PRIVACY NOTICE - CUSTOMERS

(version 05/07/2024)

Your privacy is important for us.

All personal data that we obtain about you will be collected and processed in accordance with applicable data protection legislation, in particular the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”), as well as this privacy notice.

This privacy notice provides more information about the personal data that we process, why we process it, how we obtain the data, how long we retain the data and with whom we share it. It also provides more information on how you can exercise your rights.

 I. IDENTITY AND CONTACT DETAILS

The joint data controllers for your personal data are the following legal entities:

Aminolabs Holding BV
Research Campus 6
3500 Hasselt
Belgium
Enterprise number 0805 035 167

Eurofood International NV
Research Campus 6
3500 Hasselt
Belgium
Enterprise number 0462 325 457

Aminolabs Belgium NV
Research Campus 6
3500 Hasselt
Belgium
Enterprise number 0450 846 397

 

For certain purposes, the above entities process your personal data jointly as co-controllers with Aminolabs Deutschland GmbH, located at Große Reichenstr. 27, D-20457 Hamburg, Germany, with company number HRB 148138. If you have any questions regarding the processing of your personal data, you can always contact any of the joint controllers.

If you have any questions about the processing of your personal data, you can always contact us:

• via post: to the abovementioned address (attn. Privacy)
• via e-mail: privacy@aminolabs.com

Aminolabs Deutschland has appointed a data protection officer (“DPO”) pursuant to the GDPR. The DPO (for Aminolabs Deutschland) can be contacted via privacy@aminolabs.com.

II. PURPOSES

As a customer of Aminolabs, we may process your personal data for one or more of the following purposes:

• Customer management
• Marketing and communication
• Finance and accounting
• Security registration
• Camera registration
• Litigation management
• Website

Below, you can find for each purpose the personal data that we process, why we process it, how we obtain the data, how long we retain the data and with whom we share it.

A. Customer management

As (the contact person of) a (prospective) customer of Aminolabs, we may process your personal identification data (name, (company)address, email address, telephone number), identification data issued by public authorities (enterprise number, VAT number), as well as all other information that is provided to us or is relevant to us in the context of our customer relationship (e.g. employment and occupation data).

These personal data allow us to correctly handle our customer administration, including a swift correspondence, placing and managing of orders, follow-up on orders, invoicing, etc.

In case of (a contact person of) a professional customer, the legal basis for this processing is our legitimate interest to execute your orders (Art. 6.1 (f) GDPR).

We obtain these personal data directly from you.

For our customer management, we may store your personal data for up to 10 years after your last order and/or our last contact with you (plus a verification period of 1 year).

Aminolabs Deutschland GmbH is jointly responsible for the processing of your personal data for R&D purposes. If you have any further questions regarding this matter, you can always contact us via the contact details provided under IDENTITY AND CONTACT DETAILS.

We only share your personal data with third parties with whom we cooperate in the context of our customer management (IT and software providers, possibly: delivery services).

B. Marketing and communication

For our marketing and communication purposes, we may process your personal identification data (name, (company) address, e-mail address), personal characteristics (gender, language), education or employment data (position, company), participation/evaluation to/of our fairs/events and any other information that is provided in correspondence with us. We may also receive data about your interaction with our newsletters.

These data allow us to keep you informed about our products and services via our website, social media pages or communications on topics that may be of interest to you, which includes our newsletters, information about our products and invitations to our fairs and events.

The legal basis for this processing is our legitimate interest to promote our products, services and events to our (prospective) customers (Art. 6.1 (f) GDPR). At a fair, we ask your consent to send our communications (Art. 6.1 (a) GDPR).

We obtain these personal data directly from you.

We will send you our newsletters and other communications until you unsubscribe to our newsletters and other communications, which you are free to do at any time (for more information, see RIGHTS).

We only share these personal data with third parties with whom we cooperate in the context of the our marketing and communication (suppliers of marketing tools). Furthermore IT and software providers also have access to your personal data.

C. Finance and accounting

For our finance and accountancy purposes, we may process your personal identification data (name, (company) address, email address, telephone number), identification data issued by public authorities (enterprise number, VAT number), financial data (bank account number, payment method) and an overview of supplied services.

These data allow us to keep our accounts and comply with accounting obligations (including the preparation of the accounting documents, annual accounts, tax, pre-payments, expense notes) and invoice our products and services.

The legal basis for this processing are the various legal obligations as set out in the Belgian Code of Economic Law, the Belgian Code of Companies and Associations and its Royal Decree and the Belgian Income Tax Code (Art. 6.1 (c) GDPR) and - insofar as the processing goes beyond what is strictly necessary for the fulfilment of this legal obligation - our the legitimate interest (Art. 6.1 (f) GDPR).

We obtain these personal data directly from you.

For finance and accountancy purposes, we store your personal data for up to 10 years after the relevant financial year (plus a verification period of 1 year).

We only share these personal data with third parties on a need to know basis, including public authorities, social security authorities, banking and insurance companies and/or our accounting and law firm. In addition, our IT and software providers also have access to these personal data.

