Website Privacy Statement

Dear visitor,

Data protection is a question of trust. Your data are in good hands at Heylen Warehouses. We process your data in compliance with applicable legislation and the EU data protection regulation (better known as the GDPR) that came into force across the whole of Europe on 25 May 2018. Under no circumstances will we sell your data to third parties. Full details of how processing your data takes place at Heylen Warehouses are given below.

Should you have any remarks or questions concerning data protection you can contact us by telephone on014 75 23 65 (during office hours) or by email at info@heylenwarehouses.com.

We will then be only pleased to assist you.

1. Our contact details and department responsible for data protection

This information on data protection is applicable to data processed by Heylen Warehouses, with registered office at Diamantstraat 8/214, 2200 Herentals, Belgium, and to its affiliated and allied companies (hereafter referred to as “Heylen Warehouses”).

You can contact the department responsible for data protection at Heylen Warehouses at this address (for the attention of the Data Protection Service), by telephone on014 75 23 65 (during office hours) or by email (info@heylenwarehouses.com).

2. Purposes of data processing and the legal basis

2.1 Access to our website

When you visit our website the browser on your appliance automatically sends information to our website’s server that is temporarily saved in a so-called log file. We have no influence on this.

The following information is also saved without your involvement and retained until it is automatically deleted:

• the IP address of the requesting appliance that has access to the internet,
• the date and time of access,
• the name and URL of the requested file,
• the website/application from which access is made (referrer URL),
• the browser that you use, and if necessary the operating system on your computer with internet access and the name of your access provider.

To the extent the GDPR is applicable, the processing of the IP address and other data takes place on the basis of article 6, paragraph 1, f) of the GDPR. Our legitimate interest results from the purposes of data collection as summarised below. Your identity cannot be directly derived from the data collected and we will also not attempt to do this.

The IP address of your appliance and the other abovementioned data are used by us for the following purposes:

• to ensure a fast connection,
• to ensure easy use of our website/application,
• evaluation of the security and stability of the system.

The data are saved for a period of 52 days before being automatically deleted. We also use so-called cookies and tracking procedures for our website. The exact procedures and the data used for this are further explained in point 2.3.

2.2 Data processing for the contact form

If you mention your email address on our contact form, we will contact you in response to your request. You can withdraw permission for use of your email address at any time without charge. To do this you can send a short message to (info@heylenwarehouses.com.).

Your personal data will be deleted one year after the end of the last time of contact.

2.3. Online contact and website optimisation

2.3.1 Cookies – General information

We use so-called cookies on our website. These are small files that your browser automatically creates and that are saved on your appliance (laptop, tablet, smartphone, etc.) when you visit our site. If these cookies involve personal data, they are used based on article 6, paragraph 1 f) of the GDPR. Our legitimate interest here lies in the optimisation of our website. Cookies do not damage your appliance, neither do they contain viruses, Trojan horses or other malware. Information concerning the appliance used is saved in the cookie. This means that we do not directly obtain knowledge of your identity. You then use our website as anonymously as possible.

Cookies are used to make the use of our website better and more pleasant for you. We use so-called session cookies to recognise that you have visited our website. These cookie are automatically deleted after you have left our site. We also use temporary cookies for more user-friendliness. These are saved for a certain period on your appliance. When you visit our site again to use our services, this cookie will automatically recognise that you have already visited our site and which items and settings you made so you do not have to enter them again.

On the other hand we use cookies to statistically monitor and evaluate use of our website to optimise the site. When you visit our website this cookie enables us to automatically recognise that you have already visited the site before. These cookies are automatically deleted after a certain period.

Most browsers accept cookies automatically. You can configure your browser so no cookies are saved on your computer or so a message always appears before a new cookie is created. Fully switching off cookies will, however, mean that you will not be able to use all the functions on our website.

The period cookies are saved for differs and depend on their intended use.

2.3.2 Google Analytics

We use Google Analytics, a web analysis service from Google Inc. “(“Google”), for the necessary targeted design and continuous optimisation of our web pages. In this context pseudonymised user profiles are created and cookies are used. The information generated by the cookie about your use of this website such

• Browser type/version,
• Operating system used
• Referrer URL (the page visited previously),
• Host name of the access computer (IP address),
• Server request time,

and any further information is sent to a Google server in the United States and processed by order of us. The information is used to evaluate use of the Heylen Warehouses website, to create reports on website activity and offer other services involving website and internet use for market research and for the necessary targeted design of these internet pages.

