Politique de confidentialité

Purpose

This Charter is established by the company Becook S.A, ., with registered office at 1 Boulevard de la Foire – 1348 Luxembourg and registered to the Trade and Compagnies Register under number B 166824; Intra-Community VAT number LU 25762054; (hereunder referred to as “The Controller”).

The purpose of the present Charter is to inform visitors of its website, and all other websites belonging to it (hereunder referred to as “website”) how data is collected and processed by the controller.

This Charter is part of the desire of the controller, to act in all transparency, with respect of the national legislation and the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27 2016 on the protection of natural persons with regard to the processing of personal data and to the free movement of these data, and repealing Directive 95/46/CE (hereunder referred to as “General Data Protection Regulation”).

The controller pays great attention to the protection of the privacy of his users and therefore undertakes to take all reasonable precautions necessary to protect the personal data from loss, theft, disclosure or unauthorized use.

Should the user wish to respond to one of the practices described below, he can contact the controller at the postal address or the email address as specified in the section “Contact details” of this Charter.

 

Consent

By accessing and using the website, the user declares to have read the information described below, accepts present Charter and expressly consents to the controller collecting and processing, in accordance with the terms and principles described in present Charter, his personal data which he provides through the website and/or on the occasion of the offered services on the website, for the purposes indicated below.

The user has the right to withdraw consent at any time. The withdrawal of the consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

What data do we collect?

By visiting and using the website, the user expressly consents to the controller collecting and processing, in accordance with the terms and principles described hereafter, following personal data:

  • His domain (automatically detected by the server of the controller), including the dynamic IP address;
  • His email address if the user previously revealed it, for example by sending messages or questions on the website, by communicating with the controller by email, by accessing the restricted area of the website with identification, etc. ;
  • All the information about the pages the user accessed on the website ;
  • All the information the user voluntarily provided, for example in the context of information surveys and/or registrations on the website, or by accessing the restricted area of the website using identification, or by purchasing on the website.

The controller might also collect non-personal data. This data is considered non-personal since it cannot be used to identify directly or indirectly a particular individual.  Therefore, it can be used for whatever purpose, for example to improve the website, the offered products and services or the advertisements of the controller.

In the event that non-personal data would be combined to personal data,  so that an identification of the concerned individual would be possible, these data will be processed as personal data until their connection to a specific individual is impossible.

 

Data-collection methods

The controller collects personal data as follows:

  • When visiting the website through the cookies, see the section “Cookies”
  • At the creation of a customer account on the website
  • When purchasing on the website
  • When subscribing to the newsletter

 

Purpose of the processing

The personal data is collected and processed only for purposes mentioned below:

  • To manage and control the execution of the offered services;
  • To send and follow up the orders and the invoices;
  • To send promotional information on the products and services of the controller;
  • To send, potentially, free samples or offers of service at preferential conditions;
  • To answer the questions of the user;
  • To compile statistics;
  • To improve the quality of the websites and of the products and/or services offered by the controller;
  • To provide information on the new products and/or services of the controller;
  • In view of direct marketing;
  • To enable better identification of the interests of the user.

The controller might be led to perform processing that is not yet provided for in this Charter.  In such event, the controller will contact the user before using his personal data, to inform him of the changes and to enable him, if required, to refuse this use.

 

Retention period

The controller will store personal data only for the time necessary to carry out operations for which it has been collected and in accordance with legal and regulatory requirements.

Personal data of a customer is stored maximum 3 years after the contractual relation which links the customer to the controller.

Shorter retention periods apply for certain categories of data, such as data on communication traffic, which are stored for no more than 12 months.

At the end of the retention period, the controller is committed to ensure that the personal data has been made unavailable.

 

Data access and copying

Upon written application, dated and signed, sent to the controller at the address as mentioned in the section “Contact details” of this Charter, the user can, after having justified his identity (by joining a copy of his identity card), obtain, free of charge, the written communication or a copy of his collected personal data.

The controller may charge a reasonable fee based on administrative costs for all additional copy requested by the user.

When the user makes the request by electronic means, the information shall be provided in a commonly used electronic form, unless the user requests otherwise.

The copy of his data will be provided to the user no later than one month after reception of the request.

 

Right to rectification

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, the user can, after having justified his identity (by joining a copy of his identity card), obtain, free of charge, without undue delay, and no later than within one month,  the rectification of his personal data,  incomplete or irrelevant, as well as complete it if they prove to be incomplete.

