Introo cares deeply about your privacy. We therefore only process data we need for (improving) the services we provide and carefully handle the information we have collected about you and your use of our services. We never make your data available to third parties for commercial purposes.
2. About the data processing
Below you can read how we process your data, where this information is stored, which security measures are taken and who can access these data.
2.1. Website software
Our website has been developed with software from a certified developer of web applications. We host our website on a server from a certified webhost. Any personal data you put at our disposal for the purpose of providing services will be shared with this party. The webhost can access your data to provide us with (technical) support and will never use your data for any other purpose. On the basis of an agreement we have concluded with them, the webhost is obliged to adopt appropriate security measures. These security measures include a strong password policy and the installation of security software. Back-ups are regularly made to avoid loss of data.
We purchase webhosting and email services from a certified webhost. This webhost processes personal data on our behalf and does not use your data for its own purposes. However, this party may collect metadata about the use of the services. These are not personal data. The webhost has adopted appropriate technical and organisational measures to prevent loss and unauthorised use of your personal data. On the basis of the agreement, the webhost is bound by confidentiality.
For our regular business email communications, we make use of the services of a certified webhost. This party has adopted appropriate technical and organisational measures to prevent unauthorised use, loss and corruption of your and our data as much as possible. The webhost does not have access to our mailbox and we treat all our email communications as confidential.
3. Purpose of the data processing
3.1. General purpose of the data processing
We use your data only for the provision of our services. This means that the purpose of the data processing is always directly related to the assignment you have granted. We do not use your information for (targeted) marketing. In case you share information with us and we use this information to contact you at a later time other than requested, we will ask your explicit permission for this. Your data will not be shared with third parties, except for compliance with administrative and accounting obligations. These third parties are all bound by confidentiality on the basis of the agreement concluded between them and us, an oath or a legal obligation.
3.2. Automatically collected data
Data that have been automatically collected by our website are processed for the purpose of further improving the services we provide. These data (for instance your IP address, web browser and operating system) are not personal data.
3.3. Cooperation in fiscal and criminal investigations
On the basis of a statutory obligation, Introo can be required to share your data within the scope of fiscal and criminal investigations by the authorities. In such cases, we are obliged to disclose your data, but we will object to this disclosure within the limits of what is legally possible.
3.4. Retention periods
We store your data as long as you are a customer of ours. This means that we keep your customer profile until you indicate that you no longer wish to make use of our services. If you indicate this to us, we will also regard this as a request to be forgotten. On the basis of applicable administrative obligations, we must keep invoices with your (personal) data. We will store these data for the entirety of the applicable retention period. However, our employees will no longer have access to your customer profile or to the documents we have drawn up within the context of the assignment you have granted.
4. Your rights
Pursuant to the legislation in force in Belgium and the European Union, you, as a person concerned, have certain rights with regard to the personal data that are processed by us or on our behalf. Below we will explain what rights you have and how you can rely on these rights.
In principle and in order to prevent misuse, we will send copies of your data only to your email address which you have provided to us. In the event that you wish to receive the data at another email address or, for example, by post, we will ask you to identify yourself. We keep records of completed requests; in case of a request to be forgotten, we keep records of anonymised data. You will receive all copies of data in the machine-readable data format which we use within our systems.
You have the right to file a complaint at any time with the Data Protection Authority if you suspect that we use your personal data incorrectly.
4.1. Right of access to information
You always have the right to view the data that we process or have processed, that relate to you or that can be traced back to you. You can submit a request to that effect to our privacy contact person. You will then receive a reply to your request within 30 days. If your request is accepted, we will send a copy of all data with an overview of the relevant data controllers to the email address which you have provided to us, stating the category under which we have stored these data.
4.2. Right to rectification
You always have the right to demand rectification of the data that we process or have processed, that relate to you or that can be traced back to you. You can submit a request to that effect to our privacy contact person. You will then receive a reply to your request within 30 days. If your request is granted, we will send you a confirmation that the data have been rectified to the email address which you have provided to us.
4.3. Right to restriction of processing
You always have the right to restrict the data that we process or have processed, that relate to you or that can be traced back to you. You can submit a request to that effect to our privacy contact person. You will then receive a reply to your request within 30 days. If your request is granted, we will send you a confirmation that the data will no longer be processed until you remove the restriction to the email address which you have provided to us.
4.4. Right to data portability
You always have the right to transmit the data that we process or have processed, that relate to you or that can be traced back to you, to another data controller. You can submit a request to that effect to our privacy contact person. You will then receive a reply to your request within 30 days. If your request is granted, we will send you copies of all information about you that has been processed by us on behalf of us by other data controllers or third parties to the email address which you have provided to us. In all likelihood, we will no longer be able to continue providing our services in such a case because the secure linking of data files can no longer be guaranteed.
4.5 The right to object and other rights
In particular cases, you have the right to object to certain types of processing of your personal data by or on behalf of Introo. If you object, we will immediately stop processing your data pending the settlement of your objection. If your objection is well-founded, we will make copies of the data that we process or have processed available to you and then permanently discontinue the processing.
You furthermore have the right not to be subject to automated individual decision making or profiling. We do not process your data in such a way that this right applies. If you believe that this right does apply, please contact our privacy contact person.
6. Contact details
+32(0)59 80 10 20
6.2 Privacy contact person