ALPEGA PRIVACY POLICY

Last updated: 25-03-2022

Alpega values the privacy of those who provide personal data to us.  This privacy policy (the “Policy”) describes how and why we collect, store and use personal data, and provides information about individual’s rights.

This Policy applies to both personal data provided to us either by an individual or by organisations.  We may use personal data provided to us for any of the purposes as set out in this Policy, or as otherwise disclosed at the point of collection.

This Policy should be read together with the Terms of use of the Alpega Websites and, in case of use of the Services, with the Agreement as concluded between Customer and Alpega.

1. What terms are used in this Privacy Policy?

• "Affiliate" means any company, corporation or other entity that directly or indirectly controls, or is controlled by, or is under common control with either Alpega or Customer.
• "Agreement" means the General Terms and Conditions of Alpega, any order form or contract proposal accepted by the Customer under any form for the subscription to Services and the approval thereof by Alpega, the documentation relating to the Services (including without limitation user manuals, training materials, supporting materials, technical specifications and requirements), and where applicable, any applicable Special Terms and Conditions of Alpega, this Policy, together constituting the entire agreement governing the relationship between Alpega and the Customer.
• "Alpega" means Alpega S.A./N.V., a Belgian company with its registered office at Belgicastraat 17, 1930 Zaventem (Belgium), registered under number 0872.586.165 in the Belgian Registry of Companies, as well as its Affiliates.
• "Customer" means the (legal or natural) person subscribing to the Services.
• "Data Protection Legislation" means the provisions of the EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) and the Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector, as well as any national legislation and/or regulations implementing them, as this legislation may be amended or replaced from time to time.
• "Services" means the products and services of Alpega and its Affiliates, as these may change from time to time, to which the Customer has subscribed under the Agreement.
• "User" refers in this Policy to the visitors of the Websites and/or to the users of the Services on behalf of the Customer.
• “you” and “your” (and other similar terms) to refer to Customers, individuals associated with Customers, Users, contacts, suppliers and job applicants.
• “we”, “us”, and “our” (and other similar terms) to refer to Alpega.
• "Websites" refers to all internet pages and applications provided and operated by Alpega.

For the purpose of this Policy, other terms such as "personal data", "processing", "data subject", "data controller", "data processor" and "supervisory authority" shall have the meanings set out in the applicable Data Protection Legislation .

2. Who is responsible for your personal data?

Depending on the relationship between you and us, Alpega is either as data controller or as data processor responsible for your personal data. Our contact details are provided below.

3. What personal data do we collect and process?

Depending on the relationship between you (e.g. customer, vendor, applicant) and us, we may collect and process some of the following personal data from you:

• Identity and Contact Data, including your name, address, telephone number, date of birth, language, marital status, passport number, employment history, educational or professional background, tax status, employee number, job title and function, seniority and other personal data concerning your preferences relevant to our Services;
• Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
• Business Information, including information provided in the course of the Agreements or otherwise voluntarily provided by you or your organisation;
• Communication Information, including the content of communications exchanged between you and us or between you and others Users;
• Profile and Usage Data, including your preferences in receiving marketing information from us, your communication preferences and information about how you use our Services, social media pages and Websites including the Services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs), dates and times of when you perform various activities on the Websites or Alpega applications and the status of your personal account settings;
• Technical Data, including information collected during your visits to the Websites, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;
• Geolocation Data including information about your locations or estimate time of arrival collected during your use of the Services;
• Physical Access Data, relating to details of your visits to our premises;

If you provide information to us about any person other than yourself (your family, employer, employees, counterparties, advisers, suppliers…), you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it. If we need personal data in respect of individuals associated with Customers in order to provide Services we ask Customers to provide this Policy to such individuals as data subjects.

4. How do we collect your personal data?

In the majority of circumstances we will collect personal data (1) from Customers and Users or (2) if you sign up to attend any of our events and/or to receive our communications. In some circumstances (3) we may collect personal data from third parties. The circumstances in which we can collect personal data about you are the following:

• when you use any of our Services;
• when you seek advice from us;
• when you offer to provide, or provides, services to us;
• when you correspond with us by phone, email or other electronic means, or in writing, or when you provide other information directly to us, including in conversation with our staff, external providers or consultants;
• when you browse, complete a form or make an enquiry or otherwise interact on our Websites or other online platforms;
• when you attend our events or sign up to receive information from us ;
• by making enquiries from your organisation or other organisations with whom you have dealings such as former employers and educational institutions;
• by making enquiries from third party sources such as government agencies, credit reporting agency, database and information service providers or from publicly available records.

