1/ Introduction and explanation of some privacy concepts
2/ Who we are
3/ What information about you can we process and why?
4/ Who receives the personal data?
5/ How long do we keep your personal data
6/ What rights do you have to guarantee the protection of your personal data?
7/ How are your data secured?
1/ INTRODUCTION AND EXPLANATION OF SOME PRIVACY CONCEPTS:
2/ WHO WE ARE:
The One2three NV company has developed an online ordering platform tailored to your snack bar, fries outlet, sandwich shop, bar, (company) restaurant, hotel, … whose address is Tervurenlaan 34, 1040 Etterbeek and Crossroads Bank for Enterprises registration number is BE0535,701,405.
If you have any questions or would like more information, you can always contact the manager at the following e-mail address: email@example.com.
3/ WHAT INFORMATION ABOUT YOU CAN WE PROCESS AND WHY?
We collect data for sales purposes on our ordering platform:
In order to be able to offer you the right products and services and depending on the situation, one2three NV needs certain types of information from you. The information that one2three NV requests and collects via its activities, use of the platform or via the website and apps and with which we can identify you, is called personal data. Below we explain why one2three NV requests personal data from you and for which purposes these will be used:
When one2three NV is contacted to submit an application, we may collect your personal data in order to fill a vacancy. We will keep the details of your CV for a maximum of 6 months after your application if you have not been hired.
Section: “Request your demo” & “Contact us”:
In this case we ask for your contact details, name, e-mail address, telephone and the question/message you want to ask or leave. We will use these details to contact you only in accordance with your request.
If you have already worked for us, we may send you newsletters, because we have a legitimate interest in doing so. If you have not yet worked for us, you can subscribe to our newsletter via the website. Of course, you can always ask us to stop sending you any further information by unsubscribing from the newsletter.
Our websites also use “cookies”. These are small pieces of information that are stored by the browser on your computer to allow us to record certain information about the users of our website. They help to make the website more responsive to your needs, preferences and improve user comfort. Further details can be found in our cookie statement published on the website.
Your identification data (last name, first name, e-mail address(es), telephone number(s), of you and employees necessary for the provision of our services or use of our software are processed and are necessary for the fulfilment of our agreement.
Personal data of individuals that we collect as a processor in connection with the use of our platform are gathered in the light of need to fulfil the contract with our customers (the controller). These data are kept for as long as is necessary to achieve the objectives and the retention period established by the controller. In this connection please consult the order form, the cooperation agreement or the processing agreement between the parties.
If you contact us by phone, e-mail or website, we may note your details (last name, first name, e-mail address and telephone number) in order to establish contact details and, if necessary, to use this for providing further services to you.
If you provide us with a business card, we will assume that by doing so, you are also consenting to be included in our database until such time as you notify us that you wish to revoke this consent.
Data we collect indirectly:
We may collect publicly available data, for example because they are generally known or because they have appeared in the press. We may collect personal data that are subject to a statutory reporting requirement, such as the publication of data about you in a company, or data that you yourself have made publicly available, such as information on your website, information in, for example, the Crossroads Bank for Enterprises, Belgian Official Gazette Monitor, …
Data concerning suppliers, partners and service providers:
Personal data necessary for the fulfilment of an agreement or contract with suppliers, partners or service providers is also collected. This mainly applies to contact details such as e-mail addresses and the telephone numbers of contact persons in order to facilitate communication.
As a data controller, we do not collect and process so-called sensitive data, namely:
Any such sensitive personal information that might be communicated to us would not be used by us and would be deleted.
As a data controller, we do not collect and process any personal data relating to minors.
4/ WHO RECEIVES THE PERSONAL DATA?
Your personal data will normally not be passed on to other parties.
Only one2three NV employees, who need your personal data to perform their duties, may consult your personal data, apart from the following cases:
We work together with a number of third parties who may also process your personal data. These are recipients that operate exclusively in the European Union and individuals or organisations that have a direct relationship with one2three NV. These are, for example, partners or contractors responsible for activating and installing the application.
The transfer of your data is limited to the data they need to perform their task on our behalf. We ensure that they, like us, manage your data securely, respectfully and with due care and we provide the contractual safeguards for this purpose.
5/ HOW LONG DO WE KEEP YOUR PERSONAL DATA
It goes without saying that we store your personal data in accordance with any statutory time limits and any statute of limitations that may apply. For example, for invoices 7 years.
As part of our customer management process, we keep data for as long as is necessary to achieve our goals and to be able to serve you effectively as a customer.
6/ WHAT RIGHTS DO YOU HAVE TO GUARANTEE THE PROTECTION OF YOUR PERSONAL DATA?
Right of access and inspection: you have the right to inspect, free of charge, any information we have about you and to find out what it is used for.
Right of rectification: you have the right to request the rectification of your incorrect personal data, as well as to add to incomplete personal data.
You are entitled to object to the processing of your personal data on the grounds of serious and justifiable reasons. Please note, however, that you cannot object to the processing of personal data which is necessary for us to fulfil a legal obligation, the fulfilment of the contract or our legitimate interest, for as long as these data are necessary for the purposes for which they were collected.
You are also entitled at any time to object to the use of personal data for direct marketing purposes. In such a case, you do not even have to provide reasons.
You are entitled to obtain the personal data you have provided to us in a structured, common and machine-readable form. You are entitled to transfer these data to another data controller.
Right of withdrawal of consent: if the processing of personal data is based on prior consent, you have the right to withdraw this consent. These personal data will then only be processed if we have another legal basis for doing so.
You may request that the processing of your personal data be restricted. If you believe that we are processing your personal data on an unlawful basis, you can ask for the processing of your personal data to be restricted. This means that we may only further process your personal data with your consent. We may continue to store your personal data, but may not use it for further processing without your consent, except in the context of legal proceedings, for the protection of natural or legal persons or for important grounds of public interest.
Some data processing and processes are fully automated without any human intervention. However, we do not apply this to the processing of your personal data.
If you wish to exercise one or more of these rights, please contact us at the above contact address and clearly specify which right you wish to exercise.
Please present proof of identity in order to be able to identify yourself if necessary.
One2three NV does its utmost to process your personal data in a correct, legal and transparent manner.
If you nevertheless believe that your rights have been infringed and your concerns have not been addressed within our company, you are at liberty to lodge a complaint with the Data Protection Authority: Drukpersstraat 35, 1000 Brussels, Tel +32 (0)2 274 48 00, Fax +32 (0)2 274 48 35, e-mail: firstname.lastname@example.org
7/ HOW IS YOUR DATA SECURED?
One2three NV has developed safety measures that are suitably adapted on a technical and organisational level in order to avoid the destruction, loss, falsification, alteration, unauthorised access or notification by mistake to third parties of any personal data collected, as well as any other unauthorised processing of these data.
In the unlikely event that your personal data is involved in an information security breach, we will take immediate action to identify the breach and take appropriate action. If necessary, we will notify you of this incident as required by law.