Privacy Policy
Last update : 29th May 2023
The purpose of this policy is to provide transparent information to data subjects regarding the processing of their data and to inform them about the measures taken to safeguard the confidentiality and security of their data.
Please note that this policy is subject to change, and it is advisable to regularly review its contents.
The data controller
The entity responsible for collecting and processing the data is The Tomasi Company, hereinafter referred to as “We,” “our,” or “us.”
Our contact details are as follows: Address: 4 Avenue Chant d’Oiseaux, 7090 Braine-Le-Comte, Belgium ECB number: BE0859312904
You can contact our Data Protection Officer at the following address:
DPO
4 Avenue Chant d’Oiseaux
7090 Braine-Le-Comte
Belgium
or via email at: privacy@thetomasicompany.be.
As the data controller, we are obligated to fulfill various responsibilities, including guaranteeing your rights, notifying you of any potential security breaches, and maintaining a record of processing activities, among others.
Types of Data Processed
We only process data that is relevant, adequate, and necessary for the purpose of processing.
The methods of data collection and the specific data processed may vary depending on the purpose of the processing.
Data We Collect
Personal Information You Provide to Us
We collect personal information that you voluntarily provide to us when you express interest in obtaining information about us, our products, or our services. This includes information you provide when participating in activities on our website (such as posting in online forums or entering contests/sweepstakes) or when you contact us.
The personal information we collect depends on the context of your interactions with us and the website, the choices you make, and the products and features you use. It may include the following:
- Names
- Email addresses
- Usernames
- Passwords
- Contact preferences and similar information
All personal information you provide must be true, complete, and accurate, and you must inform us of any changes to this personal information.
Information Collected Automatically
We automatically collect certain information when you visit, use, or browse our website. This information does not reveal your specific identity (such as your name or contact details). However, it may include device and usage information, such as your IP address, browser, device characteristics, operating system, language preferences, referring URLs, device name, country, location, and information about how and when you use our website, as well as other technical information. This information is primarily needed to maintain the security and operation of our website and for our internal analysis and reporting.
Like many companies, we also collect information through cookies and similar technologies.
The information we collect includes:
- Log and Usage Data: This includes connection and usage data, service diagnostics, and performance information that our servers automatically collect when you access or use our website. Depending on how you interact with us, this log data may include your IP address, information about your device, browser type and settings, time stamps associated with your use, pages and files viewed, searches, and other actions you take, as well as information about device events, system activity, error reports, and hardware settings.
- Device Data: We collect device data, such as information about your computer, phone, tablet, or other device used to access our website. Depending on the device used, this data may include your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider, mobile operator, operating system, and system configuration information.
- Location Data: We collect location data, such as information about the location of your device, which may be precise or imprecise. The amount of information we collect depends on the type and settings of the device you use to access our website. For example, we may collect geolocation data using GPS and other technologies based on your IP address. You can choose to opt-out of providing this information by disabling the geolocation setting on your device, but please note that opting out may limit certain aspects of our services.
How do we justify the processing of your personal data?
We process personal information collected through our website for various business purposes as described below. The processing of your personal information is justified based on our legitimate business interests, the necessity to enter into or perform a contract with you, your consent, and/or compliance with our legal obligations. We specify the specific legal grounds for processing alongside each purpose listed below.
The processing of personal data includes any operation carried out on this data, such as collection, recording, use, or storage.
Any processing of data must have a legal basis determined by the General Data Protection Regulation (GDPR).
We use the information we collect or receive for the following purposes:
- Facilitating account creation and login process: If you choose to link your account with us to a third-party account (such as Google or Facebook), we use the information obtained from these third parties with your consent to facilitate the account creation and login process for contract fulfillment.
- Publishing testimonials: We may publish testimonials on our website that may contain personal information. Before publishing a testimonial, we will obtain your consent to use your name and the content of the testimonial. If you wish to update or delete your testimonial, please contact us and provide your name, location, and contact information.
- Requesting feedback and comments: We may use your information to request feedback and contact you about your use of our website.
- Enabling communication between users: With the consent of each user, we may use your information to enable user-to-user communications.
- Managing user accounts: We may use your information to manage and maintain your account.
- Sending administrative information: For example, we may use your personal information to send you information about products, services, new features, and changes to our terms, conditions, and policies.
