Privacy statement
version January 2024
1. Identity and contact details of the data controller
This privacy policy applies to all personal data processed on this website. We attach great importance to your privacy and find it important that your personal data is always treated with the necessary care and confidentiality.
The data controller for the processing of your personal data is: June20 BV, located at Handelsdokcenter, Stapelplein 70 bus 202, 9000 Ghent, Belgium, VAT BE 0808.404.829.
For further questions or comments regarding how we handle your personal data, you can always contact us, either by email to privacy@june20.be or by mail.
2. What does “processing personal data” mean?
Processing personal data (hereinafter “data”) includes any processing of data that can identify you as a natural person. The data concerned is described in this Privacy Statement. The concept of ‘processing’ is very broad and covers, among other things, the collection, storage, use of your data, or sharing it with third parties.
3. What data do we process?
Below we clarify what data the provider of this website and any directly linked stakeholders (such as physical offices, foreign branches…) may process from you:
Main activity
For our marketing purposes, we may process the following data from our customers and prospects. The data controller of these messages is always either the point of sale or the overarching platform. This specific company acts as the sole data controller for these messages. The following data may be involved:
- Electronic identification and usage data (e.g. IP address, browser type, location data);
- Contact details, social media data via our social media profiles, preferences, for example regarding your interests or the specific newsletters you wish to receive.
- Feedback, testimonials and promotional content such as photos and videos (e.g. reviews, NPS score);
- Action or event-related data (e.g. registration or submission, event progress or action outcome, …).
Service providers
From our service providers, we may process the following data:
- Electronic identification and usage data (e.g. IP address, browser type, location data);
Identification data; - Contact details (e.g. name, first name, address, email address, etc.);
- Contact history (e.g. email messages, messages sent via web forms, etc.);
- Contractual data (e.g. company name, address, VAT number, agreement, etc.);
- Payment and billing data (e.g. payment card data, invoices, etc.);
- After-sales, feedback, testimonials, and promotional content such as photos and videos (e.g. assessments and experiences regarding our (co)operation, testimonials, quotes, presence at events, etc.).
- Candidate employees
4. For what purposes do we process your data?
We process your data for the purposes described below and do not collect and process more or other types of data than those necessary for these purposes.
Operational purposes
We process data for example for the optimization of our website; statistical purposes and market research; to keep our services user-friendly; to answer your question.
Business purposes
We process data for example in the context of our main activity, such as to provide the requested service such as delivering the ordered goods; to communicate with you about our service provision and the delivery of your ordered products; to inform you about our policy, general terms and conditions of use; to develop and manage relationships with our potential and existing contacts and partners.
Commercial purposes
We process data for example for sending marketing communications by email; for sending newsletters; or to register and process your registration for events or actions.
Legal or statutory purposes
We process data for legal reasons and procedures, for example to comply with legislation and government orders; or to be able to comply with our internal and external audit requirements, information security or for the protection or enforcement of our rights, privacy, safety or property or those of other persons.
5. On what legal basis do we process your data?
We process your data only insofar as it is based on one of the legal bases listed in the GDPR, as shown below.
Legal obligation
Certain data is processed by us to comply with legal or regulatory obligations that rest on us. For example in the context of fiscal and accounting obligations or in the field of data protection.
Necessary for the conclusion/performance of a contract
Certain data is processed by us because it is necessary for concluding, performing or terminating a contract with you as the data subject. For example for contacting, scheduling, responding to a request or requesting information in the context of entering into a contractual relationship with us, but also the effective execution of the contractual assignment in the context of our main activity, in order to be able to provide you with our service provision, and in order to enable the delivery of our products via the network of suppliers on which we can rely via Connect+.
Legitimate interest
Certain data is processed by us based on our legitimate interest which in specific cases outweighs any possible detriment to your rights. For example for promoting our activities for commercial purposes to our existing customers; improving the quality of our service provision; training staff and evaluating and maintaining data and statistics related to our activities, in the broad sense; storing and using evidence in the context of liability, procedures or disputes and with a view to archiving activities; and guaranteeing security, both online on our website and in our store.
Consent
Certain data is processed by us based on your consent. For example for promoting our activities to non-customers; the use of certain analytical or marketing cookies; placing photos or other publications containing personal data on our website and our pages on social media channels.
6. Origin of the data
Most of the data we process from you, we have also obtained directly from you. Within the framework of our service provision, it is possible that we obtain data from you via external service providers or public sources.
7. With whom do we share your data?
We do not pass on your data to third parties, except when this is strictly necessary in light of the aforementioned purposes, or if we are legally obliged to do so. With explicit consent, we pass on your data to participating retailers.
