This privacy declaration governs your use of Vizito, a creation of Modulage BVBA.
We understand that your trust in us is Vizito's most important asset (hereinafter referred to as “Vizito”, "we" or "us"). As such, your privacy is essential for us. This privacy declaration (hereinafter referred to as "Privacy Declaration") is applicable, inter alia, to (i) our websites http://www.vizito.be and https://backoffice.vizito.be (hereinafter referred to as the "Website"), mobile applications and (ii) all (commercial) relations between VIZITO and its customers, prospects and business partners.
VIZITO wishes to emphasize that it always attempts to act in accordance with (i) the Belgian Privacy Law of 8 December 1992 on privacy protection in relation to the processing of personal data and/or (ii) the EU Regulation of 2016 concerning the protection of individuals with regards to the processing of personal data, regarding the free movement of such data and repealing Directive 95/46/EC. This Privacy Declaration includes information about the personal data collected by VIZITO, as well as the manner in which VIZITO uses and processes this personal data.
Visiting the Website, creating an account, and creating a trial account for the purpose of using the VIZITO trial implies your express approval (through disclosure of your personal information or opt-in) of the Privacy Declaration and consequently how we collect, use and process your personal data.
Types of personal data
VIZITO can collect and process the following personal data:
- First name
- Last name
- Email address
- Company name
- Company address
- Company VAT details
- Telephone number (landline/mobile phone)
- Information concerning your use of the Website, the Vizito platform (hereinafter referred to as the "Platform") and/or the Vizito mobile application (hereinafter referred to as the "App") (including, but not limited to, IP address, browser type, the web pages you visited when you obtained access to the Website)
- Communication preference
- Incoming and outgoing correspondence data concerning VIZITO
VIZITO also automatically collects anonymous information regarding your use of the Website and VIZITO services via the Platform and/or the App. As such, VIZITO shall, for example, automatically log which sections of the Website, Platform and/or App you visit, which web browser you use, which website you visited when you obtained access to the Website, and what your IP address is. We cannot identify you through these data, but it allows VIZITO to draw up statistics regarding the use of the Website, the Platform and/or the App, and to send more targeted communication.
Methods of personal data collection
These personal data are collected in the context of:
- Creating a (trial) account
- Collaboration with VIZITO
- Visiting the Website
- Your use of VIZITO services via the Platform and/or the App, whether or not using a mobile device
- Subscribing to the newsletter (via the Website or not)
- The verification of your identity (e.g. when you solicit the VIZITO customer service or reset your password)
- Incoming and outgoing correspondence with VIZITO
- Communicating ideas to VIZITO with regards to improving the services, the Platform and/or the App
- Requesting a quote
- The exchange of business cards
The personal data collected by VIZITO are therefore expressly and voluntarily provided by you.
Use of personal data
VIZITO can use your personal data for:
- Creating a (trial) account and confirming it
- Implementing an agreement with VIZITO
- Providing services via the Platform and/or the App
- Providing support
- Sending targeted marketing and advertising, updates and promotional offers based on your communication preferences
- Issuing invoices and collecting payment
- Optimising the quality, management and content of the Website, the Platform and/or the App
- Statistical purposes
- To draw up a quote
- To conduct customer satisfaction studies, surveys and other market research
Data retention of personal data
We will retain personal data for as long as you use the Application and for a reasonable time thereafter. We will retain automatically collected information for up to 24 months and thereafter may store it in aggregate. If you would like to have your personal information remove, please go to section ‘Your privacy rights’. You are able to configure a custom data retention policy in the application which allows you to anonimize data after a chosen period.
Disclosure of personal data to third parties
VIZITO shall not disclose your personal data to third parties, unless it is necessary in the context of providing VIZITO services and optimising them (including but not limited to maintenance works, payment processing and database management). If it is necessary that VIZITO discloses your personal data to third parties in this context, the third party is required to use your personal data in accordance with the provisions of this Privacy Declaration.
Notwithstanding the foregoing, it is however possible that VIZITO discloses your personal data:
- To the competent authorities (i) if VIZITO is obliged to do so under the law or under legal or future legal proceedings and (ii) to safeguard and defend our rights;
- If VIZITO, or the majority of its assets, are taken over by a third party, in which case your personal data – which VIZITO has collected – shall be one of the transferred assets;
- For the purpose of identifying similar profiles to your own, except if you have expressly opted out in this respect.