 

Right to object processing

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, the user can at any time, for reasons relating to his  particular situation and after having justified his identity (by joining a copy of his identity card), object, free of charge, to the processing of his personal data, when:

  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of an official authority of which the controller would be entrusted;
  • The processing is necessary for the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the person concerned require a protection of the personal data (particularly if the person concerned is a child).

The controller will be allowed to refuse to implement the user’s right of objection when he establishes the existence of compelling and legitimate grounds for the processing, which take precedence over the interests or rights and freedom of the user, or for the establishment, exercise or defence of a legal right. In case of dispute, the user can lodge an appeal as mentioned in the section “Claims and complaints” of the present Charter.

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, the user can, after having justified his identity (by joining a copy of his identity card), object, without justification and for free, to the processing of his personal data when this personal data is collected for purposes of direct marketing (including a profiling).

When the personal data is processed for the purpose of scientific or historic research or for statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object, for reasons relating to his particular situation, to the processing of personal data relating to him, unless the processing is necessary for the execution of a public interest mission.

The controller is required to respond to the request of the user, without undue delay and at the latest within one month and to motivate his answer when he decides not to proceed with such a request.

 

Right to limitation of processing

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, the user can, after having justified his identity (by joining a copy of his identity card), obtain the limitation of the processing of his personal details in the following cases:

  • When the user contests the accuracy of a data and only for the time the controller needs to control this data;
  • When the processing is unlawful and the user prefers limitation of processing to erasure;
  • When, although no longer necessary to the pursuit of the purposes of the processing, the user needs it for establishment, exercise or defence of his legal rights;
  • During the time required for the consideration of the merits of a request of objection by the user, in other words, the time the controller needs to verify the balance of interests between the legitimate interests of the controller and those of the user.

The controller will inform the user when the limitation of processing is lifted.

 

Right to erasure  (Right to be forgotten)

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, the user can, after having justified his identity (by joining a copy of his identity card), obtain the erasure of the personal data related to him, in the following cases:

  • The data is not necessary anymore with regard to the purpose of processing;
  • The user withdrew his consent for his data to be processed and there is no other legal basis for the processing;
  • The user objects to the processing and there are no overriding legitimate grounds for the processing and/or the user exercises his right to object with regard to direct marketing (including the profiling);
  • The personal data has been unlawfully processed;
  • The personal data has to be erased to comply with a legal obligation (of Union law or law of the Member State) to which the controller is subject;
  • The personal data were collected as part of the supply of services of the company of the information intended for children.

The erasure of the data is however not enforceable in following 5 cases:

  • When the processing is necessary for the exercise of the right to freedom of expression and information;
  • When the processing is necessary to comply with a legal obligation provided by Union or Member State law to which the controller is subject, or to perform a task in the public interest or in the exercise of official authority to which the controller would be subject;
  • When the processing is necessary for reasons of public interest in the field of public health;
  • When the processing is necessary for archival purposes in the public interest, for scientific or historic purposes or for statistical purposes and as long as the right to erasure is likely to make impossible or seriously compromise the realisation of the objectives of the processing in question;
  • When the processing is necessary for the establishment, exercise or defence of legal rights.

The controller is obliged to respond to the request of the user without undue delay and at the latest within one month and to give reasons where he does not intend to comply any such request.

The user also has the right, in the same manner, to obtain, free of charge, the erasure or the prohibition of the use of any personal data related to him, that, taking into account the purpose of the processing, would be incomplete or irrelevant or of which the registration, communication or retention would be prohibited or that would have been stored beyond the required and authorized period.

 

Right to “Data portability”

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, after having justified his identity (by joining a copy of his identity card), the user can at any time, request to receive, free of charge, his personal data in a structured, commonly used and machine-readable format, particularly with the intention of transmitting it to another controller, when:

  • The processing of the data is done using automated processes; and when
  • The processing is based on user consent or on a contract concluded between the latter and the controller.

On the same terms and conditions, the user has the right to obtain from the controller that the personal data related to him are directly transmitted to another controller of personal data, as far as technically possible.

The right to portability of the data does not apply to the processing necessary to the execution of a mission of public interest or in the exercise of official authority of which the controller would be invested.

