Privacy policy

1. Introduction

UniWeb bvba, with registered office at ‘s Herenweg 16, 1860 Meise and registered under number 0472.383.367 (hereinafter " UniWeb", or “we”), considers the protection of personal privacy to be important. UniWeb wishes to inform its customers and web users as much as possible about its services, while respecting their personal data and allowing them control over what happens to their personal data. UniWeb wants to manage and use its customers’ personal data safely, respectfully and with due diligence for the purposes of services provision and managing the relationship with its customers. Below, you will find information about what personal data UniWeb collects, why, how long for and how you can control what happens to your personal data.

UniWeb invites its customers to take the time to thoroughly review this Privacy Policy, together with the General Terms and Conditions of UniWeb and any other conditions that may apply to its products and services.

2. Applicability

This Privacy Policy applies to all our customers and to all visitors to the UniWeb website(s) (hereafter referred to as “you” or “customer”). In the event customers have entered into a contract with UniWeb, containing deviating data processing terms and conditions, such deviating terms shall govern with respect to any personal data processing by UniWeb pursuant to such contract.

The European General Data Protection Regulation 2016/679 of 27 April 2016 ("General Data Protection Regulation"), the law of 8 December 1992 ("Privacy Act"), the law of 13 June 2005 ("Electronic Communications Act") and the accompanying implementing decrees, each of the foregoing as amended from time to time, regulate the protection of your personal data where applicable. For more information about the afore listed, UniWeb refers to the website of the Belgian Commission for the Protection of Privacy [https://www.privacycommission.be/en].

We want you to feel confident about using the UniWeb websites and services, and we are committed to protecting the personal data we collect. We comply with applicable data protection legislation in processing the personal data submitted to us or otherwise obtained as set forth in this Privacy Policy. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security or that it will not be intercepted, accessed, used or disclosed by unauthorized persons. You acknowledge and agree that we cannot fully eliminate risks in this respect.

3. Processing of personal data and responsibilities

When used in this Privacy Policy, the terms "personal data", “data subjects”, “data processor” and “data controller” shall have the meaning ascribed to such terms in the applicable data protection legislation.

The personal data that UniWeb collects and processes primarily concerns the data that customers enter themselves via the various pages of our website(s) and that UniWeb obtains through your use of our website(s) and/or our products and/or services.

UniWeb acts as the data controller when processing the personal data of its customers for the purposes as described in this Privacy Policy, except in the case of the processing of personal data in the performance of services pursuant to a customer contract, in which case UniWeb shall act as data processor and the customer shall be the data controller.

This does not detract from the fact that the customer has a number of obligations in connection with the processing of personal data that allows the customer to use UniWeb's products and services. In this capacity, the customer must always obtain, where necessary, the legally required authorisations from the end users/data subjects for the processing of their personal data by UniWeb insofar as necessary within the framework of UniWeb's products and services, and the customer shall ensure that it is entitled and has obtained all necessary authorisations to transfer any personal data to UniWeb/provide UniWeb with access to such personal data so that UniWeb may lawfully process such personal data hereunder on the customer’s behalf, which may include UniWeb processing the relevant personal data outside the country where the customer and the data subjects are located in order for UniWeb to provide the agreed services and perform its other agreed obligations. UniWeb cannot be held responsible or liable towards the customer, including in respect of third-party (including data subjects’) claims made against the customer, based on UniWeb’s processing of incorrect personal data or third-party data which the customer submitted/made available to UniWeb without having obtained the required third-party consent. The customer shall promptly notify UniWeb upon becoming aware that any of the undertakings set out herein are not or no longer correct. The customer will be liable for and indemnify UniWeb against all losses, costs (including legal costs and attorneys’ fees), damages, liabilities and penalties suffered and incurred by UniWeb, including as a result of any third-party (including any data subject) claim, as a result of the customer’s breach of any of the undertakings set out herein.

4. Purposes

UniWeb processes personal data for various purposes, whereby the only personal data processed is that which is necessary to achieve the intended purpose.

