Privacy Policy

Privacy policy concerning the processing of customer and website user personal data

LUXIFER (hereinafter ‘we’, ‘us’ and ‘our’) understands the importance of the privacy of its customers and users of its website visitors and the protection of their personal data. This policy sets out how we handle and process your personal data.

  1. Scope

LUXIFER SRL, with its registered office at 73 Chaussée de Watermael 1160 Auderghem], KBO (Crossroads Bank for Enterprises) number 1010.419.997 manages this website. We act as the data controller when we process our customers’ and website users’ personal data. 

We believe it is important to create and maintain an environment where our customers can be confident that their data will not be misused. We comply with the regulations applicable to data protection such as the Regulation (EU) 2016/679 (also referred to as the General Data Protection Regulation, hereinafter “GDPR”) and the Belgian Data Protection Act. The aforementioned regulations concern the protection of personal data and provide you with rights over the said personal data.

The objective of this policy is to indicate what personal data we collect, how we use your data after you have visited our website and to assure you that we process your data appropriately. 

This privacy policy and the terms and conditions of use apply when you visit our website.  The application of terms and conditions other than those set out herein is explicitly prohibited unless we have provided express permission in writing in advance. In the latter case, this policy applies alongside the specific agreement. The use of this website, the platform and the content contained therein is only permitted subject to compliance with this policy. The use of this website, the platform and the content contained therein is only permitted subject to compliance with the full text of this policy.

  1. What type of personal data do we collect? 

It is not necessary to provide personal data to use most of our website.

We collect and process the following categories of personal data for the purposes stated below:

  • Name, form of address, address;
  • Contact details (email, telephone number);
  • Company;

Additional or optional data are provided by filling out forms on our website or when we contact you (by telephone, email or at trade fairs or events). 

We also collect and process data obtained via our website or the devices you use. The collected data may be:

  • Login details (username and password) for the section of the website reserved for customers;

We do not use nor install cookies on your device to collect data from you.

  1. Why do we collect these data and on what legal basis?

We collect the aforementioned data to create a profile in order to understand your needs and to provide better service, and for the following specific purposes: 

  • To respond to your (online) questions regarding our products or services, to be able to provide information regarding our products and to follow up online offers.
  • To supply the products and services you have ordered.
  • To provide access to the online customer platform where you can:
    • Check the data generated by our software, available on our cloud platform. These data, related to the operations and performance of the website in order to optimise the digital products of our clients are available to you via a personalised account after logging onto the platform. 
  • To improve our products or services.
  • To investigate complaints on our products, services or website.
  • To meet the legal and regulatory obligations as well as compliance requirements.
  • To analyse and monitor the use of accounts to prevent, investigate or report fraud, terrorism, deception, security incidents and criminal activity to the relevant authorities. 
  • To send periodic email messages with offers on our products and services, special offers or other information which we believe may be of interest to you.
  • To contact you from time to time for the purposes of market research purposes. We may contact you by email or telephone.
  • To process your personal data for specific purposes as indicated on specific forms on our website, by notification in writing or by email.

We process the aforementioned personal data based on various processing reasons, as listed in Articles 6.1 (a), (b), (c) and (f) of the GDPR. 

Processing of your personal data is required in order to meet contractual obligations for the purposes of delivering products or services in accordance with our agreements. Where personal data is processed (for example to create invoices or communicate with you) in the execution of the agreement, we will store the data for 10 years after the end of our commercial relationship in accordance with the applicable limitation period.

In some cases, it can be a legal requirement to process personal data and to share it with third parties such as government entities for the purposes of government business or anti-money laundering legislation.  

In these cases, we have a legitimate interest to process your personal data and to contact you to be able to perform our operations or provide you with information on our products, services, promotions and/or events. Your personal data is retained for up to two years after the termination of our commercial relationship.

If you are not a current customer, we will request your permission to provide you with information on our events, products and services for promotional purposes. In this case, we will retain your personal data for one year.

When providing services to our clients we may process the following personal data of users from our clients and their end-users : 

