Privacy

PRIVACY POLICY

Data privacy is extremely important to us. Therefore, we want to communicate openly and be transparent on how we treats your personal data. This privacy policy has the objective to inform you of the data that we collect, why we collect this data, how we treat the data you provide to us, and what your rights are.

1. WHO PROCESSES YOUR DATA?

The Belgian company, DUVEL MOORTGAT NV, with registered office at 2870 Puurs-Sint-Amands, Breendonkdorp 58, registered in Crossroads Bank for Enterprises Antwerp, department Mechelen with company registration number 0400.764.903 (herein after referred to as “DUVEL”) and all subsidiaries are the responsible for processing and de beheerders onder het toepasselijke recht regarding protection of data of the personal data you provide to us.

Duvel Moortgat and her affiliated companies are concerned about privacy questions and we would like to inform you on how the data that relates to you as a person (herein after: “personal data”) is collected, treated and provided.

In this privacy policy (herein after: “the Privacy policy”) our policy regarding the processing of your personal data that we collect through our websites ww.duvel.be. In Website or Websites, we mean all potential website of the Duvel-Group (herein after: “the Website” or “the Websites”).

2. WHICH DATA DO WE COLLECT?

When you visit our website, we collect the following data from you, regardless of whether you are a registered user of the website or not:

  • IP-address: Your IP-address (internet protocol address) is a unique number that is automatically assigned to your computer by your internet service provider. Each time you visit our website, your IP-address is automatically logged and saved in the logfiles of our server, so we can determine at what time(s) you visited our website, and which individual page(s) you visited. The way in which your IP-address is processed, is logged in our Cookie Policy.
  • Information about your device (e.g. screen size)
  • User-ID (social) network, if applicable
  • Use of the website (meaning how you treat our website)
  • Public content that you potentially published on social networks (e.g. pictures, comments, names) or content that you shared through our social media platforms (e.g. pictures, comments, names)
  • Cookies: The way we process personal data collected through the cookies is explained in the Cookie Policy.

We use your IP-address and cookies to collect personal data:

In general, you are not requested to log-in or to provide personal data before you can access our website. Potentially it can be requested to log-in to gain access to certain functions.

On the forms on our websites is each time indicated which fields are mandatory and which fields are optional.

3. HOW DO WE COLLECT YOUR DATA?

Duvel collects your personal data in the following ways:

  • Through are websites: we collect Personal data through the websites of Duvel as described in chapter 2.
  • Offline: we collect Personal data when you are offline, e.g. when you contact our customer service to place an order.
  • By means of cookies: we collect Personal data through cookies when you visit our websites. The Cookie Policy explains how we collect and treat your Personal data through cookies.
  • Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on their servers. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. By using this website, you give authorization for the processing of data by Google in the way and for the goals as described in this paragraph. You can find more information on this in our cookie policy.

4. WHY DO WE COLLECT PERSONAL DATA?

Most of our services do not require any form of registration. However, some of our services require registration:

  • Orders: To process and deliver your orders and to inform you of its status. We use this information to process your transaction, follow your purchase and provide assistance in the case of issues with the delivery, returns and other problems related to the purchase of DUVEL products. The processing of your personal data for this objective is necessary for the application of the agreement we concluded.
  • => Legal basis for processing: the performance of a contract you concluded with Duvel to process your order;
  • Maintenance of your account: To create and maintain your DUVEL account, including offering of loyalty programs that are linked to this account.
  • => Legal basis for processing: Our legitimate interest to process your personal data for this purpose;
  • Customer service: To provide better services to our customers, including answering to your questions, complaints and general feedback on our products. Our service to customers can be offered through different communication channels, such as e-mail, letter, telephone.
  • => Legal basis for processing: Our legitimate interest to process your personal data for this purpose;
  • Promotional messages: To send promotional messages, only if you specifically agreed to receive such messages.
  • => Legal basis for processing: Our legitimate interest to process your personal data for this purpose;

If you choose not to provide your personal data, it is possible that you can’t access certain parts of our website or that we can’t answer to your request.

DUVEL can use your personal data for all or some of the following purposes:

