Confidentiality - Privacy Policy
Object
This Policy is drawn
up by FZ MOTOR located at Place Louise de bettignies, 1a, 7503 FROYENNES, under
the registration number 0444486266 (hereinafter referred to as "the
controller").
The purpose of this
privacy policy (the Policy) is to inform visitors to the website hosted at the
following address: www.fzmotor.be (hereinafter referred to as the
"website") of the manner in which data is collected and processed by
the controller.
This Policy is in
line with the wish of the controller to act transparently, in compliance with
its national provisions and with Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of individuals
with regard to the processing of personal data and on the free movement of such
data and repealing Directive 95/46/EC (hereinafter referred to as the
"General Data Protection Regulation" or "GDPR").
The controller pays
particular attention to the protection of the privacy of its users and
therefore undertakes to take reasonable precautions to protect the personal
data collected against loss, theft, disclosure or unauthorized use.
"Personal
data" means the personal data of the user of the website, so any information relating to an identified or identifiable user.
If the user wishes to
react to one of the practices described below, he may contact the controller at
the postal address or email address specified in the "contact
details" section of this Policy.
Which data do we process?
The data controller
collects and processes the following personal data according to the methods and
principles described below:
·
its domain (automatically detected by the
controller's server), including the dynamic IP address ;
·
its e-mail address if the user has previously
disclosed it, for example by sending messages or questions on the website, by
communicating with the controller by e-mail, by participating in discussion
forums, by accessing the restricted part of the website by identification,
etc..;
·
all the information concerning the pages that
the user has consulted on the website;
·
any information that the user has voluntarily
given, for example in the context of information surveys and/or registrations
on the website, or by accessing the restricted part of the website through
identification.
The controller may
also collect non-personal data. These data are called non-personal data because
they do not directly or indirectly identify a particular person. They may then
be used for any purpose whatsoever, for example to improve the website, the
products and services offered or the data controller's advertising.
In the event that
non-personal data are combined with personal data, so that identification of
the data subjects is possible, such data will be treated as personal data until
such time as it is made impossible to link them to a particular person.
Collecting methods

The controller shall
collect personal data in the following manner:
Purposes of the processing
Personal data are
collected and processed only for the purposes mentioned below:
·
ensuring the management and control of the
execution of the proposed services ;
·
sending and follow-up of orders and invoices ;
·
sending promotional information on the products
and services of the controller;
·
sending of promotional material;
·
answering the user's questions;
·
performing statistics;
·
improving the quality of the website and the
products and/or services offered by the controller;
·
transmitting information on new products and/or
services of the controller;
·
for actions of commercial prospection;
·
allowing a better identification of the user's
interests.
The controller may be
required to carry out processing operations not yet provided for in this
Policy. In this case, the controller will contact the user before re-using his
personal data, in order to inform him of the changes and give him the
possibility, if necessary, to refuse such re-use.
Legitimate interest
Some data processing
activities are based on the legitimate interest of the controller. The
legitimate interest is proportionate with regard to the rights of the users.
For further details regarding the purpose of the processing based on the
legitimate interest of the controller, users can contact the controller
directly (see contact details in this Policy).
Duration of the storage
In general, the
controller shall store personal data only for the time reasonably necessary for
the purposes pursued and in accordance with legal and regulatory requirements.
The personal data of
a customer are kept for a maximum of 10 years after the end of the contractual
relationship between the customer and the controller.
Shorter retention
periods apply for certain categories of data, such as traffic data, which are
kept for only 12 months.
At the end of the
storage period, the controller shall make every effort to ensure that the
personal data have indeed been made unavailable and inaccessible.
Exercise of rights
For all rights
mentioned hereafter, the controller can check the user's identity before
granting the right.
The request for
additional information by the controller must be done within 1 month after the
request made by the user.
Access to the data and copy
The user may obtain
free of charge the written communication or a copy of the personal data
concerning him that have been collected by the data controller.
The controller may
charge a reasonable fee based on administrative costs for any additional copies
requested by the user.
Where the user makes
such a request electronically, the information shall be provided in a commonly
used electronic form, unless the user requests otherwise.
The copy of his data
will be communicated to the user at the latest within one month after receipt
of the request, except in case of a contrary provision in the GDPR.
Right of rectification
The user may obtain
free of charge, as soon as possible and at the latest within one month, the
rectification of his personal data which are inaccurate, incomplete or
irrelevant, as well as completing them if they prove to be incomplete.
Except in case of a
contrary provision in the GDPR, this request will be handled within one month
after the request was made.
Right to object to processing
The user may at any
time, for reasons relating to his particular situation, object free of charge
to the processing of his personal data, when:
·
the processing is necessary for the performance
of a task carried out in the public interest or in the exercise of official
authority vested in the controller;
·
processing is necessary for the legitimate
interests pursued by the controller or by a third party, unless the interests
or fundamental rights and freedoms of the data subject which require protection
of personal data prevail (in particular where the data subject is a child).
The controller may
refuse to exercise the user's right of opposition where he establishes the
existence of compelling and legitimate reasons justifying the processing, which
take precedence over the interests or rights and freedoms of the user, or for
the establishment, exercise or defense of a legal claim. In case of dispute,
the user may lodge an appeal in accordance with the point "claims and
complaints" of this Policy.
The user may, at any
time, oppose, without justification and free of charge, the processing of
personal data concerning him when his data are collected for purposes of
commercial prospection (including profiling).
