Roxell privacy statement
The website roxell.com is made available by Roxell bv, a private limited company under Belgian law with its registered office at Industrielaan 13, 9990 Maldegem, registered with the Crossroads Bank for Enterprises under number 0401.007.106 (Ghent Register of Legal Entities, division of Ghent).
We take data protection very seriously. We guarantee that your Personal Data (as defined below) will be suitably protected, a guarantee that is based on the provisions of the General Data Protection Regulation, which took effect on 25 May 2018 (“GDPR”).
Roxell acts as the controller within the meaning of the GDPR and in that capacity we wish to provide you with information on the processing of your Personal Data.
This Privacy Statement for the website, which must be read in conjunction with our Cookie Statement, provides you with information on the manner in which and the conditions under which Roxell receives and processes the Personal Data provided via the Website.
Please read through these documents, as these provisions could be important for you. If you have any queries or require further information, please contact Roxell at firstname.lastname@example.org or +32 50 729 172.
Roxell shall only use your Personal Data for those purposes stated in this Privacy Statement and we will not disclose your Personal Data in any manner whatsoever to third parties, except where such is provided for under point 7 of this Privacy Statement.
2. What is personal data?
“Personal Data” is, according to the GDPR, all data that can be used to directly or indirectly identify you. So Personal Data covers all data that we can somehow link to you, such as your email address, telephone number or the IP address of the device you use.
Cookies can collect Personal Data or other data, including the IP address of the device you use, which is why this Privacy Statement must be deemed to be integrally related to our Cookie Statement.
3. What personal data and and be collected and when?
Click behaviour and visitor data
When you use our Website we receive general user data, such as the time at which it is called up and data that your browser sends us.
When you first visit our Website a popup message appears explaining cookies. You can also use this popup window to state which cookies you consent to being installed on your device.
4. Why do we process your personal data?
Visitors to the website
We process your Personal Data on the basis of your consent and on the basis of our legitimate interest in monitoring and improving our Website.
We use this data for the statistical analysis of visitor and click behaviour on the Website, and we also use that data to optimise the Website's functioning. We endeavour to, insofar as is possible, pseudonymise or anonymise that data and do not provide it to third parties that could use it for their own purposes.
We process your Personal Data in order to analyse our services and improve your experience of our Website as well as to deal with any complaints in that respect. By being aware of what our customers are viewing, ordering, clicking on, etc, we can perform the necessary analyses for the purpose of improving these products and services.
We collect and process, within the context of our service and our activities, the identity and contact details of our customers and clients, their staff, representatives and other useful contact persons. The purposes of such processing are to perform contracts with our customers, customer administration, the bookkeeping and public relations such as sending them our newsletter or inviting them to networking events. The legal grounds are the contract performance, compliance with statutory and regulatory obligations and/or our legitimate interest. Your consent can be revoked at any time with respect to the provision of information by email (such as a newsletter or invitations to events).
We collect and process the identity and contact details of our suppliers, their staff, representatives and other useful contact persons. The purposes of such processing are to perform contracts with our customers, supplier/subcontractor administration, the bookkeeping and public relations such as sending them our newsletter or inviting them to networking events. The legal grounds are the contract performance, compliance with statutory and regulatory obligations and/or our legitimate interest (such as direct marketing). Your consent can be revoked at any time with respect to the provision of information by email (such as a newsletter or invitations to events).
We process the Personal Data of our employees in the context of our personnel administration and payroll administration. With due regard for the specific nature thereof, such processing is covered more extensively in a Data protection Policy for employees.
Aside from the data of customers, suppliers/subcontractors and staff, we also process the Personal Data of other parties, such as new potential customers/prospects, useful contacts within our industry, network contacts, the contact details of experts, etc. The purpose of this processing is in the interest of our activities as well as for public relations. The legal ground is our legitimate interest or, in some cases, contract performance.
Roxell only has further free access to your Personal Data and may freely store and disclose your Personal Data in the following circumstances:
- in order to comply with the applicable laws and regulations;
- where a law enforcement or other public agency officially requests such;
- in order to investigate suspected or de facto fraudulent or illegal activities;
- in order to protect the safety and/or your rights or those of Roxell.