Where we need to collect personal data by law or in order to perform the Agreement and you fail to provide that data when requested, we may not be able to perform the Agreement we have or are trying to enter into with you. In this case, we may have to cancel our Agreement you have with us, but we will notify you if this is the case at the time.

5. How will we use your personal data and on what basis?

We will use your personal data, in such a manner as we believe is reasonably necessary, only for the following purposes and on the following legal basis:

• The processing is necessary for the performance of a contract you are party to or in order to take steps at your request prior to you entering into a contract with us:
  • Quotes and information : to answer your questions in relation to our Services or to provide you with Services related information (such as demos and price quotation );
  • Customer engagement: to register you as a Customer of us and to carry out certain background searches to verify whether or not there are any potential issues that may mean we cannot work with a particular person;
  • Products and services: to provide you with our Services;
  • Customer management : to carry out the actions in relation to the management of your account (such as exchange of correspondence in the context of the Agreement, entries in directories, …);
  • Administration: to agree upon payment arrangements and to collect our fees and costs owing to us in connection with the Agreement;
  • Job applicants: to process applications for employment;
  • Managing supplier relationships: to receive the provision of services from our suppliers (including administration, billing and payment). If a supplier is assisting us in delivering services to our Customers we will process personal data to manage that relationship.
• The processing is necessary in order for us to comply with our legal obligations:
  • compliance processing in relation to financial and tax obligations;
  • maintaining records : for example we must hold your personal data on a suppression file to ensure there is a record of your objection to direct marketing.
• Where you have given consent to the processing of your personal data:
  • to send you updates time, news about any events we are organising or participating in, and/or other information about us and the services that we and/or our Affiliates and/or our trading partners, provide that we believe may be of interest to you; 
  • to send you details of client surveys, marketing campaigns, market analysis, or other promotional activities;
  • to collect information about your preferences to personalise and improve the quality of our communications with you.
• The processing is necessary for the pursuit of our legitimate business interests :
  • to administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship including identifying persons authorised to represent Customers, suppliers or service provider;
  • to carry out background checks, where permitted and where the processing is necessary for the purpose of preventing fraud; This can include automated verifications of personal data you provide about your identity against relevant databases and contacting you to confirm your identity, or making records of our communications with you for compliance purposes.
  • to perform analytics (such as trends, sales intelligence, marketing effectiveness);
  • to analyse and improve our Services and communications and to monitor compliance with our policies and standards;
  • to manage access to our premises and for security purposes;
  • to ensure our network and information security and prevent or detect security threats, frauds or other criminal or malicious activities;
  • To identify potential job applicants and contact them;
  • for insurance purposes;
  • to exercise or defend our legal rights or to comply with court orders.
  • to communicate with you to keep you up-to-date on the latest developments, announcements, and other information about Services, events and initiatives (including briefings, newsletters and other information about business and industry developments).
  • to collect information about your preferences to personalise and improve the quality of our communications with you.
  • For better understanding how the Websites are being used as to improve them on a regular basis or for diagnosing technical issues on the Websites.
  • For statistical purposes in connection with the use of the Services.
  • For sharing information between Customers and contacts within our services directories.

6. Who else may have access to your personal data?

On occasion, we may need to share your personal data with third parties. We will only share personal data where we are legally permitted to do so.

Where you provide us with personal data as a client, we will assume, unless you instruct us otherwise in writing, that we can disclose your personal data in such manner as we believe is reasonably necessary to provide our Services (including as described in this Policy), or as is required under applicable law.

We share your personal data:

• with our Affiliates for the purposes of providing you with Services, as described in this Policy. You can see more about our group entities here;
• with our business partners, service providers and other affiliated third parties: to enable us to provide Services to you, we may need to share your personal data with our business partners (including accountants, auditors, bailiffs, lawyers, public notaries and authorities, consultants, mediators, experts, banks, insurances, software/hardware providers, logistic management solutions and system partners). Our arrangements with external service providers currently cover the provision of support services including IT, integrated software solution, legal accreditation, customer and supplier management, money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes checks, credit-checking for credit control reasons, events management, document production, financial, business and legal services, secretarial services, marketing and business development and facilities management;
• on a confidential basis with third parties for the purposes of collecting your feedback on our Service provision, to help us measure our performance and to improve and promote our Services;
• with courts, law enforcement authorities, regulators, government officials or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process;
• if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations;
• when disclosures are required by law or regulation: in certain circumstances, please note that we may be required to disclose personal data under applicable law or regulation, including to law enforcement agencies or in connection with proposed or actual legal proceedings.
• When certain Services offer a functionality to support the communication needs of Customers (e.g. to send a fax/email/sms via the Services). In these cases, other Users can consult your personal information and add your information in their address book. By using some Services, you understand that the recipient of the communication will become aware that you are an Alpega Customer/User and/or may receive part of your personal data collected and processed by Alpega.
• While using the Services, you may have to enter transaction information (including details of a freight or a transport operation or content of email, fax and SMS messages,…) for the purpose of communicating it to other parties via the Services. This information will be made available to other parties, on your request, according to the rules of the Service.

