Thank you very much for your interest in our company. In this privacy declaration, we would like to inform you about the processing of your personal data when using our website and our services.
Each natural person who visits our website or uses our services, provides certain personal data. These personal data allow us to identify you as a natural person, regardless of whether we actually do so. You are identifiable on the basis of personal data as soon as it is possible to establish a direct or indirect connection between one or more data and yourself as a natural person.
We always process these personal data in accordance with the applicable legal provisions regarding the protection of personal data, specifically Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) and the national implementing legislation.
If these legal provisions would change, or if we intend another use of your personal data, we shall modify this Privacy Statement, but any substantial change will be clearly notified. Nevertheless, we advise you to consult the last version of this privacy statement on our website.
The controller of your personal data is Gudrun Commercial NV, Industriestraat 18, 2500 Lier, RLE Mechelen, registered with the Belgian Crossroads Databank of Enterprises under company number 0476.530.118, telephone number: +32 (0)3 491 91 91, E-mail adress: info@chocolates.be. This means that we determine what personal data are collected and that we define the purpose and methods of the processing of these personal data.
We collect your personal data:
Our website also processes certain personal data automatically via cookies.
It is our intention not to collect any personal data of persons younger than 16 years old. These young people are not allowed to provide us with any personal data or a statement of consent without permission from the person who has parental authority.
What personal data do we process, why, and on what legal basis
In the table below you can see what categories of personal data we process, why we do this (the ‘purposes’) and on what legal basis.
All processing of personal data takes place for one or more specific purposes. In addition, there must always be a demonstrable legal basis for each processing. The numbers you can find in the ‘legal basis’ column mean the following:
Categories of personal data | Purposes | Legal basis |
The visited website, the date and time of access to the site, the amount of sent data, the source/reference from which you have accessed our site, the used browser, the operating system, the IP or IMEA adress | To improve stability and functionality of the website | d) |
Identification and contact data (first name and surname, user name, e-mail address, home address, invoice address, telephone number, VAT number), payment information, IP address and IMEI code | To handle your question to our company, on the telephone, via the contact form on our website or via e-mail | d) |
Identification and contact data (first name and surname, user name, e-mail address, home address, invoice address, telephone number, VAT number), payment information, IP address and IMEI code | To manage and execute your order, to perform our agreement (including invoicing), service before, during and after sale, complaint handling | b) |
Identification and contact data (first name and surname, user name, e-mail address, home address, telephone number, VAT number), invoice address, IP address and IMEI code | To collect product feedback to improve our products and services | d) |
Identification and contact data (first name and surname, user name, e-mail address, home address, invoice address), IP address and IMEI code | To inform you, as a customer, about our products and services by means of related communication (e.g. a newsletter) | d) |
Identification and contact data (first name and surname, user name, e-mail address, home address, invoice address), IP address and IMEI code | To inform you, as a prospect, about our products and services by means of related communication (e.g. a newsletter) | a) |
Identification and contact data (surname, first name, home address, invoice address, VAT number) and payment information | To comply with legal, regulatory and administrative obligations | c) |
Identification and contact data (surname, first name, address), payment information and invoices | To defend and protect our rights | d) |
Cookie policy
6.1. What are cookies?
A cookie is a small text and number file that is stored in the browser or on the hard drive of the computer of the website visitor during a visit to the website. This file stores information, such as the language selection of the website visitor. When this website visitor visits the website again later on, this information will be sent again to the website. This way the website recognises the website visitor and, for example, their language selection can be automatically adjusted.
6.2. Types of cookies
In general, cookies can be classified as follows:
Essential cookies | These cookies are, merely for technical reasons, necessary for the proper functioning of a website. They are placed as soon as the website is visited. The use of these cookies cannot be refused. |
Functional cookies | These cookies optimise the use of the website. They are placed as soon as a choice to accept the cookies is made. The use of these cookies cannot be refused.
|
Analytical cookies | These cookies allow us to analyze your use of the website in order to provide a better service. They are placed as soon as a choice to accept the cookies is made. U are free to accept these cookies or not. |
Social Network Cookies | These cookies allow to share the content of a website via social media with others. There are being placed as soon as there is made a choice to accept cookies. U are free to accept these cookies or not. |
Tracking cookies | These cookies allow that, on the basis of surfing behavior, a profile is built, in order to make personalized content or advertisements appear on the website. They are placed as soon as there is made a choice to accept cookies. You are free to accept these cookies or not. |
Some cookies remain permanently saved on the website visitor’s device (permanent cookies), other cookies disappear when the website visit has ended (session cookies).
Some cookies are being placed and managed by us (Essential, Functional and Analytical cookies). Other cookies are being placed and managed by third parties, and thus ensure that certain data from a visit to our website are transferred to third parties (Social network cookies and tracking cookies). For these cookies we would like to refer you to the statements that these parties give on their respective websites. We cannot influence the content of these statements or the content of the cookies of these third parties.