5. How long do we store your data?
Roxell ensures that your Personal Data is stored for no longer than is necessary for the aforementioned processing purposes. All Personal Data shall be stored for that period in accordance with the provisions of this Privacy Statement.
In our Cookie Statement we set out the period for which the various cookies are stored.
Anonymised Data (that no longer contains Personal Data) is stored for as long as it is of benefit to us.
6. How do we protect your personal data?
Roxell takes appropriate and required measures in order to protect your Personal Data against loss, unlawful use or the alteration of the information we received. Such measures include, among others: (i) securing your Personal Data by means of a password, (iii) anti-virus systems, (iv) securing network connections by means of Transport Layer Security (TLS) technology and (v) anonymising Personal Data.
7. Do we make your personal data available to third parties?
Transmission to third parties
Roxell can transmit your data to independent companies or service providers, such as for the purpose of providing a number of infrastructure or IT services, performing payment transactions through our services, delivering orders, sending out direct marketing information, performing analyses, etcetera. These companies and third parties could gain access to Personal Data and information within the context of their work for Roxell. Roxell shall only permit such access to the degree that it is necessary for them to perform their work and to the degree that these companies offer the necessary guarantees that suitable organisational and technical security measures have been taken in order to protect your Personal Data and privacy. Roxell has reached agreements with these service providers and suppliers with respect to the securing and protecting of your Personal Data.
Within the context of performing their work, they are likewise obliged to comply with the provisions of the GDPR.
- Cookies: in respect of third party cookies, the IP address of the device you are using can be transmitted to third parties. In this respect, please see our Cookie Statement.
- The authorities: Roxell is required by law to supply your Personal Data when such is demanded under a law, decree or ordinance or when such is demanded by court order.
Links to other websites
Our Website contains links to other websites. This Privacy Statement applies solely to our Website. When visiting other websites we recommend that you always consult their provisions with regard to data protection.
We are not responsible for the content of the websites that you visit through the links available on this Website nor can we be deemed to consent to the content made available through these links. We recommend that you read the privacy statements of these websites before making use of them. With respect to links to other websites, Roxell is only liable if it is aware of the unlawful or criminal content thereof and it is technically possible to block these links.
8. Will your personal data be transmitted outside of the European Economic Area?
Should Roxell use data processors located outside of the European Economic Area, your Personal Data could be transferred, stored and processed outside of the European Economic Area. In the event that your Personal Data is transmitted outside the European Economic Area, Roxell shall ensure, pursuant to the GDPR, through contractual and other measures, that this data receives an appropriate protection level that is comparable to the protection it receives within the European Economic Area.
9. What are my rights and how can I manage my personal data?
We endeavour to guarantee the safe and legal processing of your Personal Data, and we ensure that your Personal Data will be processed in a safe and legitimate manner.
You have a number of rights under the GDPR, as summarised below. Should you wish to exercise the following rights please notify us by email at GDPR@roxell.com or by letter addressed to: Industrielaan 13, 9990 Maldegem.
Roxell undertakes to respond within thirty (30) calendar days to every request to exercise one's rights.
In order to exercise your rights of access to or the transmission of your Personal Data, and in order to prevent any unwarranted disclosure of your Personal Data, we require proof of your identity. We consequently ask that when you wish to exercise your rights of access to or the transmission of your Personal Data you enclose a copy of your identity card with your written request by email or letter to the aforementioned addresses.
9.1. The right of access to the data
You have the right to be informed whether Roxell processes your Personal Data and, where such occurs, to gain access to such Personal Data and receive the following information:
- the purposes of the processing;
- the categories of Personal Data concerned;
- the recipients or the categories of recipients to which the Personal Data is or will be made available, in particular the recipients in third-party countries or international organisations;
- the period for which your Personal Data will be stored or the criteria for determining that storage period;
- where we obtain Personal Data from third parties, information concerning the source of that Personal Data; and
- whether or not an automated decision-making process (including profiling) exists with respect to your Personal Data and, insofar as is applicable, any useful information on the underlying logic, as well as the interest and the possible consequences of such an automated decision-making process.
