PRIVACY POLICY

1. Data Controller and Data Protection Officer

1.1. In this privacy statement, INSTRUMENTATION DIFRA SA (here in after " DIFRA " or "we") explains to you how it manages your personal data as "controller". This privacy statement applies to the processing of personal data of customers, potential customers (prospects) and individuals who contract with DIFRA in any other way as buyer or supplier. DIFRA has a setting unit and can be contacted to the coordinates mentioned in 7.4

1.2. All information concerning an identified or identifiable natural person is personal data. This is information that can reasonably be related to an individual.

1.3. The data protection officer can be contacted by email at: info@themis-security.be


2.The personal data we process

2.1. DIFRA may collect your personal data in several ways. We process personal data that you provide us when you enter into a contract with us , but also when you participate in an action or use our services and you communicate to us directly or indirectly data or we allow to record data on your interests , your behavior and your preferences (cookies).

Information you provide us

2.2. If you submit a request to DIFRA, for example via the website, we need the following personal information:

a) Name, address, postal code;

b) E-mail address and other contact data;

c) Possibly other information that is relevant to your request, such as: your activity, your e-mail or other complementary options.

2.3. If you enter into a contract with DIFRA, we need, depending on the type of contract, product or service, the following personal information:

a) Name, address, postal code;

b) Contact data (phone number and email address);

c) financial data (bank account, requests for financing, quotes, invoices).

These personal data should be communicated directly to DIFRA or her partner 's. If you do not provide us with "mandatory" information (which differs depending on the type of contract), we may not be able to provide the requested service and conclude the contract.

Information about your use of our services and / or products

2.5. If you make use of the services offered by DIFRA or conclude a contract with us, we process data such as:

a) the data relating to your machine, for example a MAC address, an IP address or another number;

b) your preferences and communication parameters;

c) the data we link to certain profiles that we draw from you based on your consumption behavior (for example: the frequency with which you visit our site, make a purchase or request a service);

d) navigation behavior, determined on the basis of our own observations or cookies (see also Article 6 of this privacy statement);

e) the results of customer satisfaction surveys;

f) data concerning your use of the services we offer.


3. Foundations and legitimate interests

We treat personal data based on the following legal grounds:

a) Consent

b) Execution of a contract with you or pre-contractual measures

c) Legal obligation

d) Execution of a public interest mission

e) Legitimate interest of DIFRA or a third party

We treat personal data in a legitimate interest when we use your data to provide services and related content, products and services, to communicate with you and for advertising or marketing purposes in connection with products or services that you have purchased in the past. Our legitimate interests include, for example: marketing and advertising related products or services that you have purchased in the past, communication, management and information security, research and analysis of our products or services, business management, affair es legal, internal management and sharing with our affiliates .


4.The purposes for which we process personal data

4.1. DIFRA processes personal data for the purposes (goals, objectives) mentioned below:

a) maintain customer relationships (including maintaining a direct relationship between DIFRA, authorized network members, service partners and related financial service providers, including for the performance of a contract and the pursuit of legitimate interests).

b) process and administer orders (including billing) to respond to your request and / or prepare or execute a contract;

c) provide customer service, fulfill the obligations of warranty and those of service partners, handle complaints and requests, respond to your requests and execute contracts, or for legitimate interests;

d) proactively contact customers in the event of hardware defects or malfunctions or to schedule service appointments, perform a contract or for legitimate interests;

e) carry out or coordinate any recall actions, due to legitimate interests or legal obligations;

f) conduct market research to improve our operations, our brands, our services and our products, and to identify the wishes of customers, due to legitimate interests;

g) comply with legal obligations, resolve disputes and enforce our rights;

h) improve the quality of the data by means of postal code address and control, because of our legitimate interests;

i) link and analyze cookies from our websites to customer data we know. We do this to tailor the content of our communication as much as possible to your personal preferences, for the pursuit of our legitimate interests.

j) contact our customers and partners by SMS or mailing to promote a DIFRA related event or the promotion of an article distributed by DIFRA.