Where personal data
are processed for scientific or historical research purposes or for statistical
purposes in accordance with the general data protection regulation, the user
has the right to object, for reasons relating to his particular situation, to
the processing of personal data concerning him, unless the processing is
necessary for the performance of a task in the public interest.
The controller is
obliged to reply to the user's request as soon as possible and at the latest
within one month and to give reasons for his reply if he intends not to comply
with such a request, except in case of a contrary provision in the GDPR.
Right of limitation of the processing
The user may obtain
the limitation of the processing of his personal data in the cases listed
hereunder:
·
when the user disputes the accuracy of a data
and only the time that the controller can control it;
·
where the processing is unlawful and the user
prefers the processing to be limited to deletion;
·
when, although no longer necessary for the
pursuit of the purposes of the processing, the user needs it for the
establishment, exercise or defence of his rights in court;
·
for the time necessary to examine the validity
of an opposition request submitted by the user, in other words, for the
controller to check the balance of interests between the legitimate interests
of the controller and those of the user.
The controller will
inform the user when the limitation of the processing is lifted.
Right to erasure (right to be forgotten)
The user may obtain
the deletion of the personal data concerning him, where one of the following
grounds applies:
·
the data are no longer necessary for the
purposes of the processing operation;
·
the user has withdrawn his consent for his data
to be processed and there is no other legal basis for the processing;
·
the user objects to the processing and there is
no compelling legitimate reason for the processing and/or the user exercises his
specific right of opposition in direct marketing (including profiling);
·
the personal data have been unlawfully
processed;
·
personal data must be erased in order to comply
with a legal obligation (under Union law or Member State law) to which the
controller is subject ;
·
personal data have been collected in the context
of the provision of information society services to children.
The deletion of data
is however not applicable in the following 5 cases :
·
where processing is necessary for the exercise
of the right to freedom of expression and information;
·
where processing is necessary for compliance
with a legal obligation requiring processing under Union law or under the law
of the Member State to which the controller is subjected, or for the
performance of a task carried out in the public interest or in the exercise of
official authority vested in the controller;
·
where the processing is necessary for public
health reasons;
·
where processing is necessary for archival
purposes in the public interest, for scientific or historical research purposes
or for statistical purposes and where the right to erasure is likely to render
impossible or to seriously jeopardise the attainment of the purposes of the
processing in question;
·
where processing is necessary for the establishment,
exercise or defence of legal claims.
The controller is
obliged to reply to the user's request as soon as possible and at the latest
within one month and to give reasons for his reply if he intends not to comply
with such a request, except in case of a contrary provision in the GDPR.
Right to data portability
The user may at any
time request to receive his personal data free of charge in a structured,
commonly used and machine-readable format, with a view in particular to
transmitting them to another controller, when:
·
the data processing is carried out using
automated processes; and where
·
the processing is based on the consent of the
user or on a contract concluded between the user and the controller.
Under the same
conditions and in the same manner, the user has the right to obtain from the
controller that the personal data concerning him will be transmitted directly
to another controller of the processing of personal data, insofar as this is
technically possible.
The right to data
portability shall not apply to processing which is necessary for the
performance of a task carried out in the public interest or in the exercise of
official authority vested in the controller.
Recipients of data and disclosure to third
parties
The recipients of the
data collected and processed are, in addition to the controller himself, his
employees or other subcontractors, his carefully selected business partners,
located in Belgium or in the European Union, and who collaborate with the
controller in the context of the marketing of products or the provision of
services.
In the event that the
data are disclosed to third parties for commercial prospecting purposes, the
user will be informed in advance so that he can choose whether or not to accept
this data transfer to third parties.
Since the transfer is
based on the consent of the user, he can retract his consent at any time with
regard to this exact purpose.
The data controller
respects the legal and regulatory provisions in force and will in all cases
ensure that his partners, employees, subcontractors or other third parties
having access to these personal data comply with this Policy.
The controller
reserves the right to disclose the user's personal data in the event that a
law, judicial procedure or an order from a public authority makes such
disclosure necessary.
No personal data
shall be transferred outside the European Union.
Security
The controller shall
implement appropriate technical and organizational measures to guarantee a
level of security of the processing and the data collected with regard to the
risks presented by the processing and the nature of the data to be protected
appropriate to the risk. It takes into account the state of knowledge, the
costs of implementation and the nature, scope, context and purposes of the
processing as well as the risks to users' rights and freedoms.
The controller has
put in place appropriate security measures to protect and avoid the loss,
misuse or alteration of information received on the website.
In case a breach of
personal data occurs, the controller will undertake quick action to identify
the cause and take appropriate measures to remedy the situation.
The controller
informs the user of this breach when he is obliged to do so by law.
Claims and complaints
If the user has a
complaint, it is adviseable to contact the controller directly.
The user can also
lodge a complaint with his national control authority, whose details are listed
on the official website of the European Commission: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
In addition,
action can be undertaken before the competent national courts.
Contact details
For any question and/or
complaint, in particular as to the clear and accessible nature of the present
Policy, the user may contact the data controller:
By email:
francesco.zenoni@fzmotor.be
By mail: Place Louise
de bettignies, 1a at 7503 Froyennes
Applicable law and competent jurisdiction
This Policy shall be
governed by the national law of the main place of establishment of the
controller.
Any dispute
concerning the interpretation or execution of this Policy shall be submitted to
the courts of that national law.
Miscellaneous provisions
The controller
reserves the right to modify the provisions of this Policy at any time. Changes
will be published with a warning as to their coming into force.
This version of the
Policy dates from 12/06/2020.