 

Recipients of the data and disclosure to third parties

The recipients of the data collected and processed are, besides the controller himself, his employees or other subcontractors, his carefully selected commercial partners, located in Belgium or the European Union, and who work with the controller in the context of the commercialisation of products or provision of services.

Should the data be disclosed to third parties for direct marketing or prospection purposes, the user will be informed in advance so that he can choose to accept or not this processing of his data by a third party.

Upon written request dated and signed sent to the controller to the address as mentioned in the section “Contact details” of this Charter, after having justified his identity (by joining a copy of his identity card), the user can at any time, object, free of charge, to the disclosure of his data to third parties.

The controller complies with the legal and regulatory provisions applicable and in all cases will ensure that his partners, agents, subcontractors or other third parties with access to these personal data respect the present Charter.

The controller reserves the right to disclose the personal data of the user in the event that a law, judicial procedure or order of a public authority would make this disclosure necessary.

There is no transfer of personal data outside the European Union.

 

Use and management of « cookies »
General principles.

Present article provides information regarding the use of cookies on the website.

Present cookie management policy applies to the website. They are managed by the controller.

The website uses cookies to make navigation more useful and reliable. Come of these cookies are essential to the functioning of the website, other enhance the user experience.

Most of the web browsers are configured to automatically accept the cookies. If the user wishes to customize their management, he has to change the settings of his browser. He will find further information on this subject in the section “management of the cookies” of this provision.

By visiting and using the website, the user expressly agrees with the cookie management described below.

 

Definition of the cookies.

A “cookie” is a data or text file that the server of a website records temporarily or permanently on the user’s equipment (computer hard drive, tablet, smartphone, or any other similar device) through its browser. The cookies can also be installed by third parties with which the controller works.

The cookies retain a certain amount of information, such as the language preferences of the visitors or the content of their shopping cart. Other cookies collect statistics related to users of a website or ensure that graphs appear correctly and that the applications work correctly on the website. Still others allow content and/or advertising to be adapted for the website depending on the user.

 

Use of cookies on the website.

The website uses different types of cookies:

  • Essential or technical cookies: these are essential cookies for the operation of the website, enabling good communication and intended to simplify navigation;
  • Statistical or analytical cookies: these cookies allow to recognize and count the number of visitors and to see their navigation behaviour when they visit the website. This helps improve the user’s navigation and makes it easier for him to find what he is looking for;
  • Functional cookies: these cookies enable specific features on the website in order to improve the convenience and the experience of the user, particularly by remembering his choice of preferences (for example the language);
  • Performance cookies: these cookies collect information related to the way the users use the website. They are used to evaluate and improve the content and the performance of the website (for example by counting the number of visitors, to keep track of the most popular pages or clicks), and to better align the commercial offers to the personal preferences of the user;
  • Advertising or commercial cookies: these are files intended to collect data relating to the profile of the visitors and they may be installed or read by third parties with which the controller works to measure the advertising effectiveness of a webpage and to adapt them better to the areas of interests of the user;
  • Tracking cookies: the website uses tracking cookies through Google Analytics, in a view to help the controller to measure the ways of interacting of the users with the content of the website, and that generates visit analytics in a strictly anonymous way. These statistics allow the website to be continually improved and to offer the user personalised content.  The controller uses Google Analytics to gain insight into the website traffic, the origin of this traffic and the visited pages. This implies that Google acts as a subcontractor. The information collected by Google Analytics s treated in the most anonymous manner possible. For example, it is not possible to identify the persons who visit the website. For more information, the user is invited to consult Google’s data protection policy,  available at:

http://www.google.nl/intl/en_uk/policies/privacy/

The controller is also likely to use cookies and beacons to collect information on the surfing habits of the users on different websites and applications which form part of his advertisement network.

A beacon is an invisible image file which follows the navigation of the user on one or more websites and/or applications.  Furthermore, other commercial cookies can be installed by advertisers during running of their advertisement.

The commercial cookies, do not contain any personal data. The information collected with commercial cookies and beacons are used to measure the efficiency of the advertisement and personalise the advertisement better on the website and other websites of the advertising network or for which the controller provides advertising services.

The retention period for all cookies varies depending on their type:   necessary cookies are usually stored until the browser is closed, while functional cookies are stored for one year and performance cookies for four years.

