Domaine_Witry_LOGO_couleur

Privacy Policy

Purpose

This Policy is established by ARTLIX located at Rue de Huy, 99 B-4300 Waremme (Belgium) registered under the registration number: BE 0809 837 558 (hereinafter referred to as “the data controller”).

The purpose of this Policy is to inform visitors of the website hosted at the following address: www.domainewitry.be (hereinafter referred to as the “website”) about how data is collected and processed by the data controller.

This Policy is part of the data controller’s desire to act with full transparency, in compliance with its national provisions and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection Regulation”).

The data controller pays particular attention to the protection of the privacy of its users and therefore commits to taking the necessary reasonable precautions to protect the collected personal data against loss, theft, disclosure, or unauthorized use.

“Personal data” is defined as all personal data concerning the user, i.e., any information that allows him/her to be identified directly or indirectly as a natural person.

If the user wishes to react to any of the practices described below, he/she may contact the data controller at the postal address or email address specified in the “contact data” section of this Policy.

What data do we collect?

The data controller collects and processes, according to the methods and principles described below, the following personal data:

  • Its domain (automatically detected by the server of the data controller), including the dynamic IP address;
  • Its email address if the user has previously revealed it, for example by sending messages or questions on the website, communicating with the data controller by email, participating in discussion forums, accessing the restricted part of the website by means of identification, etc;
  • All the information concerning the pages that the user has consulted on the website;
  • Any information that the user has voluntarily given, for example in the context of information surveys and/or registrations on the website, or by accessing the restricted part of the website by means of identification.

We also collect the following data:

  • Data to contact you (name, first name, address, date of birth, gender, and more generally all the data that you fill in directly when creating your customer account or registering for a contest).
  • Data related to your orders

It is possible that the data controller may also collect non-personal data. These data are qualified as non-personal data because they do not allow the direct or indirect identification of a particular person. They can therefore be used for any purpose, for example, to improve the website, the products and services offered, or the advertisements of the data controller.

In the event that non-personal data were combined with personal data so that identification of the persons concerned would be possible, these data will be treated as personal data until their linkage with a particular person is made impossible.

Methods of collection

The data controller collects personal data in the following ways:

  • When you contact us proactively, usually by phone or email;
  • During your visit to our website or in a sales location (e.g., hair salon);
  • Newsletters;
  • Social networks;

Purposes of processing

Personal data is only collected and processed for the purposes mentioned below:

  • To ensure the management and control of the execution of the services offered;
  • Sending and monitoring of orders and invoicing;
  • Sending promotional information about the products and services of the data controller;
  • Sending promotional material;
  • Responding to user questions;
  • Producing statistics;
  • Improving the quality of the website and the products and/or services offered by the data controller;
  • Transmitting information about new products and/or services of the data controller;
  • For commercial prospecting actions;
  • To allow a better identification of the user’s interests.

The data controller might perform processing that is not yet provided for in this Policy. In this case, it will contact the user before reusing his/her personal data, to inform him/her of the changes and to give him/her the possibility, if applicable, to refuse this reuse.

Legitimate interests

Some of the processing carried out by the data controller is based on the legal basis of its legitimate interests. These legitimate interests are weighed against the respect for the user’s rights and freedoms. If the user wishes to be informed of the details of the purposes based on the legal basis of legitimate interests, he/she is advised to contact the data controller (see the section on “contact data”).

Duration of retention

Generally, the data controller only keeps personal data for the time necessary for the purposes pursued and in accordance with legal and regulatory requirements.

The personal data of a customer are kept for a maximum of 10 years after the end of the contractual relationship that binds this customer to the data controller.

At the end of the retention period, the data controller makes every effort to ensure that personal data have been made unavailable and inaccessible.

Application of rights

For all the rights listed below, the data controller reserves the right to verify the user’s identity for the application of the rights listed below.

This request for additional information will be made within a month from the introduction of the request by the user.

Access to data and copy

The user can obtain free written communication or a copy of the personal data concerning him/her that have been collected.

The data controller may require the payment of reasonable fees based on administrative costs for any additional copy requested by the user.

When the user introduces this request electronically, the information is provided in a commonly used electronic form, unless the user requests otherwise.

Except for exceptions provided by the General Data Protection Regulation, the copy of his/her data will be communicated to the user at the latest within one month after the receipt of the request.

Right to rectification

The user can obtain free of charge, as soon as possible and at the latest within a month, the rectification of his/her personal data that would be inaccurate, incomplete, or irrelevant, as well as complete them if they prove to be incomplete.

Except for exceptions provided by the General Data Protection Regulation, the request to apply the right to rectification is processed within the month of the introduction of it.

Right to object to processing

The user can at any time, for reasons relating to his/her particular situation, object free of charge to the processing of his/her personal data, when:

  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;
  • The processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, unless the interests or fundamental rights and freedoms of the concerned person requiring protection of personal data prevail (in particular when the concerned person is a child).

The data controller may refuse to implement the user’s right to object when it establishes the existence of compelling and legitimate reasons justifying the processing, which override the interests or rights and freedoms of the user, or for the establishment, exercise, or defense of legal claims. In case of dispute, the user can introduce a complaint in accordance with the “complaint and grievance” section of this Policy.

The user can also, at any time, object without justification and free of charge, to the processing of personal data concerning him/her when his/her data are collected for the purposes of commercial prospecting (including profiling).

When personal data are processed for scientific or historical research purposes or statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object, for reasons relating to his/her particular situation, to the processing of personal data concerning him/her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Except for exceptions provided by the General Data Protection Regulation, the data controller is required to respond to the user’s request as soon as possible and at the latest within a month and to justify its response when it intends not to give follow-up to such a request.