Thus, we process personal data:

• When we have received permission to do so;
• In the context of the preparation or performance of our contract with a customer;
• To comply with the legal or regulatory requirements to which we are subject; and
• When UniWeb has a justified interest in this, such as, for example, as the case may be, fraud prevention, internal administration management or monitoring of appropriate network and information security, in which case we always strive for a balance between that interest and respecting the privacy of the party concerned.

Insofar as required, UniWeb collects personal data for the following concrete objectives:

To process an application for our products and services.

If you visit our website to collect and/or request information about our products and services, or if you sign up for UniWeb's newsletter, then UniWeb needs your address details. All information that UniWeb receives about you during this pre-contractual phase will only be used by UniWeb to provide you with the requested information, in the requested manner. In addition, if you ultimately decide to become a customer of UniWeb, UniWeb will ask you for a number of personal details, such as name, address, telephone number, e-mail address and customer number, and UniWeb will also assign certain data to you, such as login details.

To adequately provide the service and to inform about usage options.

UniWeb uses personal data for setting up, maintaining and supporting contracted products and services, and for administrative purposes.

To provide information about (new) products and services from UniWeb.

UniWeb may use personal data to offer (in writing, by telephone or electronically) new products, services or special promotions that UniWeb believes may be of interest to you. Of course, you can opt out of this type of message (see further).

To track performance.

UniWeb may use personal data and consumer profiles to evaluate its products and services. This includes, among other things: requesting feedback on services (for example, via market research), data obtained during answers to customer questions, fraud detection and quality assurance.

To comply with legal obligations or exercise its legal rights.

In certain instances, UniWeb is legally obliged to keep certain personal data on file and/or communicate them to government agencies, for example, in the context of general tax and accounting obligations. In the context of a police or judicial investigation, in response to subpoenas, court orders or other legal, regulatory or judiciary process, UniWeb can be obligated to communicate certain data to the public authorities. UniWeb may also process personal data to establish or exercise its legal rights, to defend against legal claims, to protect and defend the rights, property or safety of UniWeb, its customer or third parties, or where it believes this to be necessary to investigate, prevent or take action regarding illegal or suspected illegal activities, or as otherwise required by law or binding order.

To keep track of studies, tests and statistics, including for trend analysis.

UniWeb may use anonymous, aggregated data to, for example, report internally and externally on the use of its services. The data used for this cannot be traced back to a specific individual. The information that UniWeb derives from these analyses is used to evaluate the current products and services portfolio and UniWeb's processes, and to adapt them to new developments.

5. Security

UniWeb strives at all times to protect personal data and privacy, both in its physical offices and on the UniWeb network. UniWeb ensures appropriate organisational and technical measures (considering the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risk of varying likelihood and severity for the right and freedoms of natural persons) to secure personal data.

UniWeb's personnel is trained to deal with personal data correctly. In the case of privacy-sensitive projects, an assessment is also made with regard to security and the protection of personal data. UniWeb's information security policy, requirements and management standards are in fact fully modelled on the international ISO 27001 standard, for which UniWeb has been certified since 2014. UniWeb also employs specialised personnel who are responsible for the security of the network, infrastructure and information systems. In addition, UniWeb uses a variety of technical measures to protect personal data, such as password protection, hard disk encryption software, firewalls, antivirus software, intrusion and anomaly detection system and access control systems for its personnel.

If a data breach should occur with adverse consequences for personal data, the customer is personally notified under the conditions provided for by law.

The number of UniWeb personnel members who have access to personal data is limited and they are carefully selected. These personnel members are granted access to personal data insofar as they need this information to properly perform their duties towards UniWeb.

The existence and content of the personal communication that takes place via the UniWeb network (for example: email traffic, hosting...) is protected by the provisions for telecommunications secrecy. This means that UniWeb and its personnel may not obtain any knowledge of the existence or content of such communication, outside of the exceptions enumerated by applicable law.

