Privacy Policy

Privacy policy

I. General information:

This privacy policy describes the measures taken to protect your privacy. The protection of the personal privacy of our customers and visitors is very important to us and we set great store by it.

Therefore, this privacy policy set out to inform you what data are collected and/or stored by reason of your visit to our website, your completion of the website contact form, the creation of a user account or the completion of a hire or loan agreement, along with our reasons for doing so and the control options you have.

HAROMED BVBA believes that it is important to explain the terms used by the legislation in clear and understandable language, so this privacy policy will give extra explanations of various terms.

a. Data controller

The data controller is the person responsible for gathering personal information during your visits to our website, the completion of a contact form and/or as a consequence of obtaining or carrying out an order or entering an agreement.

It is extremely important that, in our capacity as data controller, we can be contacted for any comments or questions about this privacy policy, and our contact details can be found here:

HAROMED BVBA
Beukenlaan 21, 9051 Sint-Denijs-Westrem
KBO/BCE: 0479.328.765

privacy@haromed.com

b. Data subject

The data subject is a living natural person who can be directly or indirectly identified from the personal data.

These personal data must be understood in very broad terms, and include names, contact details, personal characteristics, and financial data, but also contracts or other documents which allow a natural person to be identified.

c. Applicable law

The processing of personal data by BVBA HAROMED is subject to the European Directive 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

II. Collection of personal data:

a. Definition of personal data

‘Personal data’ means any information relating to an identifiable person. The broad definition means that a great deal of information can be regarded as personal data.

b. How these personal data are collected

Various personal data are collected through the use of our website, in a number of ways:

1. The personal data is entered by you yourself (e.g. on the contact form), and obtained through the use of our services;
2. The data we assign to you for the use of our services (e.g. cookies, customer number).

The different ways in which personal data are collected are naturally subject to their own specific regulations and conditions in the privacy legislation. It is therefore important to clarify the differences between these collection methods.

1. Data entered by the data subject personally.

Personal identification details such as names, addresses, email, and telephone numbers are necessary in order to use our online services (the contact form, the areas of the website that require registration, etc.) and must be notified to us by you yourself.

Depending on the service (contact form and/or webshop) you wish to use, we may ask for the following categories of personal data:

1. Personal identification data (name, address, e-mail, telephone numbers, etc. );
2. Personal details (age, gender, etc.);
3. etc.

The information you provide will be regarded as correct and complete. If you give us incorrect information, we retain the right to refuse you access to our services.

When you give us your personal data, we assume that you aware of our privacy policy.

2. Automatic collection of personal data.

Certain information is collected automatically through the use of cookies and tracking technologies, usually during a visit to our website:

1. Electronic identification data (IP addresses, connections);
2. Electronic location data (approximation of location, environment);
3. Internet behaviour (pages viewed and for how long, clicks, hits, etc.)
4. Channels via which the website is visited (search terms, the type of web page from which our website is reached);
5. The device used (pc, smartphone, tablet);
6. The system software used (Windows, Android, Apple);
7. The browser used (IE, Mozilla, Chrome);

These data are fully anonymised, and cannot therefore be linked to any personal identification data. This means that the data controller cannot identify the data subject.

Naturally, if necessary your explicit consent is requested for the use of cookies and tracking technologies under the Telecommunications Law, and on the basis of the cookie policy set out on our website.

c. Contractual relationship.

Where a contract is concluded between you and BVBA HAROMED, various personal data are obviously necessary in order to fulfill the contract.

This collection of personal data is naturally dependent on the type of contract concluded. It is therefore important to clarify the different contracts.

1. Direct contract with HAROMED BVBA

If you conclude a hire or loan contract for medical equipment or directly purchase medical equipment and/or cosmetic products from BVBA HAROMED, personal identification data about you (name, address, e-mail, telephone numbers, etc.) and financial identification data (bank account number) are collected.