6.3. Which cookies do we use
We use functional and analytical cookies. The data processed by these cookies is stored for 48 hours.
6.4. Accepting cookies
During your first visit to our website there will appear a cookie banner, in which we inform you about the use of cookies on our website and we ask your consent to the use of cookies other than essential and functional cookies. You are free to grant your permission or not.
6.5. Managing cookies
You can alter your consent to the use of cookies other than essential and functional cookies, at any time on the privacy page of our website.
Your personal data will not be sold, transferred or communicated to third parties, unless we are obliged to do so based on mandatory legal provisions or if you have given us your explicit consent to do so in advance. We have taken all legal and technical precautions to prevent unauthorised use of data.
Within our company we see to it that your personal data are only accessible to persons who need them to comply with our contractual and legal obligations. In certain cases, our employees are assisted in their work by external service providers, called processors.
Each processor is under the obligation to guarantee the safety and confidentiality of your personal data and always acts in accordance with our instructions. We will only use processors that provide adequate guarantees as to the application of appropriate technical and organisational measures to ensure that the processing meets the requirements of the GDPR and the protection of your rights is guaranteed.
Your data will be stored as long as this is necessary to achieve the aforementioned purposes. Please take into account that numerous (legal) storage periods result in the fact that personal data (must) remain stored. Insofar as there is no storage obligation, personal data will be removed from the database when they are no longer necessary to achieve these purposes or when you exercise your right to deletion of the data in a valid manner.
In addition, we may store personal data if you have given us your consent to do so, or if we may need these data in the context of a legal claim. In the latter case, we need to use certain personal data as evidence. To this end, we store certain personal data, in accordance with the period of limitation, which may be up to thirty years; however, the usual period of limitation in relation to personal claims is ten years.
We have taken all reasonable and adequate technical and organisational security measures to protect your personal data as best as possible against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. For instance, we store your personal data at a single central and secured location on our server to prevent third parties from having access to your personal data.
10.1 Guarantee of a lawful and secure processing of personal data
Your personal data will always be processed for legitimate purposes, as explained in section 4. They will be collected and processed in an appropriate, relevant and proportional manner, and they will not be stored any longer than necessary to achieve the purposes defined.
10.2 Right of access
If you can prove your identity, you have the right to obtain information about the processing of your data. Specifically, you then have the right to receive information about the purposes of the processing, the categories of data, the categories of recipients to whom the data are sent, the criteria that determine the period of storage of the data, and the rights you can exercise in relation to accessing your data.
10.3 Right to rectification and completion of personal data
Inaccurate or incomplete information can be corrected. First of all, it is your responsibility to make the necessary adjustments in your ‘user area’. You can also contact us with a request for rectification.
10.4 Right to be forgotten or right to erasure of your personal data
You also have the right to have your personal data erased, in the following cases:
The deletion of data is mainly related to visibility. It is possible that the deleted data remain stored for some time.
10.5 Right to restriction of the processing of your personal data
In some cases you have the right to ask for the restriction of processing of your personal data. This certainly applies in case of a dispute relating to the accuracy of data, when the data are required in the context of legal proceedings, or during the time necessary for us to determine that you can validly exercise your right to deletion.
10.6 Right to object to the processing of your personal data
You have the right to object to the processing of your personal data for ‘direct marketing’ purposes at any time. We will stop processing your personal data unless it can demonstrate that there are imperative legal reasons for the processing which override your right to oppose.
10.7 Right to data portability
You have the right to obtain the personal data provided to us in a structured, current and machine-readable format. You also have the right to transfer these personal data to another controller, unless this is technically impossible.
10.8 Right not to be subject to automated decision-making
You have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or significantly affects you.
In three situations you cannot exercise this right:
10.9 Right to withdraw your consent
You have the right to withdraw your consent at any time, for example for direct marketing purposes.
If you wish to exercise your rights, you must send a written request and proof of your identity by registered letter to the address listed above. We will reply as soon as possible, no later than (1) month after receiving your request.
We only transfer your personal data to processors or controllers in third countries insofar as it is legally authorised to do so.
Insofar as such transfers are necessary, we take the necessary measures to ensure that your personal data are highly protected and that all transfers of personal data outside the EEA take place in a lawful manner. If a transfer takes place to a country outside the EEA for which the European Commission has not determined that it offers an adequate level of protection, the transfer shall always be subject to an agreement that complies with all requirements for transfers to third countries, such as the standard provisions on data protection approved by the European Commission. You can consult the standard provisions approved by the European Commission via the following hyperlink: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_nl.
If you are not happy about the processing of your personal data by us, you have the right to file a complaint with the competent Data Protection Authority (https://www.privacycommission.be/).
“We are a global leader in the development, production, packaging and commercialization of real Belgian chocolates and truffles.”
