimise our website and ensure the security of our IT systems. For this reason, data is stored for a maximum of seven days as a technical precaution.

We also use this data for marketing purposes, product advice, market research and structuring our services to meet demand by creating and analysing user profiles under pseudonyms, provided that you have not asserted your right to refuse or withdraw your authorisation/consent for the use of your data in this way (see notes on your right to object under "Your rights"). This includes the "Remember me" function, which you can also deactivate in your user account.

a) Establishing contact

When you contact us by telephone, e-mail or via the contact form, the information you provide will be recorded by us on the basis of Article 6(1)(a) of the RGPD in order to answer your questions. The contact will be logged in order to provide proof of contact, in accordance with legal requirements. Your consent will be obtained for data processing by completing the contact form and reference will be made to this Data Protection Policy. The data collected in this respect will be deleted by us at the end of the interview in question, and when the matter in question has been definitively settled.

b) Registration

On our website, we offer you the option of registering by providing personal data. This data is entered into a data registration form, sent to us and stored by us. Registration is carried out in order to fulfil a contract or to carry out pre-contractual activities, and is therefore based on Article 6, paragraph 1, letter b ), of the RGPD.

In order to conclude and execute contracts, we need contact details that depend on the specific case, such as name, delivery address, billing address, e-mail address and information about the payment method you have chosen. We also use your data to update our customer data, for which only relevant data is stored. To avoid typographical errors and to ensure that the products you order actually reach you, we check that your address is complete and correct when it is entered.

c) Guest orders

You have the option of submitting orders as a guest. If you choose this ordering method, you do not need to register before submitting your order. Please note that you will need to re-enter your details when placing any future orders.

We collect, process and use the data provided by you for orders as a guest for the purposes of fulfilling the contract in accordance with Article 6(1)(b) of the GDPR. We store the information you provide for the duration of the processing and fulfilment of your order. Your data is then deleted unless you decide to activate your customer account within 14 days of placing your order. Data that must be stored in accordance with legal obligations, statutes or contractual retention requirements will be restricted rather than deleted to prevent its use for other purposes.

d) Miscellaneous clauses

On the basis of Article 6(1)(c) and (f) of the GDPR, we use and store your personal data and technical information where necessary to prevent or investigate misuse or other unlawful behaviour on our website, e.g. to maintain data security in the event of attacks on our computer systems. This may also be done on the basis of orders issued by public authorities or judicial bodies, insofar as we are required to do so by law, as well as to safeguard our rights and interests and to enable us to defend ourselves in court.

a) Transfer to affiliated companies of the Group in accordance with Article 6, paragraph 1, letter b), of the RGPD

We transfer your personal data to affiliated companies of the Group for the purpose of concluding and executing contracts relating to the performance of deliveries and services on our website, for storage in central databases and for the Group's internal invoicing and accounting purposes. In particular, this is necessary so that you can use all our services. If you wish to collect your order from the point of sale, the latter will be informed of your order and will process it. If you contact a point of sale or our customer hotline with questions, complaints or returns, they will also have access to your order data so that they can answer your questions.

b) Transmission to product partners in accordance with Article 6(1)(b) of the RGPD

As part of the services and products we offer on our website, we work with various partner companies for certain product groups. If you order products from these partners, we will pass on the personal data you provide during registration and, if further purchases are made, your additional personal data specified under "My account" for the conclusion and performance of contracts (in particular your e-mail address, delivery address and billing address). Your contractual partner will be specified on the relevant product pages, in the General Terms and Conditions of Sale and in the Legal Notice. Please note that your contractual partner is itself responsible for its own data security precautions and that additional or different Privacy Policies may apply to those Product Pages.

c) Transmission to service partners in accordance with Article 6(1)(b) and (f) of the RGPD

For the operation and optimisation of our website and for the performance of contracts, we commission various service companies to act on our behalf, e.g. to provide centralised IT services, host our website, process payments and ship products, install equipment or distribute newsletters. We pass on the information required for the respective purposes to these service partners (e.g. name, address).

Some of these companies (bpost SA under public law) act on our behalf with regard to the processing and execution of orders and are therefore only authorised to use the data provided in accordance with our instructions. In this case, we are legally obliged to ensure that the companies we use take adequate data security precautions. We therefore agree specific data security measures with these companies and monitor these measures on a regular basis.

Where the products to be shipped are large and heavy, your order will be shipped via a service provider such as DHL Global Forwarding, UPS or DPD Belgium. These service providers will receive information from us, such as the email address provided by you with your order, to enable them to arrange a specific delivery time with you.

Contrary to the requirements for external processing, we pass on data to third parties in the following cases for the purpose of fulfilling the contract, in which case these parties are themselves responsible for the use of the data:

 

• In the case of product shipment, data is transmitted to logistics companies or to the postal service provider specified in the order.
• As regards payment for the products ordered, the data is transmitted to the payment organisation or a financing bank indicated in the order. When a credit card is used as a method of payment, a security check based on the transaction will be carried out with the help of payment organisations such as Atos Worldline, Ingenico, Verifone, Bancontact, Master Card, PayPal and VISA in order to prevent any credit card fraud.

 

For payment purposes, we do not collect or store payment information such as credit card numbers or account details. This information is solely and directly transmitted to the payment organisation in question. When a credit card is used as a payment method, one exception is the "pseudo card number". In order to avoid you having to re-enter your credit card details each time you make a payment, a pseudo card number is saved on your customer account. This pseudo card number is only used to pay for products and services on our website, ordered under your customer account, and is not identical to your credit card number.