  • Direct marketing: We use your personal data to send you direct marketing communication through e-mail. Through these direct marketing communications, you are for example informed on current events, promotions and other similar activities, and about products and services of Duvel or related brands. Our newsletter, to which you can subscribe, does also fall under the header of marketing communication. We use a “double opt-in” system for registration for our newsletter. This means that we send a confirmation to the e-mail address you provided in which you are asked to confirm your registration to our newsletter. When you don’t confirm within 48 hours, your application is automatically deleted. You need to provide an e-mail address and your age before we can send our newsletter. This information is only used for this specific purpose. We only use the information regarding your age to verify you are older than 16 years (Art. 8.1 of GDPR). Unfortunately we can’t send our newsletter if you are under the age of 16. We save your e-mail address until you unsubscribe to our newsletter; at this time, we delete your e-mail address.
  • => Legal basis for processing: Our legitimate interest and/or your consent. You can revoke your consent to receive these direct marketing communications by clicking on the Unsubscribe link (which you can find at the bottom of each marketing e-mail). You can also inform us that you would like to revoke your consent by sending an e-mail, by calling us or by sending us a letter. You can use the contact details at the end of this Privacy Policy.
  • Online advertising: we use your personal data to send you online marketing communication through Google Adworks, Programmatic Advertising and Social Media Advertising. Through online marketing communication you are for example informed on current events, promotions and other similar activities, and about products and services of Duvel or related brands.
  • => Legal basis for processing: Your consent.
  • Optimization of the website: DUVEL also collects information in logfiles. This information is used for internal purposes, like traffic and profiling to further fine-tune our services offered on the website.
  • Other specific purposes: We can use your data for other specific purposes, like the daily operation and safety of our DUVEL sites, to conduct audits and to contact you for consumer surveys, when you gave your consent for this.
  • => Legal basis for processing: Your consent.
  • Data analysis regarding your activity on our Sites: We collect your personal data, including your location, to measure your involvement on our Sites( e.g. to know how you use our Sites, when and how often, which device you are using, how long you visit, which items you click on), and to deduct consumption trends and patterns from this analysis. This way we can better get to know the users of the Sites and we can adjust our Sites to determined preferences of users, but we can also in general improve the products and services offered by Duvel.
  • => Legal basis for processing: Your consent.
  • Save and share content you publish on Social Media: You can share content on our Social Media, like pictures of yourself, hashtags, videos and recordings. When you communicate this type of content on our social media, we can decide to share part of this content (and your public social media profile) on our Sites, in the context of marketing campaigns, and more in general to present and illustrate our Sites, and the products and service of Duvel. When we do this, we save your personal data in the database of Duvel.
  • => Legal basis for processing: Your consent.
  • Comply with legal obligations: To comply with legal obligations, legal procedures or orders by authorities (outside your country of residence), when we are reasonably of the opinion that we are legally obliged to do this and when providing your personal data is strictly necessary to comply to such legal obligations, procedures and orders of the authority.
  • => Legal basis for processing: complying to legal obligations.
  • Legitimate interest for the protection of our interests: For the Legitimate interest of our conditions, protection of our activities or these of affiliated societies, protection of our rights, privacy, safety and property and/or these of our affiliated companies, and to allow us to use available rights or to limit any potential damage.
  • => Legal basis for processing: Legitimate interest

5. DO WE SHARE YOUR PERSONAL DATA ?

Your personal data will in no case be given, transferred or sold to third parties. DUVEL can call upon service providers, representatives or contractors to provide services in name of DUVEL, such as providing you the DUVEL sites and the services that are available to you (such as delivery). It is possible that these external parties gain access to your personal data or need to process these. DUVEL requires by means of a written agreement of these third parties that they comply to all relevant legislation related to protection of data and security measures regarding personal data.

DUVEL only shares data that is needed to deliver our products or to offer our services.

Your personal data is provided to following processors:

The processors with whom we collaborate are bound by strict confidentiality rules. They cannot use your data with permission for other purposes then the ones we impose.

Your data is only provided to processors so they can take on part of the tasks that are described in this privacy policy.

As such, your personal data can be processed by the following processors:

  • All subsidiaries of Duvel Moortgat NV;
  • Our operational partners and IT-partners: these companies help Duvel Moortgat to comply to all contractual obligations and we can rely upon to develop our IT-systems, to improve, to modify or to secure, or to provide apps, tools, services etc. in the context of activities of the Duvel Moortgat Group:
  • Cloud License, that hosts our IT-systems and provides system support; Azure, that hosts our IT-systems and provides system support;
  • Combell, that hosts our IT-systems and provides system support;
  • Microsoft Dynamic, that hosts our IT-systems and provides system support;
  • Drupal, that hosts our IT-systems and provides system support;
  • Our consultants: independents who offer services to Duvel Moortgat;
  • Our partners for delivery of products and services: these companies act for Duvel in the context of deliveries of goods and services offered by us;
  • Our marketing partners; These companies help us for example to analyze your data so that we can be of better service to you. This could also be companies that are specialized in satisfaction surveys or market studies;
  • Google analytics, that supports our IT-systems and performs data analysis for the purposes described in this Policy;
  • Google Adwords, that supports our online marketing communication;
  • Facebook and Instagram, that supports our online marketing communication;
  • Twitter, that supports our online marketing communication;
  • Agora Pulse, that supports our online marketing communication;
  • Flowbox, that supports our online marketing communication;
  • Mailchimp, that supports our online marketing communication;
  • Hotjar, that supports our online marketing communication;
  • CampaignDesigner, that supports our online marketing communication.

6. WHAT ARE YOUR RIGHTS?

Rights to information and access to personal data

You have the right to request DUVEL to gain access and to rectify your personal data or to limit the processing of your data. More specifically, you have the right to gain access to your personal data and the following information: the purposes of processing, the categories of personal data, the recipients or categories of recipients to whom the personal data is provided or will be provided, more specifically recipients in third countries or International organizations, and, if possible, the period it is expected that your personal data will be stored and if not possible, the criteria that determine this retention period.