7. International transfers of Information

When we transfer your personal data to other countries, including in territories outside of the European Economic Area (“EEA”), we will safeguard that information as described in this Policy.

The legal regimes of some countries outside of the EEA do not always offer the same standard of data protection as those inside the EEA, although we will ensure that your personal data is only ever treated in accordance with this Policy. We only transfer personal data to these countries when it is necessary for the Services we provide you, or it is necessary for the establishment, exercise or defense of legal claims or subject to safeguards that assure the protection of your personal data, such as European Commission approved standard contractual clauses.

All our subsidiary undertakings and/or Affiliates throughout the world ensure a level of data protection at least as protective as that required in the European Economic Area.

For further information, including obtaining a copy of the documents used to protect your information, please contact us using the contact details provided below.

8. Security of your personal data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We put in place strict confidentiality agreements (including data protection obligations) with our third party service providers.

We have also put in place procedures to deal with any personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. Your rights

You have various rights with respect to our use of your personal data:

• Access: The right of access gives you the right to obtain a copy of your personal data. It helps you to understand how and why we are using your data, and check we are doing it lawfully. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information.
• Rectification: You have the right to have inaccurate personal data rectified and to have incomplete personal data completed. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or has changed, so that we can keep your personal data up-to-date. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
• Erasure: You have the right to have your personal data erased. This right is not absolute and only applies in certain circumstances (for example if your personal data is no longer necessary for the purposes for which it was collected, or when your personal data have been unlawfully processed).
• Restriction: You have the right to restrict the processing of your personal data in certain circumstances. This means that you can limit the way that we use your personal data where you have a particular reason for wanting the restriction. This may be because you have issues with the content of the information we hold or how we have processed your data.
• Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format. This right to data portability only applies when our lawful basis for processing this information is consent or for the performance of a contract and we are carrying out the processing by automated means (i.e. excluding paper files).
• Objecting: You have the absolute right to object to the processing of your personal data if it is for direct marketing purposes. In others specific circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data.
• Automated individual decision-making: You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. The right is not absolute and only applies in certain circumstances. You will be specifically informed if we make such automated individual decision.
• Complaints: We are committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint with a supervisory authority, in the Member State of your habitual residence, of your place of work or of an alleged infringement of the data protection laws (for Belgium see www.dataprotectionauthority.be and for other countries click here). You also have the right to seek a remedy through the courts.

You may, at any time, exercise any of the above rights, by contacting us using the contact details provided below. If we have doubt about your identity, we may request you to provide us with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.

10. Withdrawal of consent

When personal data is processed on the basis of your consent, you may withdraw consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.

In the event that you no longer want to receive any marketing communications from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact us using the contact details provided below. Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our Services. 

11. How long do we keep your personal data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

12. Cookies

We use a cookies tool on our website to gain consent for the optional cookies we use.

Cookies that are necessary for functionality, security and accessibility are set and are not deleted by the tool.

You can read more about how we use cookies, and how to change your cookies preferences, in our Cookies Policy.

13. Links to other websites

Our Websites and social media pages may contain tools, widgets or content that link to other, unaffiliated third party websites and/or social media pages.  Please note that we are not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third party websites.  You must always carefully review the privacy and confidentiality policy of any third party websites that you may visit in order to understand how the operators of that websites may collect, store and use your personal data.

14. Changes to our privacy policy

We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by email.

This Policy was last updated in March 2022.  Please check back regularly to keep informed of updates to this Policy.

15. Contact Details

Questions, comments and requests regarding this Policy are welcomed and should be addressed to privacy team at:

Alpega S.A./N.V.
Belgicastraat 17,
1930 Zaventem,
Belgium
Email: privacy@alpegagroup.com

Data Privacy Officer:  Marc Van Nieuwenhove