Privacy policy

1. Identity and Contact Details of the Data Controller

This privacy policy applies to all personal data processed by Aqualex NV, with registered office at Nijverheidslaan 60A, 8540 Deerlijk, with company number VAT BE0822.110.137, which is the data controller of this website.

The Data Controller attaches great importance to your privacy and processes your personal data in accordance with the European Regulation 2016/679 of 27 April 2016 concerning the protection of natural persons regarding the processing of personal data (hereinafter “GDPR”) as well as any future or additional legislation in implementation thereof, insofar as applicable.

For further questions or comments regarding the way we handle your personal data, you can always contact us, either by email at info@aqualex.be or by post at the above-mentioned address.

2. What Does “Processing Personal Data” Mean?

Processing personal data (hereinafter “data”) includes any processing of data that can identify you as a natural person. The type of data is described in this Privacy Policy. The concept of “processing” is very broad and includes, among other things, collecting, storing, using your data, or sharing it with third parties.

3. What Data Do We Process?

Below we clarify which data we may process about you. Depending on the concrete situation, your preferences, and the way you contact us, we may not process all of the data listed below.

General
For all our contacts, we may process the following data:

  • Electronic identification and usage data (e.g., IP address, browser type, location data)
  • Identification data (e.g., copy of your ID card in the context of a GDPR request)
  • Contact details (e.g., name, first name, address, email, etc.)
  • Contact history (e.g., emails, messages sent via web forms, etc.)
  • Company data (company number, registered office, …)

Customers and prospects
From our customers, prospects, and participants in competitions or events within the context of our commercial activities, we may additionally process:

  • Order and payment data
  • Installation data
  • Contracts, quotes, order forms
  • After-sales data
  • Feedback, testimonials, and promotional content such as photos and videos

Suppliers – service providers
From our suppliers and service providers, we may additionally process:

  • Contractual data (e.g., company name, address, VAT number, agreements, etc.)
  • Payment and invoicing data (e.g., card details, invoices, etc.)
  • Account data for platforms (e.g., registration information, account creation)
  • Feedback, testimonials, quotes, promotional content such as photos and videos (e.g., reviews and experiences regarding our cooperation, testimonials, quotes, presence at events, etc.)

Job applicants
From job applicants, we may additionally process data, depending on what data you wish to provide in the context of your application:

  • Personal details
  • Work-related data
  • Personality data
  • Photos
  • Contact details of references (if provided)

4. For What Purposes Do We Process Your Data?

Personal data is processed exclusively within the context of the company and in particular for the following purposes:

  • Within the context of our main activities
  • Organizing events, competitions, and meetings
  • Participating in trade fairs
  • Complying with administrative and fiscal obligations
  • Communication with customers and prospects
  • Recruitment procedures for employees

5. On What Grounds Do We Process Your Data?

We process your data only to the extent necessary for the purposes described above and only according to one of the GDPR’s legal bases:

Legal Obligation
Certain data is processed by us to comply with legal or regulatory obligations. For example, in the context of fiscal and accounting obligations or in the area of data protection.

Contractual Necessity
Certain data is processed because it is necessary for entering into, performing, or terminating a contract with you as the data subject. For example, contacting, scheduling, responding to a request, or requesting information in the context of a contractual relationship, as well as the actual execution of the contractual task within the context of our main activity, in order to provide or receive our services.

Legitimate Interest
Certain data is processed based on our legitimate interests, which in specific cases outweigh any possible disadvantage to your rights. For example, promoting our activities to business contacts; improving the quality of our services; training employees and evaluating and recording data and statistics related to our activities in the broad sense; storing and using evidence in the context of liability, procedures, or disputes and for archiving purposes; and guaranteeing security, both online on this website and in our company premises.

Consent

Certain data is processed based on your consent. For example, promoting activities to potential business contacts; using certain analytical or marketing cookies; posting photos containing personal data on our website and social media channels. Data from applicants after the recruitment procedure will only be retained with consent.