Right to rectification of data

The personal data needs to be accurate, and if needed, be updated. Therefore, you have the right to rectify your personal data.

Right to data portability

You have the right to obtain your personal data, provided to DUVEL, in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller, if this is technically possible.

Right to erasure (“right to be forgotten”)

You have the right to obtain from DUVEL the erasure of your personal data without undue delay, and DUVEL has the obligation to erase this data without undue delay when the personal data are no longer necessary in relation to the purposes for which they were collected (e.g. an order that was placed).

Right to restriction of processing

You have the right to obtain from DUVEL the restriction of processing when:

  • The accuracy of your personal data is contested by you, for a period enabling DUVEL to verify the accuracy of the personal data;
  • The processing is unlawful, and you oppose the erasure of your personal data and you request the restriction of its use instead;
  • DUVEL no longer needs your personal data for the purposes of processing, but you require these for the establishment, exercise or defense of a legal claim.

Right to object

You have the right to object to the processing of your personal data for the specified purpose, to the extent the processing of data is not required for legal obligations and for the normal operations of the organization. DUVEL shall no longer process personal data in this case, unless there are legitimate grounds for the processing which override your interests, rights and freedoms (e.g. in the context of a labor agreement).

7. COOKIES

Certain categories of data are received and stored each time you have contact with us.

For example, like a lot of other websites, we use “cookies” and we receive certain types of data when your web browser opens DUVEL (e.g. which pages are visited and how intensely these are used). This way, we can adapt our site better to your expectations.

More information on cookies you can find in our “cookie policy”, as well as instruction on how to disable these cookies.

8. SAFETY

DUVEL makes efforts to implement and maintain the appropriate measures to ensure that the safety, integrity and privacy of the personal data you provided is not abused. When processing your personal data, we take reasonable measures to protect this information from loss, abuse, unauthorized access, disclosure, modifications or deletion.

We use different technical and organizational measures to protect your personal data and to help prevent theft, abuse and unauthorized access, disclosure, modifications and deletion of your information. For example, we maintain the data provided by you on computer systems with limited access and in controlled environments. In addition, we require our external datacenter providers to take appropriate security measures. While transferring your data through internet, your data is protected by encryption. Your password is encrypted and can’t be made legible, which means it can’t be recovered or be disclosed by anybody, not even by DUVEL.

When you place an order online and choose online payment by Visa, Master Card or Eurocard, you will be requested to provide the card number. The processing of this transaction is done by the certified payment provider Ingenico who guarantees a 100% safe transaction. DUVEL will not see you card number or other data.

For questions about the safety of your personal data you can contact us through [email protected].

9. LINKS TO OTHER WEBSITES

The site can contain links to other websites. When you leave the site and visit another website, it is possible that other privacy practices are applied and that another privacy policy is applicable of which DUVEL has no control and for which we are not responsible.

10. RETENTION

DUVEL retains personal data no longer then strictly needed for the offering of our services or products, to perform transactions you have requested or for essential purposes like respecting our legal obligation, the settlement of potential disputes and to comply with our agreements. Because these needs can differ, the retention periods can also differ considerably.

We can maintain your personal data after a last interaction with DUVEL for a reasonable period for example to follow-up on an order. When the personal data we collected is no longer required for the purpose for which they were maintained, we will delete them in a secure way.

11. CHILDREN

This website is not aimed at individuals that don’t have the legal age of 18 years. We don’t purposefully collect data of these individuals. They can only use the services of our site in the presence of a parent or guardian and only with their permission.

If, after reporting of a parent or guardian, or after discovery in another way, it seems that a child younger than 18 years is registered unjustly with false data, we shall remove the account of the child and delete the personal data of the child from our registration.

12. LEGAL REQUIREMENTS

DUVEL can divulge your personal data if it legally needs to or if DUVEL, in good faith, judges that such divulgation is reasonably necessary to fulfill legal procedures or to react on potential claims.

13. MERGERS AND ACQUISITIONS

In case of a partial or complete merger or partial or complete acquisition of DUVEL by another company, the company that acquires DUVEL shall receive access to the information that is maintained by DUVEL, but is also bound to the same obligations with regard to your personal data.

14. TRANSFER OF DATA (OUTSIDE EEA)

DUVEL has implemented appropriate measures to protect your personal data when these are transferred internationally, for example by using standard contractual clauses as approved by the European Commission. Your protection is hereby guaranteed.

15. ENTRY INTO FORCE AND MODIFICATIONS

This policy is created and enters into force as from 22/02/2020.

We maintain the right to, if it is deemed necessary, to change, modify, add or delete (parts) of this policy.

It is your responsibility to be aware of the most recent version of this Policy. Using this Site means you agree to the content of this Policy.

16. QUESTIONS?

If you have questions on the use of your personal data or about the security of our website, contact us by sending an e-mail to [email protected].

Unless specifically mentioned otherwise, DUVEL is controller for the personal data we collect and to which this privacy policy applies. Our address is 2870 Puurs-Sint-Amands, Breendonkdorp 58, Belgium.