5.Third parties involved in the treatment

5.1. In some cases, DIFRA share personal data with third parties, which are "responsible treatment " independent. We explain below when and why. DIFRA can share data with:

a) the service partners of the NC + SA distribution network, for the performance of a contract or for the pursuit of legitimate interests;

b) third parties to whom we are legally obliged or authorized to provide data;

c) third parties, if we suspect a violation of the rights of third parties, criminal offenses or abuses, if they have a legitimate interest or if they are public authorities. It may also be authorities such as the police, the public prosecutor;

d) parties who assist DIFRA in its services and are not sub-contractors of personal data (such as accountants and legal advisers) for the pursuit of its legitimate interests;

e) Buyers or (potential) investors for legitimate economic and business purposes (such as the sale of business or stock or reorganization);

f) parties assisting DIFRA in the development of (direct) marketing activities in pursuit of its legitimate interests.

5.2. The communication of personal data to the third parties referred to above will take place only if it is authorized based on the applicable laws and regulations.

5.3. DIFRA also uses third-party services that act as " subcontractors " (for example, hosting service providers, certain software providers, mobility service providers or parties that organize or execute actions). With these service providers, DIFRA is obliged to conclude a subcontracting agreement (RGPD agreement) which stipulates that they only process personal data in accordance with the instructions and under our control.

5.4. Currently, we do not store personal data outside the European Union. If personal data were to be deliberately disclosed outside the European Union, we will take additional safeguards, such as the conclusion of a model EU contract.

5.5. Our websites may contain references and / or hyperlinks to one or more websites of third parties. DIFRA is not responsible for how these third parties process personal data. We recommend that you read the privacy statement of these websites to know and control how they treat your personal data.


6.Marketing, profiling and cookies

6.1. DIFRA can also share your email address and phone number with Facebook so that Facebook can find out if you have a Facebook account and offer personalized Facebook ads via the Facebook Custom Audience service when you visit Facebook. We also use Google services to display personalized advertisements that are compiled on the basis of information you provide to the website or the application operator (for example when creating an account), your activities on this site or application (for example, pages visited, searches specified, clicks on ads) and demographics and data about your interests and focus. We do this for the pursuit of our legitimate interests. You may object at any time as described in Article 7 below.

6.2. In addition, we and third parties automatically collect certain information about your business history on our website and on third-party applications using automated means, such as cookies, according to the preferences you have provided. Through certain cookies and similar technologies, unique cookie IDs or other identifiers are assigned or collected. In this way, data can be collected while you are using the website or applications or when they are running in the background on your machine. We can combine them with other information about you or your machine, such as an IP address. If we need permission for this, we will ask you to do so before proceeding with this treatment.

6.3. We invite you to read our cookie statement for more information about cookies and similar technologies used and how to set your preferences.


7.Your rights, including your right to object

7.1. You have the right to know what personal data we have stored about you and to whom we have disclosed your personal data.

7.2. In addition, you have the right to ask us, in compliance with applicable law, to correct, update, delete your personal data, limit the processing of your personal data or to give your personal data in a structured format, commonly used and machine readable for transmission to another company.

7.3. We are obliged to draw your attention to your absolute right to oppose direct marketing and your rights to oppose any treatment, including profiling, for the pursuit of the legitimate interests of DIFRA or a third party and to file a complaint with a data protection authority. In Belgium, it is the Commission for the protection of privacy designated as the Data Protection Authority.

7.4. The rights of access, rectification, limitation of treatment, erasure, or portability of your data, as well as a withdrawal of agreement, can be exercised free of charge by e-mail, form, telephone or mail to following addresses or numbers;

E-mail

quality@difra.be

Form via the website

https://www.difra.be

Phone

+32 87 89 80 80

Mail

INSTRUMENTATION DIFRA S.A.
Industriestrasse 33

4700 Eupen


8.Security

8.1. We have taken appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing.

8.2. If you have the impression that your data are not properly secured or if you have evidence of improper or improper use of your personal data, please contact our customer service at the email address mentioned in point 7.4 above .


9. Shelf life

We only store personal data for as long as is necessary for the purposes for which it was obtained, unless we are legally obliged to keep personal data for longer or if this appears necessary for the management of a potential dispute.


10.Modification

10.1. We reserve the right to unilaterally modify or supplement this privacy statement. We will inform you as far as possible of any changes. We advise you to periodically review our privacy statement.

10.2. This privacy statement was last updated on September 23, 2019

.


11. Contact / questions

11.1. For questions or comments concerning this privacy statement and / or the processing of personal data you can contact us at the addresses or numbers mentioned in point 7.4 above.