This website (“Website”) is an initiative of Carmeuse Coordination Center SA, with registered seat at Boulevard de Lauzelle 65, 1348 Louvain-la-Neuve (Belgium) and VAT- and company number 0439.839.867. Throughout the present policy and Carmeuse Coordination Center SA and its affiliated companies and subsidiaries are referred to as “Carmeuse”, “we” or “us”.
Every user or visitor of this Website (“User”, “Visitor”, “you”) provides personal data by visiting and/or using the Website, as explained below which processing is conducted by Carmeuse as data controller. When processing such personal data, Carmeuse strives to be compliant with the applicable legal framework, such as the Belgian Privacy Act of 8 December 1992 and the European General Data Protection Regulation no. 2016/679 of 27 April 2016 (as amended from time to time).
By visiting this Website, you agree to this Privacy & Cookies Policy (“Policy“), and therefore, to the processing of your personal data as described herein.
1. Who processes your personal data?
Carmeuse acts as data controller for data collected through this Website but from time to time, Carmeuse also makes use of data processors who process your personal data on behalf of Carmeuse, and who, amongst others, ensure the proper technical functioning of this Website.
Carmeuse makes or may make use of the following types of processors within the framework of this Website: providers of Carmeuse, other entities within the Carmeuse Group, partners who are responsible for the hosting of the Website, partners who collect and present statistics of the Website, partners who collect and present reviews and assessments of the Website, partners who provide e-mail marketing and other communication services, etc.
2. Why do we process your personal data?
Carmeuse collects and processes your personal data for the following purposes, and for other purposes compatible therewith:
- Offering our services and performing the agreement we have (or will have) with you;
- Sending communications of a commercial or non-commercial nature, including direct marketing;
- Keeping you informed of relevant developments;
- Customer management;
- Providing access to the Website and offering a safe, optimal and personal user experience of the Website;
- Providing a general and personalized service;
- Providing support in the event of questions or comments;
- Follow-up of complaints;
- The detection of and protection against fraud, error, criminal or illegal behavior and/or any other act contrary to the conditions under which our Website is offered.
As a simple visitor of this Website, Carmeuse processes and stores your personal data only for as long as this is necessary for the purposes described above.
3. On which legal basis do we process your personal data?
Carmeuse processes your personal data collected via the Website pursuant to (i) your acceptance of this Policy, and/or (ii) the preparation and execution of the agreement concluded between you and Carmeuse by means of the Website, and/or (iii) compliance with our legal obligations, and/or (iv) the legitimate interests of Carmeuse, such as conducting direct marketing, preventing fraud, managing the internal administration or ensuring an appropriate network and information security.
4. How are your personal data collected?
Your personal data are obtained either via yourself, for example by filling in online forms or providing information to us otherwise, either via various technical means used by the Website to optimize the User and Visitor’s experience and to detect any (technical) errors on the Website, such as cookies (see our Cookies Policy) and log information.
5. Which categories of personal data are being processed?
Carmeuse processes the following categories of personal data within your use of the Website: identification data, contact details, IP-address, time of consultation of the Website, probable place of consultation of the Website, data relating to the device being used, browser details, computer operating system data, other telecommunication data, etc.
6. Are my personal data being transferred to third parties within the EU?
Your personal data may be shared with the categories of data processors described in Article 1 of this Policy, Carmeuse’s business partners, other entities within the Carmeuse Group and public authorities (to the extent the latter are effectively entitled thereto).
Other than that, your personal data will not be sold, transferred or communicated to third parties.
7. Are my personal data being processed outside the EU?
In some cases, your personal data might be transferred to and/or processed in countries outside the European Union. In such a case, we will ensure that this is done in accordance with applicable data protection legislation and will provide for appropriate safeguards such as Standard Contractual Clauses where required under such legislation, in order to guarantee an adequate level of protection of your personal data.
8. Which rights do I have?
You may exercise a number of rights regarding your personal data vis-à-vis Carmeuse, in so far as you effectively have those rights under applicable data protection legislation.
You can exercise these rights via the online form, accompanied by a proof of your identity. Carmeuse shall respond to such requests and may or may not comply with such requests in accordance with applicable legislation and, in principle, within a period of one month, also in accordance with applicable legislation.
You can also address or file a complaint with the relevant Data Protection Authority, such as Belgian Privacy Commission (www.privacycommission.be or via firstname.lastname@example.org).
Right to object
You have the right to object, on grounds relating to your particular situation, to the processing of your personal data based on the legitimate interest of Carmeuse, and to object to the processing of your personal data for direct marketing purposes.
Right to withdraw consent
You have the right to withdraw consent at any time. This withdrawal shall not affect the lawfulness of the processing based on consent before such withdrawal.
Right of access
You have the right to access your personal data and to obtain a copy of these personal data. You also have the right to certain information concerning the processing of your personal data, including the purposes of the processing, the categories of personal data, the categories of recipients, etc.
Right to rectification
You have the right to have inaccurate personal data rectified or to have incomplete personal data completed.
Right to erasure
You have the right to have your personal data deleted if and to the extent that:
- your personal data are no longer necessary for the purposes;
- there no longer is a legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing by Carmeuse, or you object to the processing for direct marketing;
- your personal data have been unlawfully processed; or
- your personal data have to be erased in order to comply with a legal obligation to which Carmeuse is subject.
