NOTICE TO CUSTOMERS REGARDING PRIVACY AND DATA PROTECTION
HIGO SA, with registered office located at 1050 Ixelles, Place du Champ de Mars 2, registered with the crossroards bank of enterprises and legal persons registry of Brussels under number 0764.479.170, acting as data controller, processes and uses personal data relating to its customers/ the users of its platform (hereafter referred to as « Customers »), in accordance with applicable data protection regulations, in particular the European Regulation 2016/679 of 27 April 2016 known as the General Data Protection Regulation (hereafter referred to as the « GDPR »).
This notice regarding privacy and data protection aims to explain why and how HIGO collects personal data relating to its Customers (hereafter referred to as « Customer Data »), how it protects such data and for how long it is stored. This notice is served without prejudice to any specific provisions contained in other documents.
1 Why does HIGO process Customer Data?
HIGO stores and processes Customer Data, electronically or otherwise, for administrative, marketing and customer management purposes, including but not limited to: handling and responding to all communications or to requests or enquiries from Customers (including via the website) or following an initial contact with HIGO; processing information on actual or potential sales of HIGO products and/or services and sending account statements and invoices or receipts to Customers; providing Customers with information letters or other marketing communications; conducting customer surveys or marketing research to improve HIGO products and/or services; and resolving conflicts.
2 What are the legal grounds for the processing of Customer Data?
Customer Data is processed on the basis of one or more of the following legal grounds:
• Concluding and managing the execution of a sales contract or other contract with a Customer, including the invoicing process,
• Compliance with all applicable legal requirements applying to HIGO (for example, regarding tax administration, etc.),
• Furthering the legitimate interests of HIGO and/or a third party that HIGO believes will also benefit the Customers, including but not limited to, direct marketing or data analysis,
• Customer consent (for example, to respond to a customer satisfaction survey). The Customer may withdraw their consent at any time, although such a withdrawal will not affect the legality of the processing that has taken place before the withdrawal of consent.
3 What categories of Customer Data are processed?
Customer Data comprises all personal information related to an identified or identifiable natural person.
For the above-mentioned purposes, the processing of personal data may include the following categories:
• Personal identification data, such as name and address, and function,
• Electronic identification data, such as email address and telephone number,
-• Data relating to payment means communicated by the Customer,
• Personal details, such as date of birth, language, nationality and gender,
• Consumer behaviours (order volumes, sales history, etc.),
• Event participation (including family members),
• Survey data.
4 From where is the Customer Data collected?
When a Customer contacts HIGO, or registers on the platform or application, the initial data is generally collected from the Customer directly or indirectly following their visit to our website (for example, via cookies). HIGO may also contact a Customer for promotional purposes when the initial data has not been obtained directly from them but from other people who have transmitted the data to HIGO. As part of their relationship with HIGO, the Customer will provide HIGO with additional information (for example, information required for the payment of purchased goods). If the Customer does not provide JHIGO with the information required by law or contract, the Customer will not be able to use the HIGO services or to make its purchases.
HIGO may also receive Customer related information from other customers, suppliers or, more generally, from other people with whom the Customer has exchanged data regarding their relationship with HIGO.
A cookie is a file containing small amounts of information that a website or application can send to your browser, which may then be stored on your computer or mobile device when you visit a website/use an application.
Cookies are widely used to make websites or applications work, or work more efficiently, but also to provide reporting information. For example, they can enable you to navigate between pages efficiently, remembering your preferences, and generally improving the user experience.
6. Who has access to Customer Data?
For the above-mentioned purposes, personal data may be disclosed to, and even processed by:
• The Customers themselves,
• HIGO employees who need to know relevant personal data,
• Individuals and legal entities who are in direct contact with HIGO, such as affiliates,
• Public authorities in accordance with relevant regulations, such as tax authorities,
• Service providers (for example, for website maintenance, assistance with marketing campaigns, payment services providers, etc.) and other professional advisors to HIGO who need to know the information.
7. Is the Customer Data transferred outside of the country of residence/ the European Union?
This data is generally stored in in the European Union or EEA, but we may transfer certain Customer Data in other countries but always in connection with the management of our activities. In the event of the transfer of data outside the European Union, HIGO will have put in place the relevant guarantees in accordance with the GDPR.
8. For how long is the Customer Data stored?
Customer Data is stored no longer than necessary for the above-mentioned purposes.
Data that is transferred relating to customer feedback or enquiries is stored for 1 month after we have responded.
Data that is transferred indirectly by our system is stored for 1 month after the visit to the website.
Data that is transferred relating to product purchases is stored for 12 months.
Other Customer Data is stored when HIGO has a legal responsibility for which the use of Customer Data is appropriate, in accordance with the applicable retention periods and legal requirements for data retention.
9. How is Customer Data protected?
HIGO makes every possible effort to store and protect Customer Data against loss, disclosure or unauthorized access, and puts thereto technique and organisational measures in place.
10. What are the rights of the individual and who can they contact?
Individuals whose personal data is collected and processed as Customer Data have the right to contact HIGO at any time, as long as they have sufficient proof of identity, if they wish to:
• Access, amend or delete their personal data,
• Restrict or oppose the processing of their personal data (for example, for direct marketing purposes),
• Receive the data they have supplied in a structured, currently used format that is readable by machine, and transfer it to another data controller, providing it has been processed with their consent and/or for the execution of a contract,
• Receive additional information on the guarantees in the event of international transfer of data,
• Lodge a complaint with the Belgian Data Protection Authority or other EU data protection authority, if they believe that HIGO has not acted in accordance with applicable data protection regulations.
Should you require further information on these rights, please contact HIGO:
• By email (email@example.com), or
• By post (HIGO SA, att. data protection responsible, Place du Champ de Mars 2, 1050 Brussels)
HIGO may modify this privacy and data protection notice at any time as required, in particular when it needs to align with changes to the regulations or meet new requirements of data protection authorities.
Last updated: 1/07/2021