In all other cases, VIZITO will not sell, hire out or pass on your personal data to third parties, except when it (i) has obtained your permission to this end and (ii) has completed a data processing agreement with the third party in question, which contains the necessary guarantees regarding confidentiality and privacy compliance of your personal data.
Storage of personal data
Unless a longer storage period is required or justified (i) by the law or (ii) through compliance with another legal obligation, VIZITO shall only store your personal data for the period necessary to achieve and fulfil the purpose in question, as specified in the Privacy Declaration under 'Use of personal data'.
Your data in backup archives:
- Primary instances of your data in production systems will be erased with all due speed.
- Personal data may reside in backup archives for a longer period of time because it is impractical to isolate individual personal data within the archive.
- The personal data will not be restored back to production systems (except in rare instances like the need to recover from a natural disaster or serious security breach). In such cases, personal data may be restored from backups, but we will take the necessary steps to honor the initial request and erase the primary instance of the data again.
- Backup archives containing personal data will be protected with strong encryption.
- Retention rules have been put in place so that personal data in backup archives is retained for as short a time as necessary before being automatically deleted.
- Records of all data subject requests regarding their personal data will be retained, as will audit logs that record all activities on backup archives containing personal data.
This means that you can be confident that your personal data has been backed up in accordance with GDPR principles of security by design and by default, as well as data minimization, and that your rights, including the right to be forgotten, have been honored.
Your privacy rights
- Right of access to personal data which VIZITO possibly has concerning you;
- Right to rectification, completion or update of your personal data;
- Right to delete your personal data ('right to be forgotten');
- Right to limit the processing of your personal data;
- Right to transferability of your personal data;
- Right to object to/oppose the processing of your personal data;
In principle, you can exercise these rights free of charge via the above-mentioned email address. In addition, you can always, via your personal account, update, modify and/or verify your personal data which you were required to submit when creating your (trial) account.
When a customer requests that he or she be forgotten, we will delete their personal from our production systems within 30 days if there are no legal grounds for further processing.
If you no longer wish to receive newsletters or information about our services, you can unsubscribe at any time by clicking the "unsubscribe" button underneath each of VIZITO's emails.
Security of personal data
VIZITO undertakes to take reasonable, physical, technological and organisational precautions in order to avoid (i) unauthorised access to your personal information, and (ii) loss, abuse or alteration of your personal data.
VIZITO shall store all personal data which it has collected in the cloud with data centres within the EU (as of current writing in Frankfurt, Germany and Amsterdam, The Netherlands).
Notwithstanding VIZITO's security policy, the checks it carries out and the actions it proposes in this context, an infallible level of security cannot be guaranteed. Since no method of transmission or forwarding over the internet, or any method of electronic storage is 100% secure, VIZITO is, in this context, not in a position to guarantee absolute security.
Finally, the security of your (trial) account will also partly depend on the confidentiality of your password in obtaining access to the Platform and/or the App. VIZITO will never ask for your password, meaning that you will never be required to communicate it personally. If you have nonetheless communicated your password to a third party – for example because this third party has indicated that it wishes to offer additional services - this third party shall have access to your (trial) account and your personal data via your password. In such cases, you are liable for the transactions which occur as a result of the use made of your (trial) account. VIZITO therefore strongly advises you, if you observe that someone has accessed your (trial) account, to immediately change your password and contact us.
Cross-border processing of personal data
Any transfer of personal data outside the European Economic Area (EEA) to a recipient whose domicile or registered office is in a country which does not fall under the adequacy decision enacted by the European Commission, shall be governed by the provisions of a data transfer agreement, which shall contain (i) the standard contractual clauses, as referred to in the 'European Commission decision of 5 February 2010 (Decision 2010/87/EC)', or (ii) any other mechanism pursuant to privacy legislation, or any other regulations pertaining to the processing of personal data.
Update Privacy Declaration
VIZITO is entitled to update this Privacy Declaration by posting a new version on the Website. As such, it is strongly recommended to regularly consult the Website and the page explaining the Privacy Declaration, to make sure that you are aware of any changes.
If you have any complaints about the way VIZITO collects, uses and/or processes your personal data, you can lodge a complaint with the Privacy Commission.
If you have questions about this Privacy Declaration, or the manner in which VIZITO collects, uses or processes your personal data, please contact us:
- Via post: Modulage BVBA, Herenstraat 27/1, 3590 Diepenbeek (Belgium)