The Privacy Statement has been prepared by Xavier Deklerck, domiciled at Blauwhuisstraat 26, 8020 Oostkamp (hereinafter referred to as the “Controller”).
The Privacy Statement informs visitors of the following website: https://empiricaleurope.com/ (hereinafter referred to as the “Website”) about the way personal data are collected and processed by the Controller.
The Privacy Statement is an expression of the Controller’s intention to act in all transparency, this in accordance with the Law of December 8, 1992 on the protection of privacy in relation to the processing of personal data and in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection Regulation”).
The Controller is particularly attentive to the protection of the private lives of its users and, consequently, undertakes to take all necessary and reasonable measures to protect the personal data of these persons from loss, theft, dissemination or unauthorized use.
By “personal data” is meant any information about an identified or identifiable natural person. An identifiable is considered a natural person who can be directly or indirectly identified.
If the user wishes to respond to any of the provisions mentioned below, they may contact the Controller at the mailing address or email address shown in the “contact details” section of the Privacy Statement.
What data do we collect?
The Controller collects and processes, according to the modalities and principles described below, the following personal data:
- the domain of the user (automatically picked up by the server of the Controller), including the dynamic IP address;
- the email address of the user if the user has previously entered it, for example, by posting messages or asking questions on the Website, by communicating with the Processing Manager via email, by participating in discussion forums, by visibly identifying themselves in order to access a restricted area of the Website, etc;
- all information related to the pages visited by the user on the Website;
- any information voluntarily provided by the user, for example in the context of surveys and/or registration on the Website, or by identifying oneself in order to access a restricted part of the Website.
The Controller may also collect data that are not of a personal nature. These data are qualified as non-personal data and do not allow the direct or indirect identification of a particular person in particular. Consequently, these data may be used for any purpose, for example to improve the Website, to improve the products and services offered or to improve publications of the Controller.
In the hypothesis where personal data are combined with non-personal data, so that it is possible to identify the persons concerned, these data will be processed as personal data until the persons concerned can no longer be identified on the basis of the data in question, because the link between the personal data and non-personal data has been eliminated.
Mode of data collection
The Controller collects data in the following ways:
- web forms
Purposes of processing
Personal data are collected and processed for the purposes listed below:
- management and control guarantees as regards the execution of the services offered;
- Sending and following up orders and invoices;
- Sending promotional information regarding the products and services by the Processor;
- Sending promotional material;
- answering users’ questions;
- Realizing statistics;
- improving the quality of the Website and the products and/or services by the Controller;
- forwarding information regarding new products and/or services by the Processor;
- commercial prospecting;
- allowing to better identify the user’s interests.
We also collect and process personal data with the following purposes:
- Being able to target advertising to the target group if necessary.
The Controller may be required to perform processing operations not yet included/provided for in this Privacy Statement. In such case, the Controller shall contact the User before using its personal data, in order to inform the User of the changes and to give the User the opportunity, if applicable, to refuse such use.
Certain processing operations by the Controller are grounded on the legal basis of its legitimate interests. These legitimate interests are proportional to the respect of the user’s rights and freedoms. If the user wishes more information on the processing purposes grounded on the legitimate interest, the user is invited to contact the Controller (see “contact details” in this Privacy Statement).
Duration of retention
In general, the Processor retains personal data only for the period reasonably necessary to achieve the stated purposes and in accordance with legal and regulatory requirements. A customer’s personal data will be kept for a maximum of 10 years after the termination of the contractual relationship that binds the customer to the Controller.
Upon expiration of the retention period, the Controller shall make every effort to ensure that the personal data were made unavailable and inaccessible.
Exercise of rights
With respect to all rights listed below, the Controller reserves the right to verify the identity of the person concerned. This additional information will be requested within a period of one month following the request by the person concerned.
Access to data and copies
The user may obtain, free of charge, his written correspondence or a copy of his personal data processed by the Controller. The Controller may demand payment from the User of all reasonable costs, based on the administrative costs for each additional copy requested by the User. As soon as the user submits this request electronically, the information will also be delivered electronically, unless the user requests otherwise. Unless otherwise stipulated in the General Data Protection Regulation, the copy of his data will be communicated to the person concerned no later than one month after receipt of his request.
Right of rectification
The user may request, free of charge, the correction of his personal data if they contain errors, are incomplete or irrelevant, as well as the completion of his data if they prove to be incomplete. Unless otherwise stipulated in the General Data Protection Regulation, the request will be processed within one month of its submission.
The right to oppose processing
The user may at any time, for reasons related to his personal situation, object to the processing of his personal data, free of charge:
- when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
- when the processing is necessary to pursue the legitimate interests of the Processing Controller, provided that the interest or fundamental rights and freedoms of the data subject do not override that interest (in particular when the data subject is a child).
