Privacy Policy

PRIVACY POLICY AND COOKIE MANAGEMENT

1. Object

This privacy policy is drawn up by the Belgian limited liability company NOVUTECH, whose registered office is located in Belgium, at 1420 Braine-l’Alleud, Rue Caraute 31 and registered with the Crossroads Bank for Enterprises under number 0725.984.919 (hereinafter referred to as the “Data Controller”).

The purpose of this privacy policy is to inform Users of the WWW.NOVUTECH.COM WEBSITE (hereinafter the ” website “) of the way in which data are collected and processed by the Data Controller, both during the use of the website and in the context of providing its services to its Customers.

This privacy policy is in line with the Data Controller’s wish to act in complete transparency, in compliance with the Law of 30 July 2018 on the protection of individuals with regard to the processing of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “General Regulation on Data Protection“).

If the User wishes to react to one of the practices described below, he/she may contact the Data Controller by writing to the address of the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM

2. Consent

By accessing and using the website, or when contracting with the Company, the User declares that he/she has read the information described below, accepts this privacy policy and expressly consents to the Data Controller collecting and processing, in accordance with the terms and principles described in this Privacy Policy, his/her personal data that he/she communicates through the website and/or in connection with the services offered, for the purposes indicated below.

The User has the right to withdraw his consent at any time, which automatically implies the cessation of the User’s use of the website and/or the cessation of the provision of services by the Company to this User who is also a Customer. The withdrawal of consent shall not affect the lawfulness of the processing operation based on prior consent given.

3. Data collected

By visiting and using the website, the User expressly consents to the Data Controller collecting and processing, in accordance with the methods and principles described below, the following personal data:

  • Its domain (automatically detected by the Data Controller’s server), including the dynamic IP address;
  • Its e-mail address if the User has previously disclosed it in any way, in particular by communicating with the Data Controller by e-mail, ;
  • Any information that the User voluntarily provides, including first and last name, home and/or business address, telephone number, e-mail address, age, billing and payment details, etc.

By using the services of the Company, the User becomes a Customer within the meaning of the Company’s general terms and conditions and consents to the Data Controller collecting and processing, in accordance with the methods and principles described below, the following personal data:

  • All data identifying the Customer for billing purposes, customer management and the proper performance of the services offered by the Company;
  • The Client’s banking and financial data for the same purposes as those mentioned above;
  • Indirectly, the consultation of all the data that the Client himself encodes in his NetSuite platform and to which the Company has access within the strict framework of the provision of its services for the Client;

It is possible that the Data Controller may also collect non-personal data. These data are qualified as non-personal data because they do not make it possible to identify directly or indirectly a particular natural person or concern legal persons. They may therefore be used for any purpose whatsoever, for example to improve the website, the services offered by the Company or the Data Controller’s advertisements.

In the event that non-personal data are combined with personal data, so that identification of the data subjects is possible, these data will be treated as personal data until their connection with a particular natural person is made impossible.

4. Collection methods

The Data Controller collects personal data via:

  • All data completed manually by the User through the contact form or other data collection forms on the website;
  • The use of cookies;
  • By receiving e-mails sent by the User to the Company;
  • By telephone;
  • When providing its services, through access to the Client’s NetSuite platform;
  • During workshops/trade workshops with Users.

5. Purposes of the processing operation

The User’s personal data are collected and processed only for the purposes mentioned below:

  • Ensure the management and control of the execution of the services offered and respond to orders placed;
  • Send promotional information (via newsletters) on the services of the Data Controller;
  • Send, if necessary, offers of services at preferential conditions;
  • Answer the User’s questions;
  • Improve the quality of the website and the services offered by the Data Controller;
  • Transmit information on new services of the Data Controller;
  • Promote and market the website and the services for the User, i.e. for direct marketing actions;
  • To allow a better identification of the User’s interests;
  • Allow invoices to be sent and services to be paid;
  • Inform the User when there are updates and modifications to the website and/or this charter;
  • Allow the follow-up of the User’s complaints;
  • For any other purpose for which the User has authorised the Data Controller.

Concerning the Client’s personal data, they are collected and processed only for the following purposes:

  • Ensure the proper execution of services on behalf of the Client;
  • Invoice for services provided;
  • Maintain an excellent commercial relationship with the Client;
  • Respond to the Client’s questions, needs and expectations;
  • Anticipate any requests from the Client;
  • Evaluate and improve the services of the Data Controller;
  • Any other purpose for which the Client has given his consent to the Data Controller.

The Data Controller may be required to carry out processing operations not yet provided for in this privacy policy. In this case, the Data Controller will contact the User and/or the Customer before reusing his personal data, in order to inform him/her of the changes and give him/her the possibility, if necessary, to refuse such reuse.

