The website available at the address www.savemeforgood.com (hereafter: the ‘Website’) is operated by and is the property of BAND BV.
1. Who are we and how can you contact us?
1.1. The controller of your personal data is BAND BV (hereafter: ‘Controller’, ‘we’ or ‘our`):
Legal form: Besloten Vennootschap (BV)
Company name: BAND
Trade name: SAVEME
Registered office: Rustoordstraat 43A, 8020 Oostkamp
VAT number: BE0748575526
Telephone number: /
Hyperlink(s) Website: www.savemeforgood.com
2.3. We are responsible for processing your personal data. As the Controller, we take all appropriate technical and organizational measures so that the processing is in compliance with Regulation (EU) 2016/679 of 27 April 2016 (hereafter: ‘GDPR’). Our appointees or employees who have access to your personal data are also required to comply with the obligations of the GDPR.
We recommend that you check the Website frequently for any changes. The date of the most recent change is shown at the bottom of the page.
3. For which purposes do we process your personal data?
We process your personal data that was shared on or via the Website solely for:
3.1. General purposes:
- Being able to deliver goods purchased on the Website to the buyer and provide associated services.
- Conducting market research to improve the Website’s technical quality and content.
- Providing information, sending emails with various offers.
- Technical management of the Website.
- Compiling statistics or conducting surveys with regard to the number of visits to the different parts of the Website.
3.2. Direct marketing and communication to third parties:
BAND BV keeps the personal data of the visitors to and purchasers on the Website strictly personal and does not use them for direct marketing purposes unless it has obtained explicit permission to do so (an ‘opt-in’) at the time of registration on the Website, during the visit to the Website or when a purchase is being made.
This consent may be withdrawn at any time without any requirement to provide a reason and without charge by sending a clear message to this effect by email to firstname.lastname@example.org.
BAND BV may pass on your personal data to other organisations and businesses for further processing if this is necessary to achieve the general purposes listed in Article 4.1. These organisations and businesses are of course not permitted to use your personal data for purposes other than those listed in Article 4.1. They will only have access to the data that are necessary for the performance of their task. BAND BV concludes a processing agreement with organisations or businesses that process data on its behalf, and imposes a duty of confidentiality on them with regard to your data.
3.3. Serious breaches:
Personal data may be provided to the competent judicial authorities (such as the police or the judiciary) at their request.
3.4. Special categories of personal data:
BAND BV does not intend to collect data from visitors/buyers under the age of 16 unless they have permission from their parents or guardian.
However, BAND BV is unable to check whether a visitor/buyer is 16 years or older.
Parents are therefore advised to be involved in their children’s online activities in order to prevent data about children from being collected without parental consent.
If BAND BV has collected personal information from a minor without this consent, please contact us by email at email@example.com (with a copy of the minor’s identity card). BAND BV will then make a check and delete the data if necessary.
4. What are the legal grounds for processing your personal data?
4.1. We process your personal data if:
To comply with the legal and administrative obligations imposed on the Controller.
To comply with tax, accounting and other obligations.
This list is not exhaustive.
Necessary for the performance of a contract:
In the pre-contractual phase:
- For contracting and negotiating;
- For providing and requesting information in the context of the conclusion of a contract;
- For drawing up a contract.
In the contractual phase:
- For customer and supplier management;
- For the performance of a contract for the sale of goods and provision of services.
For legitimate interests that we or our customers, suppliers or other third parties may have in the processing of the personal data.
For sending information to existing customers.
For ensuring the security of the personal data that we process.
For sending emails with offers to customers and non-customers.
5. Which personal data do we process?
5.1. It is not possible to provide a concrete list of all personal data that are processed. The list below is thus purely illustrative and non-limitative:
- First name and surname;
- Address data;
- Enterprise number;
- Telephone number;
- Email address;
- Other personal data that you provide or that are provided by third parties within the performance of the agreement.
5.2. We also process the following data: device data, log file data such as the IP address, browser, and operating system, the external website that brought you to our Website, and the pages that you visit on the Website (and the date and time you visited these pages). This data is automatically (without any sort of registration) only processed for statistical purposes and with a view to further improving the Website.
6. Who receives and/or process your personal data, in addition to the Controller?
Your personal data is also processed on our behalf by, among others, our IT supplier SKINN. This processing is arranged in a controller contract that we have concluded with them.
