PRIVACY POLICY

KDENZA BV attaches great importance to the protection of your personal data and the fact that your privacy is respected. In this privacy statement we want to provide clear and transparent information about what data we collect and how we handle this personal data. We do everything we can to guarantee your privacy and therefore handle personal data with care. KDENZA BV complies in all cases with the applicable laws and regulations, including the General Data Protection Regulation (Regulation EU 2016/679).  ARTICLE 1 - ControllerAs KDENZA BV, we are responsible for the processing of your personal data. If you wish to contact us, you can do so via the contact details below: KDENZA BVBE0788.324.344Kwaadbeek 47A9860 Oosterzeleinfo@kdenza.comARTICLE 2 - What do we process personal data for? Your personal data will be processed by KDENZA BV for the following purposes and legal grounds: • General customer management including invoicing and accounting processing (execution of agreement);• Provision of services (execution of agreement);• Processing and follow-up of orders / deliveries and correct handling of your purchases (execution of agreement);• Processing and follow-up of complaints (execution of agreement);• Obtaining subsidies from the government  (legitimate interest);• Supplier management including accounting processing (execution of agreement);• Monitoring of solvency (legitimate interest);• Management of disputes and legal proceedings, the recovery or transfer of debt claims and the protection of our rights in general (legitimate interest);• Sending marketing and personalized advertising (consent);• Combating possible fraud and abuse (legitimate interest). When the processing of personal data takes place on the basis of consent, you always have the right to withdraw the consent given. You can contact us via the contact details at the top of this statement or unsubscribe via the link in our newsletters. ARTICLE 3 - What personal data do we process? For the above purposes, we may request and/or process the following personal data from you: • Personal identity data: surname, first name, address (street, number, postal code, municipality, country); • Private contact details: e-mail address;• Financial data and details: bank account number, IBAN number, card numbers, payment codes, payment behaviour;• Evaluation data;• Presence;• Visual material: photos, videos, recordings;• Electronic identification data: IP address, location, cookies, device name, connection moments, surfing behaviour, login details, use of social media. The data mentioned, if applicable, must be provided in order to be able to use our services, to be able to cooperate, to receive the newsletter or to participate in our workshops and / or events. We only use the collected data for the purposes for which we obtained the data. ARTICLE 4 - How do we collect personal data? We only collect personal data that you provide to us in various ways, including via registration forms, by filling in the necessary documents, via fill-in and contact forms on our website, via personal / telephone / e-mail contact ....  It is also possible that photos are taken or videos are recorded during workshops and / or events. You will be informed of this at the time. At that moment you will have the opportunity to inform the photographer that you do not want to be photographed. ARTICLE 5 - What personal data do we pass on? To third parties: processorsThe data you provide to us may be provided to third parties if this is necessary for the execution of the purposes described above. For example, we use a third party (external service provider) for:• Storing and processing data in the Cloud (via a Cloud Service Provider), i.e. OneDrive;• Taking care of the internet environment, i.e. Wix for web hosting, Combell for mail hosting and domain name;• The development, maintenance and assistance of IT applications and software; • Taking care of the (financial) administration and social secretariat, i.e. Billit for our accounting and Acerta for our personnel administration;• Insuring our activities;• Providing and distributing newsletters/information brochures/invitations, i.e.; ConvertKit;• The delivery of mail and other shipments (via postal, transport and delivery companies), i.e. Billit;• The issuing of certificates, i.e. PECB. We never pass on personal data to external service providers with whom we have not concluded a processing agreement or with whom the same provisions have been incorporated into the contract conditions. In this agreement, we naturally make the necessary agreements with the external service providers to guarantee the security of your personal data. To third parties: recipientsWe share personal data with the following external parties: • Government services (including subsidizing authorities, tax administrations, social security authorities, etc.); Of course, we make the necessary agreements with these parties to guarantee the security and confidentiality of your personal data and to ensure that they are only used for the purpose for which they were collected. Furthermore, we will not pass on the information you provide to other third parties, unless this is legally required and permitted. An example of this is the police who request (personal) data from us in the context of an investigation. In such a case, we must cooperate and are therefore obliged to provide this information. At no time do we sell or rent your personal data to third parties. We also never pass on your contact details to third parties for commercial purposes. We may share your personal data with other third parties if you give us (written) permission to do so. You have the right to withdraw this consent at any time without affecting the lawfulness of the processing before its withdrawal. We do not provide personal data to parties located outside the European Economic Area (EU+Norway+Iceland).  ARTICLE 6 - How long do we keep data? KDENZA BV does not store personal data longer than necessary to achieve the purpose for which it was provided, taking into account the period necessary to comply with legal requirements (including in the field of accounting). However, retention periods may differ per purpose. KDENZA undertakes not to keep the data longer than a maximum of 5 years after last contact/use (or the termination of the cooperation), except with regard to the personal data that we must keep longer on the basis of specific legislation or in the event of an ongoing dispute for which the personal data are still necessary. ARTICLE 7 - How do we secure data? We have taken appropriate technical and organizational measures to protect your personal data against unlawful access, use, loss or disclosure:• All persons who can access your data on behalf of KDENZA BV are obliged to maintain their confidentiality;• Username and password policy on all our systems;• Virus scanner, firewall and systematic timely updates;• Systematic backups of the personal data in order to be able to restore them in the event of physical or  technical incidents;• Regular tests and evaluations of our measures and adjustments if necessary;• All partners have been informed about (and trained on) the importance of the protection of personal data. These employees and partners are granted access to your data to the extent that they need that information to perform their duties properly; Should an incident nevertheless occur in which your data is involved, you will be personally notified in the circumstances provided for by law. ARTICLE 8 - What rights do you have regarding your data?• You have the right to inspect and obtain a copy of the personal data relating to you.• You have the right to rectification and completion if your data is incorrect or incomplete.• You have the right to erasure (deletion) of the personal data that we have received from you and that are no longer strictly necessary for the purposes for which they were processed. We do reserve the right to determine whether your request is justified.• You have the right to restriction of data processing. If you object to the processing of certain data, you can ask to stop this processing.• You can object to the way in which certain personal data of yours are processed for serious and legitimate reasons. For example, you have the right to object to the use of your personal data for direct marketing purposes (via the unsubscribe options in e-mails). • You have the right to have the data provided by you transferred by us to yourself or on your behalf directly to another party. You can contact us via the address at the top of this privacy statement to exercise your rights, accompanied by a motivation for your question. You can also contact us via the contact page of our website www.kdenza.com.We may ask you to identify yourself before we can comply with the aforementioned requests. Our processing of your personal data does not include profiling and you will therefore not be subject to fully automated decisions. ARTICLE 9 - Where can you go with complaints? We make every effort to handle your personal data in a careful, legitimate manner and in accordance with the applicable regulations.If you have a complaint about the processing of your personal data or about the exercise of your rights, we ask you to contact us directly via the address at the top of this privacy statement. If you believe that your rights have been violated and you do not respond to your concerns within our company, you are always free to file a complaint with the supervisory authority in the field of privacy protection: Data Protection Authority (DPA)Drukpersstraat 35, 1000 Brusselhttps://www.gegevensbeschermingsautoriteit.be/contact@apd-gba.beARTIKEL 9 - When was this privacy statement last amended? KDENZA BV may amend its privacy statement from time to time. We will make an announcement of this change on our website. The last change was made on 31 May 2023.