Every visitor on our website shares a minimum of personal data. This data allows us to identify you as a human individual, regardless if we actually use this information or not. Collecting and processing personal data is legislated through a number of strict regulations determined by law, most notably the privacy-law of december 8, 1992. Because your privacy is important to us, we’ve formed a Privacy Statement.
Who is responsible for the processing?
The privacy-law makes a distinction between those responsible for processing, and the parties who do the actual processing. This distinction is very important to make sure that any uncertainties around the responsibilities concerning this subject are avoided.
Responsible for the processing of data?
The organisation or individual responsible for the processing process, also called the data controller, can be any individual or legal entity who determines the juridical en technical resources needed for the processing of personal data. For Baldwin, this is:
BE0845 773 781
Who is the actual processor?
The actual processor is the individual or legal entity who does the processing of personal data, as commissioned by the data controller. This individual or legal entity is in charge of the technical aspects and functioning of the website (datatransmissions). This excludes any individual employees.
Naturally, the data controller must be extremely judicious when selecting this actual processor. The actual processor must be able to offer a number of guaranties with regard to technical and organisational safety measures concerning the processing of personal data, and must meet the legal requirements as stated in artical 16, §1 in the privacy-law.
The data controller is not held accountable at the occurrence of loss or corruption of data, identity theft, data theft, viruses, Trojan horses, SQL-injections or other forms of attacks on the information-systems or online cloud services. The actual processor independently chooses the most appropriate technical applications suited for the processing of data, and does so from his own autonomous and professional expertise. Therefor, he holds all accountability, not the data controller.
For what purposes is my personal data used?
Baldwin collects personal data for one purpose only: we want to give our visitors a safe, positive and personal user experience. Therefor, this data processing procedure is essential for the functioning of the website and its corresponding services. The data is used for the following (internal) objectives:
- Giving the user acces to his/ her user’s profile, which they can use to make purchases on our webshop.
- Offering and improving our personalised and general services; including billing purposes, relevant information, newsletters and special offers that are useful and/or necessary for the user, receiving and processing of user reviews and offering customer support.
- Detecting and safeguarding against fraud, errors and criminal behaviour.
We will never hand out any personal data for external analysis without performing a predetermined anonymization.
By using our website, our user explicitly gives permission for the processing of his/ her personal data by Baldwin. Baldwin emphasises that the processing of personal data by third parties is necessary for the execution of an agreement in which all parties are involved, as well as executing specific measures prior to that agreement, which were made on request of the user himself/ herself.
Considering the fact that technology is constantly evolving, it is impossible to make an accurate assessment on our future website services. Therefor, it is paramount that the permission to use personal data refers to the use of this data in function of the development and improvement of new future services and functionalities, as long as these match the initial objectives of our website.
Proper technical functioning;
We collect and process personal date to guarantee a technically good functioning website. The website uses a number of tools to optimise the user experience and detect potential (technical errors within the website;
- Login information: this refers to information like IP-address and multiple telecommunication data.
- Information referring to used hardware, software and/ or network information.
- Local storage information.
The website also collects anonymous data, more specifically: technical data which is used exclusively for internal purposes to try and determine the user’s navigation on the website.
Will my data be used outside of the EU (or handed out to third parties)?
The personal data is first and foremost used internally by Baldwin. Rest assured: we do not sell, transfer or share any personal data with third parties who are bound to us. Data may be shared with third parties when:
- There is an explicit agreement between involved parties;
- When the transaction of data is necessary for the execution on an agreement. This will be the case with employees, agents, subcontractors, wholesale merchandisers, commercial partners, marketingservices, etc.;
- When the transaction of data is necessary for the closure or execution of an agreement between the user, the organisation or individual responsible for the processing process, and a third involved party, when the user is in need of ending that transaction. For example, in case of fraude;
- When the transaction of data is necessary or obligated by law (substantial public interest or right);
The individual involved is aware of the confidential processing of his/her personal data , if Baldwin was ever to be taken over or sold. If this is the case, Baldwin will communicate the needed information to every party involved.
Baldwin in a Belgian enterprise. Nonetheless, the processing of data or datatransfers to non-European countries may occur. In accordance with article 21 of he privacy-law, personal data may only be transfered to countries who guarantee a comparable level of security and where a considerable amount of measures within the privacy-law are laid down and warranted. As a result, the country, duration of transfer and storage, the nature and exact purposes of the data are critical elements that must always be reviewed.
Baldwin garandeert dat er geen overdracht naar derde landen voor gegevensverwerking of –opslag plaats heeft zonder dat de nodige maatregelen genomen zijn om te voldoen aan de beschermingsvereisten uit de Belgische Privacywet. Deze overdracht zal slechts plaats vinden op basis van één van de gronden zoals vermeld in artikel 2.
Is location-data saved?
The analytical data of Baldwin do show location-data. This data gives the possibility to determine your approximate location on a map. These indications (based of an IP-adres) are anything but specific and are insufficient to trace your exact location.
In other words, we do not use this information to identify you. We use it to guarantee the correct technical operation of our website.
What are my rights?
Guarantee of a legitimate and safe processing procedure of the personal data
Every user can assume that Baldwin processes data ‘correctly and legitimately’. This means the data is used explicitly for the previously described and justified purposes. Baldwin guarantees that the processing of data always occurs sufficient, nugatory, and non-excessive.
We never hold on to personal data longer than necessary. We do however maintain an archive with data, for as long as your account is active, or when this data is needed to offer you a specific service.
Baldwin has implemented a sufficient amount of technical and organisational safety measures to guarantee safe data-processing. These safety measures are in relation with the nature of the personal data and the potential risks.
De risks of a coincidental or an illicit liquidation, loss, alteration of acces, or any other unauthorised proces have been reduced to a minimum. Unfortunately, this does not mean there are no risks. In case of a breach in our information databases, we will undertake every measure within our power to reduce damage and/or theft to an absolute minimum.
Right of opposition
Every user has the right to oppose the use of his/her personal data. This right of opposition only exists when there are consequential en justifiable reasons in relation to exceptional situations. The exception of artikel 5, (b) en (c) of the Privacy-law are applicable to this right of opposition as well.
The user is allowed to oppose any predetermined transactions of personal data, at any time, free of charge and without declaring any justification, when this data has been obtained through direct forms of marketing.
The user is allowed to request the deletion of his/her personal data, at any time, free of charge and without declaring any justification. The user can practise this right by a written request to Baldwin per post or per e-mail at firstname.lastname@example.org. Baldwin commits itself to comply to this within 15 working days.