Read our cookie policy:  Cookie policy | AQUALEX..

Learn more about how our external partners handle your data:

6. Source of the data

Most of the data we process about you we have obtained directly from you. Within the context of our services, it is possible that we obtain data from external service providers or public sources.

7. With whom do we share your data?

We do not disclose your data to third parties, except when strictly necessary for the purposes mentioned above, or if we are legally required to do so.

Where necessary, we use external service providers (processors) to support our operational purposes, such as managing our websites and IT systems. These external service providers may process data on our behalf. We will only share your data with these processors to the extent necessary for the purpose concerned. They may not use the data for other purposes. Moreover, these service providers are contractually bound to ensure confidentiality of your data through a “processor agreement” concluded with these parties.

Specifically, this means that we share your data, as relevant in your situation, with the following third parties for the following purposes, with these third parties in certain cases acting as processors on our behalf:

  • Postal, transport, and delivery companies if we need to send something to you by mail
  • Payment service providers if we receive payments from you, or vice versa
  • External representatives and consultants or any other parties involved in our main or secondary activities
  • IT processors assisting us in operating our organization, ensuring safe and efficient digital data management
  • Government bodies, judicial authorities, and regulated professionals such as accountants and lawyers, to comply with legal obligations and defend our interests, as required

8. How long do we keep your data?

We retain your data no longer than necessary for the purpose for which the data was collected or processed. Since the retention period depends on the purpose of processing, the storage period may vary in each situation. Specific legislation may require us to retain data for a certain period. Our retention periods are always based on legal requirements and a balance of your rights and expectations with what is useful and necessary for fulfilling the purposes. After the retention period, your data is deleted or anonymized.

9. Where do we store your data and how is it protected?

We provide appropriate technical and organizational security measures to avoid destruction, loss, falsification, alteration, unauthorized access, or unlawful disclosure to third parties, as well as any other unauthorized processing of these data.

We also ensure that the processors we use take appropriate security measures to minimize risks of incidents.

If your data is processed outside the European Economic Area (EEA) when using specific services or software tools, this will only happen in/to countries recognized by the European Commission as providing adequate protection, or measures will be taken to ensure lawful processing of your data in these third countries.

10. What are your rights?

You have several rights regarding the data we process about you. To exercise any of the rights below, please contact our GDPR officer using the contact details in section 1 of this Privacy Policy.

Right of access and copy
You have the right to access your data and receive a copy. This includes the ability to request further information about the processing, including categories of data processed and purposes.

Right to rectification
You have the right to request correction of your data if you believe we hold inaccurate information.

Right to erasure (right to be forgotten)
You may request that we erase your data without undue delay. We may not always be able to comply, e.g., if the data is needed for an ongoing contract or legally required retention.

Right to restriction of processing
You have the right to request a temporary halt to processing until, for example, the accuracy of the data is confirmed.

Right to withdraw consent
Where processing is based on your consent, you can withdraw it at any time by contacting us. For marketing emails, you can also withdraw consent via the unsubscribe link.

Right to object
You can object to processing based on legitimate interest for specific reasons related to your situation, as well as direct marketing. Marketing emails will always provide an opt-out.

Right to data portability
You can receive your data provided to us with your consent or under a contract in electronic form, and request direct transfer to another organization if technically feasible.

Right to lodge a complaint with your supervisory authority
If you believe your data is processed incorrectly, you have the right to file a complaint with the data protection authority:

Belgian Data Protection Authority (GBA)
Drukpersstraat 35
1000 Brussels
contact@apd-gba.be

11. How can you exercise your rights?

You can exercise your rights by contacting us by email at info@aqualex.be or by post at Nijverheidslaan 60A, 8540 Deerlijk, including a copy of the front of your ID card or another document that allows us to identify you. The copy will only be used to verify your identity in accordance with GDPR.

12. Changes

We reserve the right to modify this Privacy Policy. The most recent version is always available on our websites. The date of the last modification can be found at the top. In case of substantial changes, affected individuals will, if possible, be informed directly.