Right to limitation of processing

The user can obtain the limitation of processing of his/her personal data in the cases listed below:

  • When the user disputes the accuracy of a data and only for the time that the data controller can check this;
  • When the processing is unlawful and the user prefers the limitation of processing to the erasure;
  • When, although no longer necessary for the pursuit of processing purposes, the user needs it for the establishment, exercise, or defense of legal claims;
  • During the time necessary to examine the founded nature of an opposition request introduced by the user, in other words, the time that the data controller proceeds to the verification of the balance of interests between the legitimate interests of the data controller and those of the user.

The data controller will inform the user when the limitation of processing is lifted.

Right to erasure (right to be forgotten)

The user can obtain the erasure of personal data concerning him/her when one of the following reasons applies:

  • The data are no longer necessary in relation to the purposes of the processing;
  • The user has withdrawn his/her consent to his/her data being processed and there is no other legal ground for the processing;
  • The user objects to the processing and there is no overriding legitimate reason for the processing and/or the user exercises his/her specific right to object to direct marketing (including profiling);
  • The personal data have been unlawfully processed;
  • The personal data have to be erased for compliance with a legal obligation (in Union or Member State law) to which the data controller is subject;
  • The personal data have been collected in relation to the offer of information society services directed to children.

However, the erasure of data is not applicable in the following cases:

  • When the processing is necessary for exercising the right of freedom of expression and information;
  • When the processing is necessary for compliance with a legal obligation which requires processing by Union or Member State law to which the data controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;
  • When the processing is necessary for reasons of public interest in the area of public health;
  • When the processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes and insofar as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing;
  • When the processing is necessary for the establishment, exercise, or defense of legal claims.

Except for exceptions provided by the General Data Protection Regulation, the data controller is required to respond to the user’s request as soon as possible and at the latest, within a month and to justify its response when it intends not to give follow-up to such a request.

Right to "data portability"

The user can at any time, request to receive free of charge his/her personal data in a structured, commonly used and machine-readable format, in order to transmit them to another data controller, when:

  • The processing of data is carried out by automated means;
  • The processing is based on the user’s consent or on a contract concluded between the latter and the data controller.

Under the same conditions and according to the same modalities, the user has the right to have the personal data concerning him/her transmitted directly from one data controller to another data controller, insofar as this is technically feasible.

The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.

Recipients of data and disclosure to third parties

The recipients of the collected and processed data are, in addition to the data controller itself, its employees or other subcontractors, its carefully selected commercial partners, located in the European Union, and who collaborate with the data controller in the context of the marketing of products or the provision of services.

In the event that the data would be disclosed to third parties for direct marketing or commercial prospecting purposes, the user will be previously informed so as to be able to choose to accept the transfer of his/her data to third parties.

Since this transfer is based on the user’s consent, he/she can, at any time, withdraw his/her consent for this specific purpose.

The data controller complies with the legal and regulatory provisions in force and will ensure in all cases that its partners, employees, subcontractors, or other third parties having access to these personal data respect this Policy.

The data controller discloses the personal data of the user in the event that a law, a judicial procedure, or an order from a public authority would make this disclosure necessary.

No transfer of personal data outside the European Union is carried out by the data controller.

Security

The data controller implements appropriate technical and organizational measures to ensure a level of security of the processing and the collected data commensurate with the risks presented by the processing and the nature of the data to be protected adapted to the risk. It takes into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of the processing as well as the risks for the rights and freedoms of users.

The data controller always uses encryption technologies that are recognized as industrial standards within the IT sector when it transfers or receives data on the website.

The data controller has put in place appropriate security measures to protect and prevent the loss, misuse, or alteration of the information received on the website.

In the case where the personal data that the data controller controls were to be compromised, it will act quickly to identify the cause of this breach and take the appropriate remediation measures.

The data controller informs the user of this incident if the law requires it.

Le responsable du traitement utilise toujours les technologies de cryptage qui sont reconnues comme les standards industriels au sein du secteur IT quand il transfère ou reçoit les données sur le site web. 

Le responsable du traitement a mis en place des mesures de sécurité appropriées pour protéger et éviter la perte, l’usage abusif ou l’altération des informations reçues sur le site web. 

Dans le cas où les données à caractère personnel que le responsable de traitement contrôle devaient être compromises, il agira rapidement afin d’identifier la cause de cette violation et prendre les mesures de remédiation adéquates. 

Le responsable de traitement informe l’utilisateur de cet incident si la loi l’y oblige.

Complaint and grievance

If the user wishes to react to any of the practices described in this Policy, he/she is advised to contact directly the data controller.

The user can also lodge a complaint with his/her national supervisory authority, whose contact details are listed on the official website of the European Commission: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Furthermore, the user has the possibility to lodge a complaint with the competent national courts.

L’utilisateur peut également introduire une réclamation auprès de son autorité nationale de contrôle, dont les coordonnées sont reprises sur le site officiel de la Commission européenne : http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. 

En outre, l’utilisateur a la possibilité de porter plainte devant les juridictions nationales compétentes. 

Contact data

For any question and/or complaint, related to this Policy, the user can contact the data controller:

ARTLIX
By email: info@domainewitry.be
By mail: Rue de Huy, 99 B-4300 Waremme (Belgium)

Modification

The data controller reserves the right to modify at any time the provisions of this Policy. The modifications will be published directly on the website of the data controller.

Applicable law and competent jurisdiction

This Policy is governed by the national law of the place of the main establishment of the data controller.
Any dispute relating to the interpretation or execution of this Policy will be submitted to the jurisdictions of this national law.
This version of the Policy is dated 27/07/2023.

Domaine_Witry_LOGO_blanc

Links

Address

Rue des Auches, 48
B-5570 Vonêche

Contact us

Ovaicon-instagram-2

© Copyright Domaine Witry. All rights reserved

CookiesRGPD

Created by IDDUP