- Protecting our services: We may use your information as part of our efforts to ensure the security of our website, such as fraud monitoring and prevention.
- Enforcing terms, conditions, and policies: We may use your information for business purposes to enforce our terms, conditions, and policies, comply with legal and regulatory requirements, or fulfill our contractual obligations.
- Meeting legal requirements and preventing harm: For instance, if we receive a subpoena or other legal request, we may need to examine the data we hold to determine an appropriate response.
- Sending marketing and promotional communications: We and/or our third-party marketing partners may use the personal information you provide for marketing purposes, subject to your marketing preferences. For example, when you express interest in receiving information from our website, subscribing to marketing services, or contacting us, we collect personal information about you. You have the right to opt-out of receiving our marketing emails at any time (see “What are your privacy rights?” below).
- Providing targeted advertisements: We may use your information to develop and display personalized content and advertisements tailored to your interests and/or location. We may also work with third parties to achieve this and measure the effectiveness of such advertisements.
- Other commercial purposes: We may use your information for additional business purposes, including data analysis, identifying usage trends, evaluating the effectiveness of our promotional campaigns, and improving our website, products, marketing, and user experience. We may use and store this information in an aggregated and anonymized form that does not identify individual end users or include personal information. We will not use any personally identifiable information without your consent.
Will my data be retained?
We will only retain your personal information for as long as necessary for the purposes stated in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will necessitate the retention of your personal information for more than two years.
Once we no longer have a legitimate business need to process your personal information, we will delete or anonymize it. If deletion or anonymization is not possible (for example, if your personal information is stored in a backup archive), we will securely store your personal information and isolate it from further processing until deletion becomes feasible.
Will my data be shared?
We may share your data with our employees, duly authorized suppliers, or subcontractors as part of our business operations.
For instance, we may provide your details to our accountant, email service provider, or postal service.
We may disclose your data to supervisory authorities, courts, and government agencies when required by law, regulation, or legal process.
Additionally, we may disclose your data in good faith when such action is necessary to comply with applicable laws or regulations or to protect and defend our rights or the rights of other users of our services.
In all circumstances, we ensure the protection of your data through confidentiality agreements.
We maintain a list of our subcontractors; however, for security reasons, this list is only made available upon request as soon as possible. You can contact us at the following address: privacy@thetomasicompany.be.
Are my data transferred abroad?
Some of your data may be transferred within the European Union (EU), where personal data is protected at the same level as in Belgium.
Our website servers are located in France. If you access our website from outside the United Kingdom, please be aware that your information may be transferred to, stored, and processed at our facilities and by third parties with whom we may share your personal information (as described in the “Will your information be shared with anyone?” section above), both inside and outside your country.
We do not transfer data outside the European Union.
If it becomes necessary to transfer data to a country outside the EU or grant access to a subcontractor, service provider, or third party located outside the EU, such transfer or access will only occur if:
- The European Commission has issued an adequacy decision, confirming that the country provides an adequate level of data protection equivalent to that provided by European legislation, and the transfer will be based on this decision.
- Appropriate safeguards have been implemented in accordance with the General Data Protection Regulation (GDPR), such as the use of the European Commission’s Standard Contractual Clauses, approved binding corporate rules, an approved code of conduct, or obtaining your consent.
What are my rights as a data subject?
Under applicable data protection laws in certain regions (such as the EEA and the UK), you have certain rights as a data subject. These rights may include the right to:
- Request access to and obtain a copy of your personal information.
- Request rectification or erasure of your personal information.
- Restrict the processing of your personal information.
- Where applicable, data portability.
- Object to the processing of your personal information in certain circumstances.
To exercise any of these rights, please use the contact details provided below. We will investigate and respond to your request in accordance with applicable data protection laws.
If we rely on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note that the withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal or processing based on other lawful grounds. If you believe that we are unlawfully processing your personal information and you are a resident of the EEA or the UK, you also have the right to lodge a complaint with the data protection supervisory authority in your country. You can find their contact details at the following link: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
If you are a resident in Switzerland, you can find the contact details of the Swiss data protection authorities at this link: https://www.edoeb.admin.ch/edoeb/en/home.
To exercise your rights or for more information about them, please contact us using our contact form (preferred method) or by sending an email to privacy@thetomasicompany.be.
Please note that there are limitations to these rights, and if we have a legal obligation that prevents us from fulfilling your request, we will inform you accordingly.