The Controller may refuse to carry out the User’s objection if it establishes the existence of compelling and legitimate motives justifying the processing, which prevail over the interests or the rights and freedoms of the User, or if they are used for a dispute in court, the conduct of a defense in court or for the exercise of rights. In the event of a dispute, the User may appeal in accordance with what is stipulated in the “objections and complaints” section of the Privacy Statement.
The user may at any time, without any justification and free of charge, object to the processing of his/her personal data if these data have been collected for the purpose of commercial canvassing (including profiling).
If the personal data are used for scientific or historical research purposes or for statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object to the processing of his personal data for reasons relating to his personal situation, unless the processing is necessary for the exercise of official authority.
Unless otherwise stipulated in the General Data Protection Regulation, the Controller shall be obliged to respond to the User’s request within a reasonable period of time and, at the latest, within one month, and shall justify its response if it intends not to respond favorably to the User’s request.
The right to restriction of processing
The user may obtain the restriction of the processing of their personal data, in the following cases:
- when the user disputes the correctness of a data and only for the period necessary for the Controller to verify it;
- when the use is unauthorized or when the user prefers the restriction of operation to the erasure of the data;
- when the user needs this restriction for a challenge, exercise or defense in court, although it is no longer necessary for the continuation of the purposes of the processing;
- during the period necessary to examine the merits of a request for opposition, in other words, the period necessary for the Controller to balance the legitimate interests of the Controller and those of the user.
The Controller shall notify the user as soon as the restriction of operation is lifted.
The right to erasure (right to be forgotten)
marketing purposes (including profiling);
- the personal data have been subject to an unauthorized use;
- the personal data must be erased in order to comply with a legal obligation (of European Union law or the law of a Member State) to which the Controller is subject;
- the personal data were collected in the context of an offer to provide services aimed at children.
However, the erasure of the data is not applicable in the following cases:
- from as soon as the processing is necessary for the exercise of the right to freedom of expression and the right to information;
- as soon as the processing is necessary to comply with a legal provision requiring processing provided for by the law of the European Union or by the law of one of the Member States to which the Processing Controller is subject, or when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
- as soon as the processing is necessary for reasons of public health interest;
- as soon as the processing is necessary for archiving purposes in the public interest, for scientific or historical research purposes or for statistical reasons, and provided that the right to erasure is likely to make the achievement of the purposes of the processing impossible or seriously prejudicial to the conduct;
- as soon as the processing is necessary for the contestation, exercise or defense in court.
Unless otherwise stipulated in the General Data Protection Regulation, the Controller shall be obliged to respond to the User’s request for erasure within a reasonable period of time and at the latest within one month, and shall motivate its response if it intends not to respond favorably to the User’s request.
The right to data portability
The user may at any time request to obtain, free of charge, their personal data in a structured and commonly used format, readable by machines, with a view to transferring them to another controller:
- If the processing of the data is carried out using automated processes; and
- if the processing is based on the consent of the user or on an agreement concluded between the latter and the Controller.
Under the same conditions and following the same modalities, the user also has the right to demand from the Controller that the personal data relating to him would be transferred directly to another controller of personal data processing, insofar as this is technically possible.
The right to data portability shall not apply to processing necessary for a task of public interest or forming part of the exercise of public authority vested in the Controller.
Data recipients and disclosure to third parties
The recipients of the data collected and processed are, besides the Controller itself, the employees or other subcontractors, the carefully selected commercial partners, located in Belgium or the European Union, who cooperate with the Controller within the framework of the marketing of products or the provision of services. In the hypothesis in which the data would be disclosed to third parties for direct marketing purposes or for commercial prospection purposes, the user will be informed in advance in order to allow him to accept or not the processing of his data by third parties. Given that this transfer is based on the consent of the user, the latter may revoke his consent at any time.
The Controller shall comply with all applicable legal and regulatory provisions and shall in any event ensure that its partners, staff members, subcontractors and other third parties with access to personal data comply with this Privacy Statement.
The Controller reserves the right to disclose the user’s personal data if a law, legal proceedings or an order of a public authority would require such disclosure.
No transfer of personal data will take place outside the European Union by the Controller.
The Controller shall implement the appropriate technical and organizational measures to ensure a level of security as regards the processing of the data collected, in accordance with the risks that may arise in the processing of the data and adapted to the nature of the data to be protected. The Controller shall take into account the state of knowledge, the cost of the works and the nature, scope, context and purpose of the processing, as well as the risks to users’ rights and freedoms.