9.2. The right to the transmission of data
You also have the right to receive an emailed copy, in a structured, commonly used and machine-readable format, of the Personal Data you provided to Roxell so that you can provided it to another controller or so that we can, at your demand and where such is technically possible, provide it to another controller. Requesting such a copy is free of charge. Should you request additional copies of your Personal Data Roxell can demand a reasonable fee for covering the administrative costs thereof.
9.3. The right to the correction and completion of data
You have the right to have your Personal Data corrected or to have incorrect data amended free of charge, where your Personal Data is incomplete or incorrect or where it is processed in an unlawful manner. You likewise have the right to have incomplete Personal Data completed by, inter alia, issuing a supplementary declaration in that respect.
9.4. The right to the deletion of data (the 'right to be forgotten')
You have the right to demand that your Personal Data that was collected by Roxell be deleted in the following cases:
- your Personal Data is no longer required for the processing purposes as provided for in this Privacy Statement;
- you revoke the consent previously granted for the processing of your Personal Data and there are no further legal grounds available to Roxell for the (continued) processing of your Personal Data;
- you object to the processing (or continued processing) of your Personal Data and there are no compelling legitimate grounds for the processing of your Personal Data by Roxell;
- your Personal Data was unlawfully processed;
- your Personal Data must be deleted in order to comply with a statutory obligation on the part of Roxell;
- your Personal Data was collected when you were still a minor.
Should you demand that your Personal Data be deleted, please be aware that we are required to retain certain Personal Data in order to comply with our statutory obligations.
9.5. The right to object to and restrict further processing
You also have the right to restrict the processing of your Personal Data when:
- you dispute the accuracy of that Personal Data (in this context, the use of your Personal Data is then restricted for a period that will allow Roxell to check the accuracy of your Personal Data);
- the processing of your Personal Data is unlawful and, instead of its deletion, you demand that Roxell restricts the processing of your Personal Data and its usage;
- Roxell no longer requires your Personal Data for the processing objectives as set out above, but you require that Personal Data for serving, exercising or defending legal claims;
- once you have exercised your right to object to the processing of your Personal Data and for the period that a decision has not been reached with respect to the exercising of that right, you demand that Roxell restrict the use of your Personal Data.
Moreover, you have the right to revoke your consent with respect to the processing of your Personal Data at any time, without such compromising the lawfulness of the processing prior to your revocation of consent.
9.6. The right to lodge a complaint
We will naturally be happy to assist you if you have a complaint with regard to the processing of your Personal Data that you submit to GDPR@roxell.com or +32 50 729 172. You also have the right, pursuant to the GDPR, to lodge a complaint with the Data Protection Authority in respect of our processing of your Personal Data by notifying:
The Data Protection Authority
Drukpersstraat 35, 1000 Brussels
Telephone: +32 2 274 48 00
Fax: +32 2 274 48 35
10. Duty to report data breaches
Roxell shall, in the event of a data breach, inform the Privacy Commission thereof in good time. A data breach constitutes a breach of the protection of your Personal Data (a hack). Consequently, all concerned parties shall be informed of the data breach and shall, as a matter of urgency, be informed what the risks are or could be as a result of this data breach.
If you are aware of a data breach or if you suspect such has occurred, then we ask that you immediately inform us by sending an email to GDPR@roxell.com.
11. Amending this privacy statement
This Privacy Statement can be amended if our services or the applicable legislation require such. New applications could be introduced under which we shall collect or wish to use your data in a different manner. We shall announce any such amendments on our Website and alter the date at the top of the Privacy Statement. Where required, we shall once again request your consent.
We also recommend that you consult our Privacy Statement at regular intervals so that you are aware of any amendments thereto.
Previous versions of our Privacy Statement shall be stored in our records and you can request them at any time by emailing GDPR@roxell.com.