2. Direct contract with HAROMED BVBA through third-party intermediation

BVBA HAROMED works with various medical and care institutions. This collaboration consists of the provision of medical equipment by BVBA HAROMED which can be hired/borrowed by you for use at home.

The medical or care institution, acting as an intermediary, provides the BVBA HAROMED hire or loan contract.

You are aware, through the hire contract provided, that your personal identification data (name, address, e-mail, telephone numbers, etc.) and financial identification details (bank account number) are collected and processed by BVBA HAROMED.

3. Webshop.

Cosmetic products and medical equipment can be purchased through the webshop.

In order to use the webshop, you have to enter your personal identification data (name, address, e-mail, telephone numbers, etc.) and financial identification details (bank account number).

The application stores no financial data nor any financial identification details when performing a transaction.

d. No processing of sensitive personal data.

As prescribed by the law, we process no sensitive personal information such as racial or ethnic origin, political beliefs, religious or philosophical convictions, sexual preferences, health or trade union membership.

BVBA HAROMED has no access to your medical information.

III. Purposes of processing.

a. Definition

The processing of the personal data we collect means any processing relating to collection, recording, structuring, storage, updating, alteration, retrieval, consultation, use, dissemination, provision, integration, combination, archiving, erasure or destruction;

b. Purposes in the case of use of our website and applications

The processing of personal data as described in Point II.b of this policy is necessary to achieve the purposes set out by us:

1. Commercial follow-up:

Contacting you for our commercial purposes and to inform you of our offer (including sending you our quotations, etc.).

2. Market research

Using your details for research into and of the market for our products and services.
This enables us to make innovations to our existing products and services.

3. Gathering statistical data:

The representation of the data collected in various summaries, tables and graphics which give us an overview of the number of users of our website and online platform during a given period.

b. Processing purposes within a contractual relationship

The processing of personal data as described in Point II.c of this Policy (e.g. personal identification details) is necessary for the performance of the contract:

1. Performance of the contract:

The personal data and information you provide will processed, inter alia, for:
• The delivery of the products ordered;
• Retrieval of the medical equipment after the period of use;
• Invoicing;
• Follow-up of goods hired and provided, and stock management;
• Recording deposits and follow-up of repayment;
• Determining who is liable for damage to goods hired and provided;
• etc.

2. Management of ongoing contracts and customer administration:

After the conclusion of a contract, we must be able to meet our statutory accounting and administrative obligations, follow-up of invoicing, handling inquiries, etc.

3. Commercial follow-up:

Contacting you for our own commercial purposes, in order to gauge your satisfaction with our products.

4. Direct marketing:

Notifying you of our offers and innovations, via our newsletter

c. Quality and evaluation of interest.

In the capacity of data controller, we monitor the quality and legality of the personal data we collect and process. We take all necessary measures to erase or correct data that are inaccurate or incomplete.

When collecting and processing the available personal data, we undertake only to collect and process the data serving our processing purposes. No superfluous data that might “some day” be applicable are collected or processed by us.

IV. Data storage period.

Personal data are stored for the duration of the period that is necessary to achieve our processing purposes. Personal data is not stored for longer, or processed any further, than is necessary to achieve our purposes.

To clarify these periods better for you, a distinction must be made between our activities:

a. Storage period when using our website and applications.

Personal data are stored for a period of ten years and are then removed or at least anonymised, such that the identification of users is no longer possible. If data subjects register for direct marketing, personal data are removed or anonymised unless they are necessary for the performance of an ongoing contract, or in order to comply with a legal obligation or judicial or police investigation.

b. Storage period within a contractual relationship.

The storage period within a contractual relationship is linked to statutory and fiscal periods. These periods are established by law, and our task is to meet these obligations.

This various legislation (accounting and tax legislation) only mentions minimum periods. But we will store your data for longer than the statutory minimum period, in order to offer you a proper and appropriate aftersales service. Therefore we retain customer and invoicing data for a period of ten years.