Data can be shared between the different data controllers.
Where necessary, we make use of external service providers (processors), to support our operational purposes such as the management or hosting of our website and IT systems. These external service providers perform certain data processing operations on our behalf where applicable. We will only share your data with these external service providers to the extent necessary for the relevant purpose. The data may not be used by them for other purposes.
Among these external service providers are also fixed sub-processors within the own group, namely:
- June20 Digital BV, located at Bisschoppenhoflaan 88, 2100 Deurne, Belgium, VAT BE0787.447.186
- June20 Connect BV, located at Handelsdokcenter, Stapelplein 70 bus 202, 9000 Ghent, Belgium, VAT BE0793.249.469
Concretely, this means that we share your data, insofar as relevant in your situation, with the following third parties for the following purposes, whereby these third parties in certain cases act as processors on our behalf:
- Postal companies, transport and delivery companies if we need to send you something by mail;
- Payment service providers if we receive payments from you, or vice versa;
- External representatives and consultants or any other parties involved in the context of our main or secondary activities;
- Companies that assist us in promoting our activities based on the email addresses, postal addresses, or telephone numbers of our customers;
- The processors that assist us in the IT field in operating our organization, with a view to secure and efficient digital data management within our organization;
- Government bodies, judicial instances and practitioners of regulated professions such as accountants and lawyers, with a view to compliance with our legal obligations and defense of our interests, insofar as required.
8. How long do we keep your data?
We do not keep your data longer than necessary for the purpose for which the data was collected or is processed. Since the period for which data can be kept depends on the purposes for which the data was collected, the storage period may vary in each situation. Sometimes specific legislation will oblige us to keep the data for a certain period. Our retention periods are always based on legal requirements and a balancing of your rights and expectations with what is useful and necessary to fulfill the purposes. After expiration of the retention period, your data is deleted or anonymized.
9. Where do we store your data and how is it protected?
We provide appropriate security measures at a technical and organizational level, to avoid within the framework of our activities the destruction, loss, falsification, modification, unauthorized access or unlawful notification to third parties as well as any other unauthorized processing of this data.
In addition, we also ensure that the processors we rely on also take appropriate security measures to limit risks of incidents as much as possible.
We strive to process the data we process as much as possible within the European Economic Area (EEA). If your data is processed outside the European Economic Area (EEA) when using specific services or software tools, this will only happen in/to countries of which the European Commission has confirmed that they guarantee an appropriate level of protection of your data, or appropriate safeguards will be taken, such as standard contractual clauses being concluded to ensure the lawful processing of your data in these third countries.
10. What are your rights?
You have various rights regarding the data we process from you. If you wish to exercise one of the following rights, please contact our GDPR officer via the contact details included under the first title of this Privacy Policy. Point 3 of this privacy policy specifies who can be considered as the data controller for which specific processing. Please take this into account when exercising your rights. If the exercised right (also) relates to another data controller than the one with which you exercise your rights (a specific point of sale or overarching platform), the data may be shared with this data controller to answer your request as well as possible.
Right of access and copy
You have the right to view your data and obtain a copy of it. This right also includes the possibility to request further information regarding the processing of your data, including what concerns the categories of data processed from you and for what purposes this happens.
Right of correction or rectification
You have the right to have your data corrected if you believe we have incorrect data.
Right to data erasure (right to be forgotten)
You have the right to request that we delete your data without unreasonable delay. However, we will not always be able to comply with such a request, including when we still need the data in function of an ongoing agreement, or when keeping certain of your data for a certain period is legally required.
Right to restriction of processing
You have the right to restrict the processing of your data. In this way, processing is temporarily stopped until there is, for example, certainty about its accuracy.
Right to withdraw your consent
When processing is based on your consent, you have the right to withdraw this consent at any time by contacting us. For marketing messages you receive from us via email based on your consent, you can easily withdraw this consent by clicking on the unsubscribe link at the bottom of such a message.
Right to object
You have the right to object to the processing of your data that is based on legitimate interest. This must be done based on specific reasons related to your situation. You can also object to the use of your data for direct marketing purposes. For marketing messages by email, an opt-out will always be provided.
Right to portability
You have the right to receive your data that you have provided to us with your consent or in performance of a contract, in electronic form. In this way, they can easily be transferred to another organization. You also have the right to request us to transfer your data directly to another organization, if this is technically possible.
Right to file a complaint with your supervisory authority
If you believe that we process your data incorrectly, you always have the right to file a complaint with your supervisory authority in the field of data protection.
Belgian Data Protection Authority (DPA)
Drukpersstraat 35
1000 Brussels
contact@apd-gba.be