UniWeb's websites sometimes mention links to third-party sites (e.g. social media, organisers of events sponsored by UniWeb) whose terms of use do not fall within the scope of this Privacy Policy and are provided for your reference and convenience only. UniWeb does not control such websites and is not responsible for, nor does UniWeb make any representations or warranties as regards their contents or the privacy or other practices of such websites. Please note that we do not have access to nor control cookies or other technologies these third parties may use to collect information about you, and the data processing activities of these third parties are not covered by this Privacy Policy. UniWeb has not reviewed these third party websites and therefore cannot and does not make any representation regarding the quality or reliability of such sites and their content. Our inclusion of hyperlinks to such websites does not imply any endorsement of such website or the material, advertisements or links contained on such websites, or any association with their operators. UniWeb disclaims all liability in this respect, to the maximum extent permitted by law. We recommend that you examine the privacy statements posted on those third party websites to understand their procedures for collecting, using and disclosing personal data.

6. Provision of data to third parties

UniWeb does not sell personal data to third parties nor is data passed on to third parties unless:

To our legal successors and other companies within the UniWeb group.

UniWeb may pass on personal data to any legal successors and affiliated companies for the same purposes as those stated in this Privacy Policy, or in connection with a corporate transaction (such as a divestiture, merger, consolidation, or asset sale), or in the unlikely event of bankruptcy.

This is necessary for our service provision.

For some aspects of our products and services, we cooperate with third parties or engage sub-contractors. These third parties are always selected very carefully and there is always an agreement between UniWeb and these third parties in accordance with the applicable legislation. Thus, UniWeb uses, among others, service providers for domain name registrations, e-mail service providers, SSL certificate providers, providers of cloud connect services, providers of sitebuilder services, providers of online desktop services and providers of online fax services. For more information about our sub-contractors, you can always contact us via the contact details under point 10.

If you purchase from UniWeb a (online) product or service from a manufacturer or supplier based outside the European Union, it is possible that additional measures are necessary to ensure the security of personal data, such as a certification under the EU-US Privacy Shield and/or a processor agreement with model clauses drawn up by the European Commission.

When a person refuses to have his details passed on, it is possible that some services can no longer be offered/provided by UniWeb, without any responsibility on UniWeb.

There is a legal obligation.

For this, UniWeb refers you to point 4 of this Privacy Policy.

There is a legitimate interest for UniWeb or the third party concerned.

This only applies where the interests or fundamental rights and freedoms of the data subject concerned do not override that interest.

UniWeb has received permission from the party concerned.

If UniWeb should provide personal data to third parties by other means, this will be done with an explicit communication, in which an explanation about the third party is given, together with the purposes of the transfer and processing. Where required by law, UniWeb will obtain the express and unambiguous consent from the customer or data subject.

In regard to the international transfer of personal data, UniWeb will protect all personal data in accordance with the level of protection required by applicable law.

In some cases, UniWeb may use anonymous, aggregated data for commercial purposes or for external reporting. This data can never be traced back to a specific individual.

7. Rights of the data subjects

Data subjects can exercise a number of rights regarding the processing of their personal data by UniWeb, as provided for by applicable legislation.

Data subjects can exercise these rights by using the contact details mentioned under point 10 of this Privacy Policy. UniWeb will aim to respond to such requests within a period of one (1) month from receipt, in accordance with applicable law.

In order to exercise its rights and to prevent any unauthorised disclosure ofr personal data, the data subject must provide us with proof of its identity. We therefore ask that the data subject includes a copy of the front of its identity card with its application. The application can be sent using the details mentioned under point 10 of this Privacy Policy.

Right of objection

Data subjects have the right to object to the processing of their personal data based on the legitimate interest of UniWeb on grounds relating to their particular situation. In the event of such objection, UniWeb will cease processing such personal data unless UniWeb demonstrates compelling legitimate grounds for the processing that override the data subject’s interests, rights and freedoms, such as the establishment, exercise or defence of legal claims.

