What, why and how long we process data
- When you use the Website and/or Services, we process personal data relating to you. Such personal data include:
- When: Use of services, contacting us, use of website
- Which ones: Identification data
- Why (purpose): Processing of application
- Legal basis: Permission, legal obligation, vital interests, execution of task in the public interest, legitimate interest.
- To provide you with the information on products and services you request in a personalised and efficient manner, whether through the Website, email, telephone or social media channels.
- To process your personal data so that we can provide the Services.
- For direct marketing purposes, i.e. to provide you with targeted communications, promotions, offers and other advertisements from us or our selected partners. For this, we will ask for your prior consent.
- To perform statistical analysis to improve our Website and/or Services, or to develop new products or services.
- To provide to a financial institution or payment service provider, to enable your financial institution and the payment service provider to fulfil their legal obligations.
- To transfer to the police or judicial authorities as evidence of possible crimes or if there is reasonable suspicion of an unlawful act or crime committed by you through your registration with or use of the Website or the Services.
- In the context of a possible merger with, acquisition of/by or demerger by a third party, even if that third party is located outside the EEA.
- If and when your registration on the Website or use of the Website or Services may be considered (a) a violation of the terms and conditions or the intellectual property rights or any other right of a third party, (b) a threat to the security or integrity of the Services, (c) a threat to the Website or Services or our or our subcontractors' systems from viruses, Trojan horses, spyware, malware, or any other form of malicious code, or (d) in any way illegal or unlawful, discriminatory or offensive, we may process your data in the interests of ourselves, our partners or third parties.
Who we share data with
- We will not transmit your personal data in an identifiable manner to third parties if this is not required to provide the Services, without your express consent.
- We may use third party processors to provide you with the Website and/or Services. We ensure that third party processors may only process your personal data on our behalf, and upon written instructions from us. We guarantee that all third party processors are selected with due care to ensure the security and integrity of your personal data.
- We may transfer anonymised and/or aggregated data to other organisations that can use this data to improve products and services and to organise the marketing, presentation and sale of products and services in a tailored way.
Where we process data
- We and our third party processors will only process your identifiable personal data in the EEA.
- We may transfer your anonymised and/or aggregated data to organisations outside the EEA. If such a transfer occurs, we will ensure that appropriate safeguards are in place to guarantee the security and integrity of your personal data, and that any rights you may have with respect to personal data under applicable mandatory law are guaranteed.
- If there is a transfer of your personal data and/or anonymised and/or aggregated data, the following legal protection mechanism will be implemented:
- Google: United States: Model clauses
- Postmark: United States: Model clauses
- Campaign Monitor: United States: Model clauses
- Mailchimp: United States: Model clauses
- Hubspot: United States: Model clauses
How we process data
- We will take appropriate technical and organisational measures to keep your personal data secure against unauthorised access or theft and against accidental loss, manipulation or destruction. Access by our staff or staff of our external processors is only possible on a need-to-know basis and is subject to strict confidentiality obligations. You understand, however, that the care for safety and security are only best efforts obligations that can never be guaranteed.
- You have the right to request access to all personal data that we process about you.
- You have the right to request that any personal data about you that is incorrect or inaccurate be corrected free of charge. If you have registered on our Website, you can correct much of this data yourself through your profile. If such a request is made, you must also include with it evidence that the personal data for which correction is requested is incorrect.
- You have the right to withdraw your previously given consent to the processing of your personal data. You can withdraw your consent at any time by sending an e-mail to hello[at]mmmonk.be
- In lieu of deletion, you may also request that we restrict the processing of your personal data if (a) you dispute the accuracy of that data, (b) the processing is unlawful or (c) the data is no longer necessary for the stated purposes, but you need it to defend yourself in legal proceedings.
- You have the right to oppose the processing of personal data if you can demonstrate that there are serious and legitimate reasons relating to special circumstances that justify such an opposition. However, if the intended processing is classified as direct marketing, you have the right to object to such processing free of charge and without justification.
- If your personal data is processed on the basis of consent or on the basis of a contract and the processing is carried out by automated means, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and, if technically possible, you have the right to transfer this data directly to another service provider. The technical feasibility of this is exclusively assessed by us.
- If you wish to make a request to exercise one or more of the above rights, please send an e-mail to hello[at]mmmonk.be. This request must clearly state which right you wish to exercise and why. It must also be dated and signed, and be accompanied by a digitally scanned copy of your valid identity card proving your identity. We will immediately inform you of the receipt of such a request. If the request proves to be well-founded, we will comply with it as soon as reasonably possible and no later than thirty (30) days after receipt of the request.
- If, in exercising your rights or processing your access requests, we find that they are manifestly made with the intention of causing inconvenience or damage to us, we reserve the right not to process them. If you contact us to exercise your rights, we will respond within one month. Exceptionally, this may take longer, but in that case we will inform you within one month as to why this will take longer. Whether or not you can exercise your rights depends on the processing and the legal basis for processing.
- If you have a complaint about the processing of your personal data by us, you can always contact us via the e-mail address hello[at]mmmonk.be. If you are still dissatisfied with our response, you are free to lodge a complaint with the competent data protection authority. For more information, please visit https://www.gegevensbeschermingsautoriteit.be/burger.