For further information about your rights and how to exercise them, please contact us using our contact form (preferred method) or by sending an email to privacy@thetomasicompany.be.
Cookies and Similar Technologies:
Most web browsers are typically set to accept cookies as the default setting. However, if you prefer, you can usually choose to configure your browser to delete and reject cookies. Please note that if you choose to delete or reject cookies, it may impact certain features or services on our website. To opt-out of interest-based advertising from advertisers on our website, you can visit http://www.aboutads.info/choices/.
Controls for Do-Not-Track Functions
Most web browsers, as well as some mobile operating systems and applications, offer a “Do-Not-Track” (“DNT”) feature or setting that allows you to indicate your privacy preference, signaling that you do not want your online browsing activities to be monitored and collected.
Currently, there is no universally accepted technology standard for recognizing and implementing DNT signals. However, we strive to respond to browser-based DNT signals or other mechanisms that automatically communicate your choice not to be tracked online. If a standard for online tracking is adopted in the future, and we are required to comply with it, we will notify you of such practices in a revised version of this privacy notice.
Where Can I Make a Complaint?
You can always contact our data protection officer.
However, if you wish to file a complaint, you have the option to do so with the Data Protection Authority:
Website: www.autoriteprotectiondonnees.be
Address: Rue de la Presse, 35, 1000 Brussels, Belgium
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
Email: contact@apd-gba.be
You may also lodge a complaint with the court of first instance in your place of residence.
For more information on complaints and possible remedies, we invite you to consult the following address of the Data Protection Authority: https://www.autoriteprotectiondonnees.be/introduire-une-requ%C3%AAteune-plainte
If you require further information about your rights, please contact us.
To exercise your rights, you can send an email to the following address: privacy@thetomasicompany.be or by post to the following address: 4, Avenue Chant d’Oiseaux, 7090 Braine-Le-Comte, Belgium.
We will respond to your request as soon as possible, and no later than one month from the date of receiving your request. If your request is complex or if we receive a high volume of requests, the response time may be extended by two months. If an extension is necessary, we will notify you within one month of receiving your request.
Please note that when communicating this information, we are obligated to consider the rights and freedoms of other individuals.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful alteration, loss, unauthorized use, disclosure, or access.
We take all reasonable steps, following the principles of privacy by design and privacy by default, to establish the necessary safeguards and ensure the security of your data.
The Tomasi Company is committed to providing a detailed list of the security measures in place to protect the processed personal data upon first request.
Cookies
We use cookies on our website.
For more information about our Cookie Policy, please refer to the Cookie Policy section on our website.
Applicable Law and Jurisdiction
This policy is governed by Belgian law.
Any dispute relating to the interpretation or implementation of this Policy shall be subject to the exclusive jurisdiction of the courts of the judicial district of Mons.
Do California Residents Have Specific Privacy Rights?
California Civil Code Section 1798.83, also known as the “Shine The Light” law, grants specific privacy rights to our users who are California residents. California residents have the right to request and obtain, once a year and free of charge, information about the categories of personal information (if any) that we have disclosed to third parties for their direct marketing purposes. They also have the right to obtain the names and addresses of all third parties with whom we have shared personal information during the previous calendar year. If you are a California resident and would like to make such a request, please submit it to us in writing using the contact information provided below.
If you are under the age of 18, a California resident, and have a registered account with our website, you have the right to request the deletion of any unwanted data you have posted on the website. To request the deletion of this data, please contact us using the contact information provided below. Include the email address associated with your account and indicate that you are a California resident. We will ensure that the data is not publicly displayed on the website. However, please be aware that the data may not be completely or permanently deleted from all of our systems (e.g., backups, etc.).
Updating of This Charter
We may update this privacy notice periodically. The date of the last modification is visible at the top of the page. If we make material changes to this privacy notice, we may notify you by prominently posting a notice of such changes or by sending you a notice directly. We encourage you to review this privacy notice frequently to stay informed about how we protect your information.
We advise and invite you to consult it regularly.
Who are we?
We are The Tomasi Company, a company registered under the company number BE0859312904 in Belgium.
We are the owner of this website and responsible for its content.
Any questions?
If you have any questions or concerns regarding this privacy notice or our practices regarding your personal information, please feel free to contact us. We prefer that you use our contact form to reach out to us, but you can also send us an email at privacy@thetomasicompany.be.