Privacy policy
PRIVACY POLICY – GPC EUROPE BVBA
Grid Parity Concepts Europe BVBA, with registered office at 8700 Tielt, Careelstraat 2, registered in the Crossroads Bank for Enterprises, under the number 0877.177.730, RPR Ghent department Bruges (hereafter, "we", "us" or "GPC Europe"), considers the protection of privacy extremely important. We therefore take all appropriate measures to protect your privacy in accordance with applicable laws and regulations, including the Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data on the free movement of such data and repealing Directive 95/46/EC (the 'AVG') .Through this privacy policy, we wish to explain to you as clearly and transparently as possible what personal data we may collect from you, why we want to collect it, how we intend to use it, and how we intend to handle it. We also wish to inform you which privacy rights you have and how you can exercise them.For the purposes of this privacy statement, 'personal data' means any information about an identified or identifiable natural person ('the data subject'). An identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. In other words, this is any information that can be used to identify a person. This includes, for example, your name, date of birth, address, telephone number and e-mail address, but also your IP address.Anonymous data and data on deceased persons or legal entities are not personal data within the meaning of the AVG. There is only anonymous data if the user cannot in any way establish a connection with the person concerned.The term 'processing' is very broad and covers, among other things, the collection, recording, organization, storage, updating, amendment, retrieval, consultation, use, dissemination, combination, archiving and erasure of data.
When do we process what personal data and on what legal basis?
We process your personal data when you:
visit our website;
place an order with us;
conclude/wish to conclude an agreement with us;
contact our customer service;
otherwise interact with us;
subscribes to a newsletter; or
otherwise communicate personal data about yourself to us (e.g. during the use of our website when you fill in a form online).
We hereby process the following personal data in the following cases:
GPC Europe does not process sensitive data such as, among others, data concerning your racial or ethnic origin, political opinions, sexual preferences and health.In principle, we also do not aim to collect personal data from persons under the age of 16. These young people may not transmit personal data to us or provide a consent form without the consent of the person who has parental responsibility.
Why do we process personal data and on what legal basis?
We process personal data for multiple purposes, processing only those personal data that are necessary to achieve the intended purpose.
When processing your personal data, the provisions of the AVG and all other applicable provisions relating to privacy legislation are complied with. Our processing activities are always based on one of the six possible legal grounds, as stated in Art. 6 AVG.
Generally, these are the following legal grounds:
- In the context of the preparation or performance of our contract;
To comply with legal or regulatory provisions to which we are subject;
when we have a legitimate interest to do so, in which case we will always strive to achieve a balance between this interest and respecting the privacy of the data subject; and when we have obtained your consent.
Specifically, your personal data may be processed by GPC Europe for the following purposes, based on the following legal grounds:
How long do we keep the data?
GPC Europe does not keep personal data longer than necessary for the purpose for which it was provided. Please note that numerous (legal) retention periods result in personal data being (required to be) stored. This applies in particular to registration obligations and retention obligations relating to company law or tax law (e.g. Companies Code, Tax Code, Economic Law Code, etc.). To the extent that no retention obligation exists, personal data is routinely deleted after the purpose for which it was collected has been fulfilled.In addition, we may retain personal data if you have granted us permission to do so or if we may need this data in the context of legal proceedings. In the latter case, we need to use certain personal data as evidence. For this purpose, we retain certain personal data in accordance with the statutory limitation period, which may be up to thirty years; however, the usual limitation period in connection with personal legal claims is ten years.
Do we pass on this personal data to third parties?
GPC Europe does not sell or transfer personal data to third parties except:
to our legal successors and other affiliated companies (such as parent, subsidiary and sister companies) for the same purposes as those stated in this privacy policy;
this is necessary for our services (e.g. to suppliers);
in relation to business transfers (in the event of a reorganization, restructuring, merger, sale or other transfer of business assets, we reserve the right to also transfer data, including personal data, provided that the receiving party agrees to process your personal data in accordance with our privacy policy);
there is a legal obligation;
there is a legitimate interest for GPC Europe or the third party involved;
you give us permission to do so.
We never pass on personal data to other parties with whom we have not concluded a processing agreement.
With these parties (processors) we will of course make the necessary agreements to ensure the security of your personal data.
Your personal data can also be shared outside Europe. GPC Europe commits itself to only appoint processors and/or processors outside the European Economic Area that offer sufficient guarantees regarding security and protection of personal data in accordance with the applicable privacy legislation. If a transfer is made to a country outside the EU, for which the European Commission has not determined that the country provides an adequate level of protection, the transfer is always subject to an agreement that meets all the requirements for transfers to third countries, such as the approved standard data protection clauses adopted by the European Commission. You can consult the standard provisions adopted by the European Commission at the following hyperlink: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_nl.
How do we secure your personal data?
We have taken appropriate technical and organizational measures to protect personal data from you against unlawful processing, for example, we have taken the following measures:
- all persons who can take knowledge of your data on behalf of GPC Europe are bound to secrecy;
We use a personal code to log in on all our systems;
We do an access control for the server room and the back-up room;
we pseudonymize and encrypt personal data when appropriate;
we make backups of the personal data in order to be able to restore them in case of physical or technical incidents;
we regularly test and evaluate our measures;
our employees are informed about the importance of protecting personal data.
What are your rights and how can you exercise them?
Exercising your rights
To exercise the above rights, please contact: privacy@gpceurope.com. In order to verify your identity, we ask you to enclose a copy of the front of your identity card.
Controller
Your personal data is processed by GPC Europe who is the data controller ('data controller'). This means that we determine the purpose and means of processing your personal data.
How to contact us?
If after reading our privacy policy, or in a more general sense, you have any questions about it or wish to contact us, you can do so using the contact details below:
GPC Europe BVBA
Careelstraat 2
8700 Tielt
privacy@gpceurope.com
You have the right to complain to the Data Protection Authority, this is the supervisory authority in the field of privacy protection:
Data Protection Authority ('GBA')
Drukpersstraat 35
1000 Brussel
+32 (0)2 274 48 00
contact@apd-gba.be
https://www.gegevensbeschermingsautoriteit.be/
Modification of privacy policy
GPC Europe can change this privacy policy. We invite you to always consult the latest version of this policy on our website. Of course we will inform you of any substantive changes through our website or other common communication channels.