7. Do we pass your personal data to companies or entities in non-EU countries ?
Your personal data will always be stored within the European Union or within the borders of a country that offers appropriate safeguards pursuant to an adequacy decision in accordance with Article 45 GDPR.
8. Where, how and for how long do we retain your personal data?
8.1. Your personal data is stored on a secure server of Shopify Hosting / CDN. More information: https://www.shopify.com/legal/privacy
8.2. We shall not store your personal data for any longer than required to achieve the purposes specified in Article 4. In this context, we could therefore store your personal data for some time.
9. What are your rights?
9.1. At all times and at no cost you have the right to request:
- a review of your personal data;
- improvement (rectification) or removal (deletion) of your personal data;
- a restriction of the processing that relates to you.
9.2. You have the right to appeal against the processing of your personal data. You can object to the processing of your personal data for direct marketing at all times and at no cost.
You acknowledge that if you decline to communicate or request the deletion of your personal data, certain goods and services will not be available.
9.3. You have the right to have your personal data transferred to another controller.
9.4. If the processing of your personal data is based on your permission, you have the right to revoke this permission at all times. However, the revocation of your permission is not retroactive and the lawfulness of the processing based on your permission before the revocation thereof shall remain intact.
9.5. You have the right to submit a complaint to the Privacy Commission/Data Protection Authority, Drukpersstraat 35, 1000 Brussel, +32 (0)2 274 48 00, email: firstname.lastname@example.org.
This is without prejudice to your right to seek a legal remedy in a civil court.
9.6. The exercise of the aforementioned rights dependent upon the requirements and conditions as stipulated in the GDPR.
9.7. In order to exercise these rights, you can send a simple request to email@example.com or to Rustoordstraat 43A, 8020 Oostkamp (Belgium) providing adequate proof of your identity. The forwarded identity data will of course only be used to identify you and will then be deleted.
10 What are our obligations?
10.1. We take all the appropriate measures to guarantee the security level that is aligned with the risks for and during the protection of your personal data, to prevent the destruction, loss, falsification or modification of, unauthorised access to or inadvertent disclosure to third parties of personal data collected on the Website and any other unauthorised processing of such data.
BAND BV accepts no liability under any circumstances for any direct or indirect damage resulting from incorrect or unlawful use of the personal data by a third party.
10.2. We maintain a processing register in which the (category of) processing of your personal data is described.
10.4. We cooperate with the authorised privacy authorities (at their request).
10.5. Where necessary and/or required, we shall immediately inform the Privacy Commission/National Data Protection Authority within 72 hours after detection of any security incidents or data leaks (including illegal processing, loss, unavailability, destruction, damage, or unauthorised distribution of your personal data).
We will also inform you under the terms and conditions specified in the GDPR if such a violation appears to entail a high risk for your rights.
If you become aware of a violation in relation to your personal data or that of others, you may contact us on the email address firstname.lastname@example.org.
10.6. If we use new technologies or applications in order to process your personal data, which could correspond to high risks in relation to your data protection, we will conduct a so-called ‘Data Protection Impact Assessment’ (DPIA) under the conditions of GDPR and, if necessary, consult the Privacy Commission/Data Protection Authority in advance.
11.1. The Website uses ‘cookies’ with a view to improving the user experience and for the collection of Website visitor statistics. Cookies are small data files that are saved by the browser on your computer when you visit a website and which facilitate the interaction between the visitor and the Website. Cookies do not contain any personal data.
The following types of cookies are used on the Website:
- Temporary cookies: these cookies are deleted once your browser closes and are vital for enabling you to navigate the Website.
- A Permanent cookies: these cookies are used to pass information to the webserver https://policies.google.com/privacy?hl=nl when somebody visits the Website and remain stored on your computer. These cookies are activated each time you visit the Website.
- Functional cookies: these cookies are used in order to ensure the Website functions effectively.
- Non-functional cookies: these cookies can be used for more statistical purposes, among other things.
11.3. When you first visit the Website you will be asked to accept various types of cookies. With the exception of strictly necessary cookies, you may allow or refuse the various types of cookies.
The cookie settings for the Website may be changed at any time. You may thus withdraw your consent.
You have the right to object to the previously permitted use of the aforementioned cookies upon request and at no charge. You can submit this request at any time to email@example.com.
Questions? Feel free to contact us: firstname.lastname@example.org