Right of access and transparency

Data subjects have the right to access the personal data (free of charge) that relate to them and to obtain a copy of these personal data. They can also ask us:

• Whether we process personal data about them;

• For what purposes we process them;

• Which categories of personal data we process;

• With which categories of third parties we share their personal data;

• What the origin of the processed data is;

• What their rights are.

Right to rectification and erasure

Data subjects are entitled to have incomplete, incorrect, inappropriate or outdated personal data corrected or supplemented. For this purpose, our customer service can be contacted from a registered address or a data subject’s personal data can be amended via the online portal "my.UniWeb.com". In order to keep your data up to date, we request that you notify us of any changes, such as if you move locations.

Data subjects also have the right, without undue delay, to have their personal data deleted if and insofar as:

1. 1. the personal data are no longer required for the purposes;
2. 2. there is no longer a legal ground for the processing;
3. 3. they object to the processing, and there are no overriding legitimate grounds for the processing by UniWeb;
4. 4. the personal data have been unlawfully processed; or
5. 5. the personal data must be erased for compliance with a legal obligation that applies to UniWeb.

UniWeb will send the data subject a confirmation message after complying with a request for erasure. In the case of partial erasure, UniWeb will also explain why the request could not be fully met.

Depending on the nature of the request, it is possible that some services can no longer be offered or provided by UniWeb following such erasure. Also, UniWeb may not be able to erase all requested data as this might e.g. prevent it from complying with its legal obligations (e.g. in order to meet accounting and fiscal obligations).

Right to restriction of processing

As a data subject, you also have the right to obtain from UniWeb the restriction of the processing of your personal data, if and to the extent one of the following applies:

1. 1. you contest the accuracy of the personal data, in which case the processing is limited during a period enabling UniWeb to verify their accuracy;
2. 2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
3. 3. UniWeb no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims;
4. 4. you have objected to processing, pending the verification whether the legitimate grounds of UniWeb override those of the data subject.

In case of restriction of processing, the data may still be stored by UniWeb. Any other processing will be subject to the data subject’s consent unless required for the establishment, exercise or defence of legal claims or for the protection of the right of another natural or legal person or for reasons of important public interest.

Right to data portability

For personal data that are (i) provided to UniWeb by the data subject, and (ii) processed by UniWeb by automated means in the context of the performance of an agreement between UniWeb and the data subject or based on the data subject’s explicit consent, data subjects have the right to obtain these data from UniWeb in a structured, commonly used and machine-readable format, and to request UniWeb to transmit those data directly to another data controller, to the extent technically feasible, if the data subject wishes to switch service providers.

8. Retention periods

UniWeb stores and processes your personal data for as long as is necessary to achieve the objectives described in point 4.

The retention period can therefore differ depending on the purpose. These archived data are, of course, only accessible to a limited extent.

9. Cookies

Apart from the information that you voluntarily share with UniWeb when using our websites, UniWeb also uses cookies and other technological means to collect data. ‘Cookies’ may be saved to the hard drive of your computer to collect information so as to be able to better suit the UniWeb websites to your needs. "Cookies" refer to small pieces of information or mini-files that the UniWeb website sends to your computer's hard drive while you are viewing the website. These ‘cookies’ are not used to track your behaviour in respect of other websites. Your internet browser allows you to disable the use of cookies, to receive a warning prior to the installation of a cookie or to remove the cookies from your hard disk afterwards. Consult your browser’s help function for more information. If you choose to disable cookies, some areas of the UniWeb website may not work properly. The information collected through means of cookies will be used anonymously such that it cannot be linked to a specific person.

For more information about which cookies we use, why and how, and what your choices are, please click here for our cookie policy.

10. Contact details

Questions or requests regarding your personal data/personal data submitted by you, or this Privacy Policy can be addressed at any time to:

UniWeb bvba Attn: Data Protection Officer ‘s Herenweg 16, 1860 Meise, Belgium Tel.: +32 2 306 00 00 E-mail: dpo@uniweb.eu

11. Changes

UniWeb reserves the right to amend this Privacy Policy at any time. Changes will always be published on this website. We recommend that you regularly consult this Privacy Policy so that you are aware of these changes.