User-entered information

  • Personal information
    • Name
      1. Job title
      2. Company name
      3. Email address
    • Country
      1. City
      2. Optional profile image
      3. Language
  • Project information
    • Main website URL & additional URLs associated with the project
      1. Project name
      2. Optional GA4 (Google Analytics 4) property ID
      3. Optional project logo
    • Optional Matomo API key, Site id, Matomo site URL
  • Google Analytics/GA4/Matomo metric names to query 
  • Google Tag Manager names to query
  • Chat messages
    • Any text sent as a message including URLs
      1. Any type of file uploaded to the chat
  • Online/offline status
  • Metrics data from Google Analytics (non-public data)
    • All page URLs of a website from GA4 using the GA4 property ID
    • Historical data of the metrics requested to be tracked up to one year
    • Bounce Rate and User Engagement for creating insights
    • Any metrics on this page: API Dimensions & Metrics | Google Analytics
    • This can include both commercial and website usage stats such as purchase revenue, ad revenue, performance of specific items like add to carts, user behavior and more.
  • Metrics data from Matomo (non-public data)
    • All page URLs of a website from Matomo
    • Historical data of the metrics requested to be tracked up to one year
    • Bounce Rate for creating insights
    • Any metrics on this spreadsheet, with more info on official docs
    • This can include both commercial and website usage stats such as purchase revenue, ad revenue, performance of specific items like add to carts, user behavior and more.
  • Metrics data from Google Tag Manager
    • Historical data of the metrics requested to be tracked up to one year
    • This can include but is not limited to events, conversions, custom metrics.
  • Website analysis data of any URLS provided
    • HTML, images, css, javascript, any resources present on the user-inputted URL at time of analysis. This includes external data linked by the webpage. We also save screenshots of the top 100 pages.
  • Usage statistics
    • Measurements of Luxifer usage. We measure usage of Luxifer, particularly metrics such as compute-capacity usage and external APIs usage.
  • Data of your end-users (opt-in)
    • Behavior data
      • Mousve moves
        1. Mouse clicks
        2. Pages visited
        3. Visit duration
      • Form interaction (starting and submitting, no form data)
        1. Scrolling behaviour
        2. Date and time of interactions
    • Demographic data
      • Browser
        1. Device brand
        2. Device type (desktop, phone, etc)
        3. Referrer (did they come from a search engine, etc)
      • Timezone
        1. Country
        2. City (Needs IP address, can disable. IP not stored)
        3. User type (Returning, new user, etc. Needs cookies, can disable)
        4. Screen resolution
  1. How will your data be used and shared?

We can share your personal data withAffiliate and subsidiary companies. 

Based on our legitimate interest, we may also share your personal data with third parties that assist us with our products and services. Some examples of third-party activities include the hosting of web servers, data analysis (Snowplow for analysis of data collected through cookies), marketing support providers (Mailchimp for e-mail automation) and customer service. These companies have access to your personal data but only when this is required to perform their activities. They are not permitted to use your data for any other purposes.

Your personal data may not be sold or leased to third parties. 

We may publish your personal data to enforce our policy, to comply with our legal obligations or in the interest of safety, in the public interest or for the purposes of legal enforcement in any country where we have entities or subsidiaries. We may follow up a request from a law enforcement agency, regulatory authority or government agency. We may also publish data for the purposes of current or scheduled court cases or to protect our property, safety, people or other rights and interests.

Should LUXIFER  be sold or merges with another company, your data will be accessible to the advisor of the potential buyer and transferred to the new company owners. In that case, we will take the appropriate measures to guarantee the integrity and confidentiality of your personal data. The use of your personal data will always be subject to this policy.

  1. Transfer of your personal data outside the European Economic Area

We may transfer your personal data to third parties in third countries (outside the European Economic Area (EEA)), such as the United States of America (e.g. Mailchimps which is EU-US Data Privacy Framework certified). The said transfer of data outside the EEA is legal if the recipient of the data resides in a country with a level of protection deemed adequate by the European Commission. Some of these countries may not have enacted equivalent data protection legislation to protect the use of your personal data. In such cases, we have researched whether appropriate preventive measures similar to those implemented within the EU are possible, for example by adopting standard contractual clauses. In specific cases, we will request your prior consent to the transfer of your personal data outside the EEA. Please follow the procedure set out in Rights of the data subject for further information on data transfer.

  1. Rights of the data subject

Data protection legislation provides various rights for the data subject with regard to the processing of personal data to ensure the data subject has sufficient control over the processing of their personal data. 

You are entitled to inspect the data we hold on you and to request and receive a copy of the personal data on our records. You are entitled to request that we amend, add to or delete any outdated, incorrect or incomplete personal data relating to you when your personal details change. You are also entitled to limit the processing of your personal data and to object thereto. You are also entitled to receive the personal data you have provided to the data controller in a structured, commonly used, machine-readable format, and to transmit it to another data controller.

For further information on the processing of your personal data or if you wish to exercise your rights, please contact us at hello@luxifer.app

You are entitled to lodge a complaint with the competent supervising authority (for data protection). In Belgium, the Data Protection Authority, Drukpersstraat 35, 1000 Brussels (contact@apd-gba.be).

  1. Security

We make every effort to guarantee the security of your data. We have implemented reasonable technical and organisational measures to guarantee your personal data against accidental or unlawful destruction, loss, modification, unauthorised disclosure and/or unauthorised access to the data transmitted, saved or otherwise processed. Please note that the internet is an open network; we cannot therefore guarantee that unauthorised third parties will not be able to circumvent these measures or use your personal data for inappropriate purposes.

This website may include links to third-party websites. We will not be held liable for the content of these websites, nor for the privacy standards and practices of the corresponding third party. You must read and understand the relevant third-party and website privacy policies before accepting cookies and visiting a website, to ensure your personal data is sufficiently protected.

  1. Amendments to this policy

LUXIFER may amend or update this policy to ensure the provision of information on how we process your personal data at that time. The updated version of this policy is available on the same website and will take effect upon publication. Please visit this webpage regularly to ensure you remain up-to-date on how we collect and process personal data, how and under what circumstances we use your personal data and when we share your personal data with third parties.

Version October 2, 2024

Oh!

Il semble que vous soyez déjà abonné