The controller allows public search engines to visit the website through the ‘spiders’ with the sole purpose of making the access and content of the website accessible through their search engine, without the controller granting the right the archiving of the website. The controller reserves the right to withdraw at any time the authorisation such as formulated in this article.

In order to make offers likely to interest the user, the controller is likely to conclude agreements with advertising companies on the internet. They received authorisation from the controller to place commercial advertisements on the website. When the user visits the website, the advertising companies can also collect information.

Most browsers are configured to automatically accept the cookies, but all allow personalisation of the settings depending on the preferences of the user.

If the user doesn’t wish for the website to place cookies on his computer / mobile device, he can easily manage or remove them  by modifying his browser settings.

If the user doesn’t want to accept the cookies of Google Analytics, he may so indicate through the message about the cookies which appears at his first visit on the website or by personalising the settings of his browser so that he refuses the cookies.

To no longer be traced by Google Analytics on any website, the user is invited to go to following website: http://tools.google.com/dlpage/gaoptout

If the user disables certain cookies, it is possible that some parts of the website cannot be consulted or used, or only partially.

Safety

The controller implements appropriate technical and organisational measures in order to guarantee a level of protection of the processing and the data collected appropriate to the risk represented by processing and the nature of the data to protect adapted to the risk. He takes into account the state of knowledge, the cost of implementation and of the nature, the reach, the context and the purpose of the processing as well as the risks for the rights and freedoms of the users.

The controller always uses encryption technologies which are recognized as the industrial standards within the IT sector when transferring or receiving data on the website.

The controller has put in place appropriate safety measures to protect and avoid loss, misuse or alteration of the information received on the website.

 

Communication by postal mail, electronic mail or telephone

 

Communication by postal mail.

If the user communicates his postal address through the website to the controller, his data is saved on the address file of the controller to answer his request and to keep him informed of the products and services offered by the controller. Unless the user objects, the controller can also communicate the data related to the user to third parties (such as corporate groups and commercial partners) for direct marketing purposes. If the user doesn’t want his data to be used for direct marketing purposes, he can indicate it when registering on the website.

The user may at any time consult, correct or have erased his data from the file of the controller. To this end, he will have to contact the controller at the address as mentioned in the section “Contact details” of this Charter, not forgetting to specify his correct name and address (correctly spelled). The controller undertakes to erase his data from the list he shares with other companies or organisations.

 

Communication by telephone.

If the user communicates his telephone number through the website to the controller, he could receive a telephone call:

  • From the controller in order to provide information on the products, services or upcoming events ;
  • From corporate groups and commercial partners with which the controller has a contractual relationship.

If the user doesn’t want to receive such telephone calls (anymore), he can contact the controller at the address as mentioned in the section “Contact details” of this Charter, not forgetting to specify his correct name and address (correctly spelled). The controller undertakes to erase his data from the list he shares with other companies or organisations.

If the user communicates his mobile phone number through the website to the controller, he will only get messages (SMS/MMS) from the controller necessary to answer his questions or to inform him of his online orders.

Communication by email.

If the user communicates his email address through the website to the controller, he can receive:

  • Emails from the controller to provide information on his products, services or upcoming events (for purpose of direct marketing), provided that the user has expressly consented and he communicated his email address to the controller;
  • Emails from corporate groups and companies/organisations with which the controller has a contractual relationship, with purpose of direct marketing, provided that the user has expressly consented.

If the user doesn’t want to receive such emails (anymore), he can contact the controller at the address as mentioned in the section “Contact details” of this Charter, not forgetting to specify his correct name and address (correctly spelled).

The controller undertakes to erase his data from the list he shares with other companies or organisations.

 

Claims and complaints

The user can lodge a complaint with his national supervisory authority, whose contact details are available on the official website of the European Commission:  http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

 

Contact details

For any question and/or complaints, in particular as to the clarity and accessibility of this Charter, the user can contact the controller:

  • By email: serviceclient@becook.lu
  • By postal mail: The Blender, 1 Boulevard de la Foire 1348 Luxembourg

 

Governing law and jurisdiction

This Charter is governed by the national law of the principal place of business of the controller.

Any dispute relating to the interpretation or enforcement of this Charter will be subject to the courts of that national law.

 

Miscellaneous provisions

The controller reserves the right to amend the provisions of this Charter at any time. The modifications will be published with a warning as to their entry into force.

This version of the Charter dates from 07/04/2022.