6. Conservation period

The Data Controller shall only keep personal data for as long as is reasonably necessary for the purposes for which they are collected and in accordance with legal and regulatory requirements.

A User’s personal data are stored for a maximum of 2 years after the end of the contractual relationship between the User and the Data Controller. However, the Data Controller reserves the right to keep, for a period of 10 years following its establishment, all accounting documents, such as invoices, in which personal data may appear. In this case, the data contained in these documents will not be reused by the Data Controller.

At the end of the storage period, the Data Controller shall do everything possible to ensure that the personal data have been made unavailable.

7. Data access and copying

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, after proving his identity, obtain free of charge the written communication or a copy of the personal data concerning him/her that have been collected.

The Data Controller may require the payment of a reasonable fee based on administrative costs for any additional copies requested by the User.

When the User makes this request electronically, the information shall be provided in an electronic form in common use, unless the User requests otherwise.

The copy of his data will be communicated to the User at the latest within 30 days following receipt of the request.

8. Right of rectification

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, after proving his identity, obtain free of charge, as soon as possible and at the latest within 30 days, the rectification of his personal data that are inaccurate, incomplete or irrelevant.

9. Right to object to the processing operation

By sending a dated and signed written request to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, at any time and after having provided proof of his identity, object, without justification and free of charge, to the processing of personal data concerning him/her when his data are collected for direct marketing purposes (including profiling).

The Data Controller is required to reply to the User’s request as soon as possible and at the latest within 30 days and to give reasons for his reply if he intends not to comply with such a request.

10. Right to limitation of processing

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, after proving his identity, obtain a limitation on the processing of his personal data in the cases listed below:

  • When the User disputes the accuracy of a data and only for as long as the Data Controller can control it;
  • When the processing is unlawful and the User prefers the limitation of the processing to the deletion;
  • When, although no longer necessary for the purposes of the processing operation, the User needs it for the establishment, exercise or defence of his rights in court;
  • For the time necessary to examine the merits of an opposition request submitted by the User, in other words, for the Data Controller to verify the balance of interests between the legitimate interests of the Data Controller and those of the User.

The Data Controller will inform the User when the processing restriction is lifted.

11. The right to forget

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, after proving his identity, obtain the deletion of personal data concerning him/her, when one of the following reasons applies:

  • The data are no longer necessary for the purposes of the processing operation;
  • The User has withdrawn his consent for his data to be processed and there is no other legal basis for the processing;
  • The User objects to the processing and there is no compelling legitimate reason for the processing and/or the User exercises his specific right of opposition in matters of direct marketing (including profiling);
  • Personal data have been unlawfully processed;
  • Personal data must be erased in order to comply with a legal obligation (under Union law or the law of the Member State) to which the controller is subject.

The Data Controller may object to the deletion of personal data in the cases provided for by the General Data Protection Regulations and by any legal regulations applicable at the time of the request for deletion of the data.

The Data Controller is required to reply to the User’s request as soon as possible and at the latest within 30 days and to give reasons for his reply if he intends not to comply with such a request.

The User also has the right, under the same terms and conditions, to obtain free of charge the deletion or prohibition of the use of any personal data concerning him/her which, taking into account the purpose of the processing, is incomplete or irrelevant or whose recording, communication or storage is prohibited or which has been stored beyond the necessary and authorised period.

12. Right to data portability

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM and after proving his identity, the User may at any time request to receive his personal data free of charge in a structured, commonly used and machine-readable format, with a view in particular to transmitting them to another Data Controller, when:

  • the data processing is carried out using automated processes; and when
  • the processing is based on the User’s consent or on a contract concluded between the User and the Data Controller.

Under the same conditions and in the same way, the User has the right to obtain from the Data Controller that the personal data concerning him/her be transmitted directly to another Data Controller, insofar as this is technically possible.

13. Recipients of data and disclosure to third parties

The recipients of the data collected and processed are, in addition to the Data Controller himself, his employees or other subcontractors, his carefully selected business partners, located in Belgium or in the European Union, who collaborate with the Data Controller in the context of the provision of services.

The Data Controller undertakes to comply with all the relevant provisions of the European Regulation on the protection of personal data when using a processor, and in particular invites the processor to :

  • Process the data only for the sole purpose(s) for which the subcontracting is (are) carried out;
  • Process the data in accordance with the documented instructions of the Data Controller;
  • Guarantee the confidentiality of personal data processed in the context of the agreement between him/her and the Data Controller;
  • Inform the Data Controller of any violation of personal data within a maximum period of 48 hours after becoming aware of it;
  • Commit to implementing various appropriate safety measures in accordance with the intended objective.

In the event that the data are disclosed to third parties for direct marketing or prospecting purposes, the User will be informed in advance so that he/she can choose whether or not to accept this processing of his/her data by third parties.