This information can also be passed to third parties if legally required or if third parties process these data on behalf of the company. Your IP address is under no circumstances associated with other data from Google. IP addresses are made anonymous so identification is not possible (so-called IP masking).

You can refuse the use of cookies with the settings in your browser. We would however inform you that you then may not be able to fully use all functions of this website. You can also prevent the collection of the data generated by the cookie in connection with your use of the website (including your IP address) and the processing of this data by Google by downloading and installing this browser add-on. As an alternative to the browser add-on, particularly for browsers on mobile appliances, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is installed to prevent your data from being collected during your visits to this website in the future. The opt-out cookie only works in this browser and only for our website and is saved on your appliance. If you delete the cookies in this browser you will have to set the opt-out cookie again. You can find more information about data protection and Google Analytics on the Google website.

2.3.3. WordPress

2.3.4 Use of Google Invisible reCAPTCHA

For a number of our functions this website uses “Invisible reCAPTCHA”, a service from Google Inc. (“Google”). This ensures that the registration of your data actually takes place through a person, and misuse by machine-induced use is excluded to the extent possible. To do this Google processes various data including the IP address of the appliance with which registration takes place, and other information that demonstrates human involvement. Processing takes place both in Europe and in the US (sending to the US happens based on the so-called Privacy Shield). Google does not add the IP address it receives under “Invisible reCAPTCHA” to data from other Google services. Google’s privacy policy is applicable and available at https://www.google.com/intl/de/policies/privacy/.

The data processing described above takes place based on a legitimate interest in the context of article 6, paragraph 1 f) of the GDPR.

The protection of our information technology systems and in particular the protection of the functionality of our website must be regarded as a legitimate interest.

The provisions in this privacy statement with regard to the general right of objection obviously remain applicable.

3. Recipients outside the EU

With the exception of processing described under 2.3.2. and 2.3.4., we do not pass your data to recipients outside the European Economic Area. Processing referred to under 2.3.2 and 2.3.4. involves forwarding personal data to the servers of Google Inc. located in US. The data are forwarded in compliance with the principles of the so-called EU-US Privacy Shield.

4. Always under your control! Your data protection rights

Besides the right to withdraw your permission, in certain cases you also have the following rights:

• Right to view your personal data processed by us (art. 15 of the GDPR): among other things you can receive information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data are or will be provided, the planned period of saving and the origin of your data if it was not directly collected from you,
• the right to correct incorrect or incomplete data (article 16 of the GDPR)
• The right to delete your personal data (article 17 of the GDPR) unless for example there is a legal or contractual retention period or other legal obligations or rights where further saving is required, or if your data must still be processed within the context of an agreement,
• The right to limit the processing of your data (article 18 of the GDPR) if you dispute the correctness of these data, if the processing has been wrongful but you do not wish to delete the data; the data controller no longer needs the data for processing purposes, but does to start, exercise or defend legal actions, or if in accordance with Article 21 of the GDPR you have objected to the processing,
• The right to transfer data in accordance with article 20 of the GDPR, i.e. the right to have data provided by you transferred in a usual, machine-readable format, or to request transfer to another appointed person.
• Right to submit an objection to the supervisory authority. You can normally approach the supervisory body for your usual place of residence or our head office.

On the basis of article 21, paragraph 1 of the GDPR you can also object to the processing of data for reasons related to the special situation of the party concerned or for direct marketing purposes.

This general right to object is applicable to all processing purposes described in this privacy statement based on article 6, paragraph 1, f) of the GDPR.

According to the GDPR we are only bound to act upon such a general objection if you submit reasons of great importance (for example a possible danger to life or health).

5. Data security

All personal data transferred by you are sent by means of the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is for example also used in internet banking. You can recognise a secure SSL connection by the extra “s” in the http (i.e. https://…) in the address bar in your browser or by the padlock symbol in your browser.

Should you have any complaints we will always be happy to deal with them with the necessary care.

Should you not be in agreement with our procedure, you can always get in touch with our supervisory authority:

Privacy Commission/Data Protection Authority,

Drukpersstraat 35

B-1000 Brussels

T+32 (0)2 274 48 00

Email: commission@privacycommission.be

Website: http://www.privacycommission.be

Do you still have any questions? Just get in touch with us. We will be happy to assist in word and deed!

Version/status: 17.05.2018