Privacy Policy

1. General - what is the purpose of this Privacy Policy?

1.1. The website available at the address www.sofindev.com (hereafter: the ‘Website’) is operated by and is the property of Sofindev Management nv, with business number 0884.934.760 and with registered office at Lambroekstraat 5D, 1831 Diegem, Belgium (hereafter: ‘Controller’, ‘we’ or ‘our).

1.2. This Privacy Policy is intended to provide information about the processing of your personal details on or via the Website. This Privacy Policy is intended to safeguard the proper and transparent processing of your personal data.

We highly recommend that you carefully read this Privacy Policy.

1.3. This Privacy Policy is only applicable to the processing of your personal data on or via the Website by the Controller and/or by controllers (e.g. external service providers or subcontractors) which process your personal data on our behalf and which have concluded a controller contract with us in this regard.

This Privacy Policy does not in any way whatsoever cover the privacy policies of other websites or applications to which the Website refers via (permitted) hyperlinks or of companies or entities that advertise our services.

1.4. We are responsible for processing your personal data. As the Controller, we take all appropriate technical and organisational measures so that the processing is in compliance with Regulation (EU) 2016/679 of 27 April 2016 (hereafter: ‘GDPR’). Our appointees or employees who have access to your personal data are also required to comply with the obligations of the GDPR.

1.5. This Privacy Policy can be made available to you electronically and can be viewed at any time under ‘Privacy Policy’ on the Website. If you have any requests or additional comments, please send an email to info@sofindev.com. We shall reply to you with the steps that have been taken in this regard within one month after receipt of your request or question.

1.6. The Controller maintains the right to change this Privacy Policy at all times. This Privacy Policy was last updated on 6 May 2020.

1.7. We must inform you that you must always have express permission from the relevant people before uploading to or placing information on the Website about these people.

2. Who are we and how can you contact us?

Legal form: Limited Liability Company

Company name: Sofindev Management nv

Trade name: Sofindev

Registered office: Lambroekstraat 5D, 1831 Diegem, Belgium

VAT number: BE0884 934 76

Telephone number: +32 (0)2 720 70 07

E-mail: info@sofindev.com

Hyperlink(s) Website: www.sofindev.com

3. For which purposes do we process your personal data?

We process your personal data that you provide on or via the Website, as part of the given consent, to communicate about Sofindev Manangement nv via the newsletter and we store your personal and business-related data in the context of our business relationship.

4. What are the legal grounds for processing your personal data?

4.1. We only process your personal and business-related data in accordance with the legal requirements. We record this data and process it only in the context of the fulfilment of our business obligations to you or to send communication around Sofindev Management nv via the newsletter. Unless you provide us with this information, we are unable to start a business relationship with you or send newsletters. We use your personal and business-related data only in situations and to the extent that you have provided your specific consent.

4.2. In all cases, from the moment that you approve our Privacy Policy, by clicking on the button prior to using the Website and/or the processing of personal details on or via the Website, you provide us with free, specific, informed and unambiguous permission to process your personal data and you explicitly consent to the ways in which this is processed, as set forth in this Privacy Policy.

5. Which personal data do we process?

5.1. On or via the Website, we only process the following personal data if and insofar you have provided your consent:

Amongst the personal and business information we process about you is all the personal or business information we receive from you. This may include your full name, title, gender, mailing address, your telephone number(s), fax number, your email address and/or company name.

5.2. Among other things, we process the following data: device data, log file data such as the IP address, browser, and operating system, the external website that brought you to our Website, and the pages that you visit on the Website (and the date and time you visited these pages). This data is only automatically (without any sort of registration) processed for statistical purposes and with a view to further improve the Website.

6. Who receives and/or processes your personal data, in addition to the Controller?

Your personal data is also processed on our behalf by, among others, our IT supplier Dynamate. This processing is arranged in a controller contract that we have concluded with them.

7. Do we pass your personal data on to companies or entities in non-EU countries?

Your data is stored at the CRM company's data center with which we have an agreement. The data center is located in Canada. When your personal data is passed on outside the EEA, we will provide appropriate safeguards to ensure that this transfer is carried out in accordance with applicable data protection rules. You can request additional information regarding this.

8. Where, how and for how long do we retain your personal data?

We shall not store your personal data for any longer than required to achieve the purposes specified in Article 4. In this context, we could therefore store your personal data for some time. We will store your personal data for a maximum of 10 years after the end of our business relationship.

9. What are your rights?

9.1. You have the right to request:

- a review of your personal data;

- improvement (rectification) or removal (deletion) of your personal data;

- a restriction of the processing that relates to you.

9.2. You have the right to appeal against the processing of your personal data. You can object to the processing of your personal data for direct marketing, including the newsletter, at all times and at no cost.

9.3. You have the right to have your personal data transferred to another controller.

9.4. If the processing of your personal data is based on your permission, you have the right to revoke this permission at all times. However, the revocation of your permission is not retroactive and the lawfulness of the processing based on your permission before the revocation thereof shall remain intact.

9.5. You have the right to submit a complaint to the Privacy Commission/Data Protection Authority.

9.6. The exercise of the aforementioned rights is dependent upon the requirements and conditions as stipulated in the GDPR.

9.7. In order to exercise these rights, you can send a simple request to info@sofindev.com, providing adequate proof of your identity.

10. What are our obligations?

10.1. We take all the appropriate measures to guarantee the security level that is aligned with the risks for and during the protection of your personal data.

10.2. We maintain a processing register in which the (category of) processing of your personal data is described.

10.3. We cooperate with the authorised privacy authorities (at their request).

10.4. Where necessary and/or required, we shall immediately inform the Privacy Commission/National Data Protection Authority within 72 hours after detection of any security incidents or data leaks (including illegal processing, loss, unavailability, destruction, damage, or unauthorised distribution of your personal data).

We will also inform you under the terms and conditions specified in the GDPR if such a violation appears to entail a high risk for your rights.

If you become aware of a violation in relation to your personal data or that of others, you may contact us on the email address info@sofindev.com.

10.5. If we use new technologies or applications in order to process your personal data, which could correspond to high risks in relation to your data protection, we will conduct a so-called ‘Data Protection Impact Assessment’ (DPIA) under the conditions of GDPR and, if necessary, consult the Privacy Commission/Data Protection Authority in advance.