By means of a dated and signed written request sent to the Data Controller at the Company’s registered office or by e-mail to WELCOME@NOVUTECH.COM, the User may, at any time and after having provided proof of his identity, object free of charge to the transmission of his data to third parties for marketing purposes.

The Data Controller shall comply with the legal and regulatory provisions in force and shall in all cases ensure that its partners, employees, subcontractors or other third parties having access to such personal data comply with this privacy policy.

The Data Controller reserves the right to disclose the User’s personal data in the event that a law, judicial procedure or an order from a public authority makes such disclosure necessary.

All data transfers outside the European Union are made exclusively with contracting parties that comply with the requirements of the European Regulation on the protection of personal data.

14. Use and management of cookies

General principles. This article provides information about the use of cookies on the website. These are managed by the Data Controller.

The Data Controller uses cookies to make navigation on the website more useful and reliable. Some of these cookies are essential to the operation of the website, others are used to improve the User’s experience.

If the User wishes to customize the management of cookies, he/she must modify the settings of his/her browser. By browsing the website, the User expressly agrees with the cookie management described below.

Definition of cookies. A cookie is a data or text file that a website server temporarily or permanently stores on the User’s equipment (computer hard disk, tablet, smartphone, or any other similar device) through its browser. Cookies may also be installed by third parties with whom the Data Controller collaborates.

Cookies retain a certain amount of information, such as the language preferences of Users. Other cookies collect statistics about Users or ensure that graphics appear correctly and applications work well. Still others allow to adapt the content and/or advertising of a website according to the User.

Use of cookies on the Site. The Company uses different types of cookies

  1. Essential or technical cookies: these are cookies essential for the operation of the website, allowing good communication and intended to facilitate navigation;
  2. Statistical or analytical cookies: these cookies make it possible to recognize and count the number of visitors and to see their browsing behaviour when they use and navigate on the This improves the User’s navigation and makes it easier for him to find what he is looking for;
  3. Functional cookies: these cookies enable specific functionalities on the website in order to improve the user’s user-friendliness and experience, in particular by remembering the user’s preferences (e.g. language);
  4. Performance cookies: These cookies collect information about how visitors use the website. They make it possible to evaluate and improve the content and performance of the website (for example by counting the number of visitors, identifying the most popular pages or clicks), and to better match business proposals to the User’s personal preferences;

The storage period for cookies varies according to their type: essential cookies are generally stored until the browser closes, while functional cookies remain valid for 1 year and performance cookies for 4 years.

Cookies management. Most browsers are configured to automatically accept cookies, but all allow you to customize your settings according to your preferences.

If the User does not want the website to place cookies on his mobile device, he can easily manage or delete them by changing his/her browser settings. The User can also program his/her browser to send him/her a notice when he receives a cookie and decide whether to accept it or not.

In the event that the User disables certain cookies, it is possible that certain parts of the website may not be accessible and/or usable, or that they may only be partially so.

15. Safety and security

The Data Controller shall implement appropriate technical and organisational measures to ensure a level of security of the processing and data collected with regard to the risks presented by the processing and the nature of the data to be protected appropriate to the risk. It takes into account the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing operation as well as the risks to the rights and freedoms of Users and Clients.

The Data Controller always uses encryption technologies that are recognized as industry standards within the IT sector when transferring or receiving data on the website or when providing services. The Data Controller has put in place appropriate security measures to protect and avoid the loss, misuse or alteration of information received on the website or during the provision of its services via, in particular, the use of a secure server.

16. Claim and complaint

The User may file a complaint with the Data Protection Authority at the following address:

Data Protection Authority – Rue de la Presse, 35 1000 Brussels Tel + 32 2 2 274 48 00 Fax + 32 2 274 48 35 Email: contact@apd- gba.be

The User may also file a complaint with the court of first instance of his/her palce of residence.

For further information on complaints and possible remedies, the User is invited to consult the following web address of the Belgian Data Protection Authority: https://WWW.AUTORITEPROTECTIONDONNEES.BE

17. Contact details

For any question and/or complaint, the User may contact the Data Controller: By e-mail: WELCOME@NOVUTECH.COM

By mail: NOVUTECH SRL – Rue Caraute 31, 1420 Braine-l’Alleud – BELGIQUE

18. Applicable law and competent jurisdiction

Any dispute relating to the services provided by the Company, as well as any dispute as to the validity, interpretation or execution of this privacy policy, shall be governed by Belgian law and shall fall within the exclusive jurisdiction of the courts, French-speaking if applicable, of the place where the Company has its registered office.

19. Miscellaneous provisions

The Data Controller reserves the right to modify the provisions of this privacy policy at any time. The changes will be published with a warning as to their entry into force.

This version of the Charter is dated 13 September 2019.