Right to restriction of processing
You have the right to obtain from Carmeuse restriction of processing if and to the extent that:
- you contest the accuracy of the personal data, for a period enabling Carmeuse to verify the accuracy;
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- Carmeuse no longer needs the personal data for the purposes of the processing, but you need them for a legal claim;
- you have objected to the processing, pending the verification whether the legitimate grounds of Carmeuse override those of yours.
In case of a restriction of processing, the personal data may still be stored by Carmeuse.
Right to data portability
For the personal data that are (i) processed in the context of the performance of the agreement or based on your consent, (ii) provided to Carmeuse by yourself and (iii) are processed by automated means, you have the right to obtain these from Carmeuse in a structured, commonly used and machine-readable format, as well as the right to transmit these data to another controller or to have them transmitted directly, where technically possible.
Carmeuse reserves the right to make amendments and changes to this Policy. Carmeuse will clearly communicate such modifications or changes and you will be required to expressly accept these modifications in order to continue using the Website. It is up to the Visitor or User to consult this Policy on a regular basis.
For all questions, to exercise your rights and for all other information regarding the processing of your personal data by or on behalf of Carmeuse, please contact via the contact form or via email@example.com
Carmeuse supports the right to privacy, including the rights of individuals to control the dissemination and use of Personal Data relating to them. In this respect, Carmeuse strives to be compliant with applicable Data Protection Legislation.
This Policy applies to all Contractors who are dealing with any of the Carmeuse entities within Europe based on an agreement, contract, order or other legal documentation, whether oral or in written, and applicable to its relation with such Carmeuse entity (hereinafter, the “Agreement”). Categories of Contractors include, without limitation, (i) customers, (ii) all consultants, independent contractors, suppliers, temporary workers, etc. performing services for or at Carmeuse and (iii) any other third parties acting directly or indirectly on Carmeuse’s behalf (such as outsourcing organizations that perform information processing services on behalf of Carmeuse). All Contractors are mandatorily required to adhere to this Policy.
(a) Within the framework of any Agreement, Carmeuse, in its capacity of data controller, might collect and process personal data of representatives or other identifiable contact persons within a Contractor’s organization (hereinafter, the “Data Subjects”) (hereinafter, the “Personal Data”), such as, for all categories, including (i), (ii) and (iii) above:
- Identification data;
- Contact details;
- Personal characteristics;
- Professional data (employer, profession, position);
For category (i), where appropriate,
- Leisure pursuits and interests;
And for categories (ii) and (iii), where appropriate,
- Financial details;
- Time registration details;
- Photos and video materials;
- Medical and health data;
- Evaluation data;
- Judicial data, including data relating to criminal convictions and offences.
(b) Collection of Personal Data generally occurs as follows:
- Either directly from the Contractor, for example via information entered into or provided by him;
- Either via other (public or non-public) information channels, such as the organization of the Contractor, social media channels such as LinkedIn, etc.;
- Either by actions of Carmeuse itself or its data processors, for example via certain controls or checks, evaluations, camera surveillance, access control measures, monitoring of IT systems etc.
(c) This processing shall occur for the purposes of properly performing the Agreement and the obligations thereunder, for organizing and maintaining a proper administration of the Agreement within Carmeuse, for enforcing Carmeuse safety rules, for maintaining proper contractual relationships with the Contractor and contacting such Contractor in case of any problems or issues (hereinafter, the “Purposes”). Consequently, the legal grounds upon which this processing activity shall be based are, as the case may be, the consent of the natural persons whose Personal Data might be processed, the necessity for the performance of the Agreement and/or Carmeuse’s legitimate interests in organizing and maintaining a proper administration of any and all Agreements, enforcing Carmeuse safety rules and communicating with any Contractor.
(d) The Personal Data Carmeuse collects in the context of the Purposes shall be treated with due care. Carmeuse therefore takes reasonable efforts to ensure that appropriate technical and organizational security measures are being taken with regard to Personal Data. Access rights to these Personal Data are restricted in such a way that they can only be accessed in a secured way (passwords) and only when necessary for the performance of certain tasks, in accordance with the Purposes, so that only authorized persons who need the Personal Data for the proper performance of their duties have the possibility to carry out internal consultations.
(e) The Personal Data of the Data Subjects may, when relevant, be shared with the following categories of recipients, some of which may be acting as data processors on behalf of Carmeuse: IT service providers, hosting providers, other entities within the Carmeuse Group, public authorities, legal and tax advisors. Such data processors shall abide by the same principles as set out in this Policy and, in case of transfers outside the European Union, Carmeuse shall ensure suitable safeguards via appropriate contractual clauses in accordance with applicable data protection legislation.
(f) Storage and retention of the Personal Data of the Data Subjects shall last as long as necessary for the Purposes and for a maximum period of ten years as from the termination of any and all Agreements with the respective Contractor, unless otherwise required by applicable law.
(g) In accordance with applicable data protection legislation and to the extent allowed thereunder, the Data Subjects’ rights are as follows:
- The right to request access to and rectification or erasure of their Personal Data;
- The right to ask for restriction of the processing of their Personal Data;
- The right to object to the processing of their Personal Data; and
- The right to Personal Data portability.
These rights can be enforced by notifying Carmeuse at firstname.lastname@example.org. In addition, the Data Subjects also have the right to lodge a complaint with the relevant Data Protection Authority in their country.
(h) The Contractor shall take the necessary measures to inform the Data Subjects of the processing of their Personal Data by Carmeuse and their associated rights as described in (f) above.
(i) To the extent a Contractor would be processing any Personal Data of representatives or other identifiable contact persons within Carmeuse, such processing should be done according to similar principles as set out in this Policy.