D. Security registration

In order to ensure the security at our premises, we may register your personal identification data (name, e-mail address), employment data (position and company name) and your time of visit.

These data allow us to ensure the security at our premises, such as through access registration, as well as to have an overview of the people present at our premises.

The legal basis for this processing is our legitimate interest to ensure the security at our premises (Art. 6.1 (f) GDPR).

We obtain these personal data directly from you after access registration at our reception.

For monitoring security in our premises, we keep your personal data for up to 1 month after registering the personal data, unless it needs to be kept longer as evidence of a concrete crime or claim or for identifying a potential perpetrator, victim or witness (plus a verification period of 2 weeks).

We only share these personal data with third parties on a need to know basis, including potential transfers to the police, judicial authorities and fire brigade. In addition, third parties with whom we cooperate for the storage and management of our data also have access to these personal data (IT and software providers).

E. Camera surveillance

Our premises (incl. the factory) are equipped with camera surveillance. When visiting the premises, images of you might be recorded, as well as the location, date and time of the recording.

The purpose of camera surveillance is to ensure the security at our premises, to prevent thefts and to intervene / deal with (criminal) offences, disputes, damages claims and other incidents.

The legal basis for this processing is our legitimate interest to ensure the security of our employees / consultants and premises (Art. 6.1 (f) GDPR).

We obtain these personal data directly from you. The camera surveillance is clearly indicated at the entrance of our premises.

The images are kept for a maximum of 30 days, unless it needs to be kept longer as evidence of a concrete crime or claim or for identifying a potential perpetrator, victim or witness (plus a verification period of 2 weeks).

We only share these images with third parties with whom we cooperate in achieving the purposes mentioned above (security advisors) and, if necessary, with the police and judicial authorities. In case of a claim, the images may also be passed on to our insurer, law firms, experts or other involved parties. In addition, third parties with whom we cooperate for the storage and management of our data also have access to these personal data (IT and software providers).

F. Litigation management

In case of a (potential) litigation, we may process your personal identification data (name, (company) address, email address, telephone number) and any other information that is relevant to the (potential) litigation.

These data allow us to defend our legal interests in all forms of dispute resolution.

The legal basis for this processing is the legitimate interest to exercise our (contractual, extra-contractual, legal and other) rights as well as our rights of defence (Art. 6.1 (f) GDPR).

We obtain these personal data directly from you or via third parties.

For our litigation management, we store your personal data for up to 5 years after the deadline to appeal (longer if necessary, e.g. to comply with legal obligations) (plus a verification period of 1 year).

We only share these personal data with third parties on a need to know basis, including public and judicial authorities (i.e. courts and tribunals, bailiffs, public prosecutor and the police), banking and insurance companies, our accounting and law firm, debt collection agency. Our IT and software providers also have access to these personal data.

G. Website

For more information on the processing of your personal data when visiting our website www.aminolabs.com, we refer to our Privacy notice – website.

III. SECURITY

We have implemented appropriate technical and organizational measures to ensure the confidentiality of your personal data and to protect your data from accidental and unlawful destruction, loss, alteration, unauthorized disclosure and access.

We have made the necessary contractual arrangements with the third parties with whom we work together and will not transfer your personal data outside the European Economic Area without ensuring that your data is granted an equivalent level of protection there.

IV. RIGHTS

You can always contact us to exercise the following rights:

• the right to access or rectification of your personal data;
• the right to erasure of your personal data;
• the right to restrict the processing of your personal data;
• the right to withdraw your consent;
• the right to object to the processing of your data;
• the right to transmit your data to another service provider;
• a complaint if you believe that we are not acting in accordance with applicable data protection laws. You can also submit a complaint to the Belgian Data Protection Authority.

You can reach us via one of the following channels:

• via post: to the abovementioned address (attn. Privacy)
• via e-mail: privacy@aminolabs.com

We respect all rights relating to your personal data to which you are entitled under applicable law.

If you no longer wish to receive our newsletters and wish to stop the processing of your data for that purpose, you can always use the unsubscribe link provided at the bottom of each newsletter. Once you unsubscribe from the newsletter, you will no longer receive it. You can always resubscribe via the contact form on our website.

For the purposes for which the legal basis for the processing of personal data is a legitimate interest, you can always request more information from us about the balancing of interests that Aminolabs has carried out in this context (for more information, see PURPOSES). You can exercise your right to object to the processing of your personal data at any time, specifying the reasons that relate to your specific situation. Aminolabs will cease the processing of your personal data unless it believes that there are compelling legitimate grounds that override the interests, rights, and freedoms you assert.

To process and respond to your requests correctly, we process your personal data based on our legal obligations arising from Chapter III in conjunction with Article 5.2 GDPR (Art. 6.1 (c) GDPR). For identification purposes, we may ask you for a copy of the front of your identity card. We will retain your personal data for up to 5 years after responding to the request (plus a verification period of 1 year).

V. UPDATES

This privacy notice may be amended from time to time, within the limits of the applicable data protection laws. Via our website you always have access to the most recent version.