Unless longer storage is necessary for the performance of an ongoing contract, or in order to comply with a legal obligation or judicial or police investigation.

V Passing on personal data.

The company may pass on your personal data to others. Here a distinction must be made between processors and police or judicial authorities (not processors).

1. Passing on personal data to processors.

It is necessary to pass on personal data for the purposes of our wholesale and retail trade in medical equipment and cosmetic products.
For this we work together with self-employed staff and IT services (e.g. accounting software).

2. Passing on personal data to police or judicial authorities.

Only on application by the police or judicial authorities, or when the law so re quires, will your details
be passed on to the competent police or judicial authorities.

It should be noted that no data are passed on to countries outside the EU and US.

VI. Rights of data subjects

a. Right to information

In accordance with the legal provisions, the company, in its capacity as data controller, must clearly inform you about the collection and processing of personal data.

This privacy policy shall therefore serve as a personal notification.

b. Access rights

You are entitled to obtain information from the company, in its capacity as data controller, about whether or not your personal data are being processed. If your personal data are being processed, you may view your data in our files, with additional information regarding the processing purposes, the categories of personal data held, anyone who has received your personal data, the storage period, the complaints procedure, etc.

You may also request a copy of your personal data, with no administrative charge. Note that if you request several various copies the company shall levy a reasonable charge.

The procedure for exercising this right can be consulted at point g.

c. Right to correction

Data subjects are entitled to correct any incorrect or incomplete personal data that relates to them.

By “correction” we mean that you can alter or even remove incorrect data without charge.
Through our website, you can access your personal profile if available and alter the data you have registered at any time.
The accuracy and quality of your personal data is of great importance to the achievement of our purposes.

The procedure for exercising this right can be consulted at point g.

d. Right to object

You have a double right to object. The legal provisions provide for a general right to object, and the right to object to direct marketing.

As a user/data subject you therefore have a general right to object.

- General right to object:

You may object to the processing of your personal data if the data are not wholly required or irrelevant to the purposes of the processing, or if the registration, notification or storage of the data are prohibited, or when the data are stored for longer than the indicated time.

If your personal data are lawfully processed, you may, in accordance with the provisions of the privacy legislation, object to this processing for weighty and justified reasons relating to your particular circumstances.

However, you must give evidence of these these weighty and justified reasons in order to prevent further processing.

- Right to object to direct marketing:

You may object without charge and without explanation to the processing of your personal data for direct marketing.

The procedure for exercising this right can be consulted at point g.

e. Right to be forgotten

You may have your personal data erased without undue delay. This is on condition that:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- You withdraw the consent on which the processing is based;
- The personal data have been unlawfully processed;
- The personal data have to be erased for compliance with a legal obligation;
- If the personal data concern persons below the age of 16, concerning services
that are provided against payment by electronic means.

The procedure for exercising this right can be consulted at point g.

f. Right to data portability

You have the right to ask the company/controller to share your personal data in a structured, commonly used and machine-readable format.

This may be requested for your personal use, or for provision to a controller other than the company.

If it is technically feasible for us, you can also ask to have your personal data sent to another company by electronic means.

The procedure for exercising this right can be consulted at point g.

g. Procedure for the exercise of rights

If you wish to exercise these rights, you should send your application, with or without reasons, together with proof of identity (specifically, a copy of the front of your identity card) by post or email to:

HAROMED BVBA
Beukenlaan 21, 9051 Sint-Denijs-Westrem
KBO/BCE: 0479.328.765

privacy@haromed.com

Contact details + tel./ Link to contact form on the website (a privacy@bedrijf.com is recommended).

h. Notification and competent authority in the event of infringement
If you believe that we have failed to respect these rights and wish to lodge a complaint, you can contact the Data Protection Authority:

Data Protection Authority
Drukpersstraat 35, 1000 Brussels

Tel: +32 (0)2 274 48 00
Fax :+32 (0)2 274 48 35
contact@apd-gba.be