The Controller, when receiving or sending data on the Website, always uses encryption technology recognized within the IT sector as being the industry standard.
The Controller has adopted the necessary security measures in order to protect the information obtained through the Website and to avoid its loss, misuse or alteration.
In the event that the personal data processed by the Processing Manager are violated, the latter will act quickly in order to identify the cause and remedy the situation.
The Controller shall inform the User when required to do so by law.
Objections and complaints
The user may file an objection with the Belgian Data Protection Authority at the following address: Press Street, 35 at 1000 Brussels. Tel. + 32 2 274 48 00. Fax. + 32 2 274 48 35, firstname.lastname@example.org. The user may also file a complaint with the competent courts.
For any question and/or complaint, in particular regarding the clarity and accessibility of the Privacy Statement, the user may contact the Controller:
By e-mail: email@example.com
By post: Blauwhuisstraat 26, 8020 Oostkamp
Applicable law and competent jurisdiction. This Privacy Statement is subject to Belgian law. The courts of the following judicial district have jurisdiction in case of dispute: Antwerp.
The Controller reserves the right to modify the provisions of this Privacy Statement at any time. The amendments will be published with notification as to their entry into force.
This version of the Privacy Statement is dated 01/02/2023.
Empirical Europe (hereinafter referred to as “we”, “our” or “us”) makes every effort to provide you with an optimal (user) experience and wishes, in this context, to gain your trust by providing the necessary information regarding the policy on the use and storage of cookies.
What is a cookie?
A cookie is a small text file, stored on the hard drive of your computer or cell phone and issued by the server of the website you are visiting.
A cookie contains a unique code that allows its issuer to recognize the device in question (computer or cell phone) each time the website is visited.
A cookie identifies the browser of your device, but never you personally. Moreover, a server can only consult the cookies that it has placed itself, without being able to access any other information on the hard disk of the device.
Cookies may be set by the server of the website you are visiting, called ” original cookies “, or by partners with which the website cooperates called ” third-party cookies “.
Validity of a cookie
Some cookies expire when you close your browser, called ” session cookies “. Others remain stored on the device for longer, some even until you delete them manually, called ” permanent cookies “.
In general, cookies have a validity period that is limited in time. The most common validity period is 30 days and the maximum duration is 13 months from the day the cookie was stored on the device.
General purposes of cookies
The first purpose is to ensure an efficient and fast Internet experience (e.g., through cookies that save language choices, save login information, etc.). Cookies remember your preferences and thus facilitate access to the website.
They also allow us to understand how you use the website.
Moreover, they make it possible to tailor content and advertising messages. The website is thus adapted to your needs and preferences.
In order to store certain cookies on your device, prior consent must be obtained. This is obtained via the bar on the website’s homepage.
Types of cookies
a. Technical cookies
These cookies store only your IP address and enable the following:
- Visiting the pages of the website and using the functionalities
- Filling in forms
- Verify your identity when entering your data
- Secure access to the website
These cookies do not require your consent as they provide you with access to the website.
b. Functional cookies
These cookies allow specific functions of the website to be activated in order to improve user friendliness and user experience, especially considering that the cookies remember user preferences (e.g. language).
These cookies enable the following:
- Provide customized services (language, preferences, etc.)
- Store choices from previous visits
- Collect information from online forms
- Compile statistics
- Analyze the use of the website
Like the technical cookies, these are used to improve your experience and their use does not require consent.
c. Advertising cookies
These cookies track your Internet habits and allow us to tailor our website’s marketing content to your interests.
On this basis, we can track the effectiveness of advertising campaigns, by looking in particular at the steps you take after clicking on an advertisement. Based on localization data, we can also make offers based on your location.
These cookies also allow us to send you targeted advertising by linking it to the website you visited.
The information we collect and share only allows us to identify your device.
Your consent is required to use these cookies. This is requested when you first visit our website.
d. Analytical cookies
These cookies are used to track how you use our website. This allows us to track the number of visitors page by page and improve it if necessary.
They also allow us to improve the ergonomics of the website and optimize your experience.
The data collected is completely anonymous. Thus, these cookies do not require consent.
e. Social media cookies
These cookies collect the information you share through or with social media. When you share things, a third-party cookie is stored on your device and if you are logged into the social media, it is added to your profile.
It is advisable to check the scope of this for each social network.
These cookies also require your consent.
f. Cookies originating from third parties
These cookies are placed on our website by third parties and then stored on your device. We have no control over them. For more information, you should therefore visit the websites of the entities from which the cookies originate.
Your rights regarding the processing of your personal data.
Address: Blauwhuisstraat 26, 8020 Oostkamp