Privacy policy and cookie management

1. Object

This Charter is drawn up by Resize the Day sprl located at Allées de Provence 6, 1140 Evere, registered with the Crossroads Bank for Enterprises under number: 897.991.321, hereinafter referred to as the data controller. The purpose of this Charter is to inform visitors to the website hosted at www.resizetheday.com (hereinafter referred to as the “website”) of how data is collected and processed by the data controller. This Charter is part of the data controller’s desire to act transparently, in compliance with the law of 8 December 1992 on the protection of privacy with regard to the processing of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the ‘General Data Protection Regulation’). The controller pays particular attention to the protection of the privacy of its users and therefore undertakes to take reasonable precautions to protect the personal data collected against loss, theft, disclosure or unauthorised use. If the user wishes to react to one of the practices described below, he/she may contact the data controller at the postal address or email address specified in the “contact data” section of this Charter.

2. Consent

By accessing and using the website, the user declares that he/she has read the information described below, accepts this Charter and expressly consents to the data controller collecting and processing, in accordance with the methods and principles described in this Charter, his/her personal data that he/she communicates through the website and/or on the occasion of the services offered on the website, for the purposes indicated below. The user has the right to withdraw his consent at any time. Withdrawal of consent does not affect the lawfulness of the processing based on the consent previously given.

3. What data do we collect?

By visiting and using the website, the user expressly consents to the following personal data being collected and processed by the data controller in accordance with the methods and principles described below:
  • its domain (automatically detected by the controller’s server), including the dynamic IP address;
  • his/her e-mail address if the user has previously revealed it, for example by sending messages or questions to the website, communicating with the controller by e-mail, participating in discussion forums, accessing the restricted part of the website by means of identification, etc;
  • all information concerning the pages that the user has consulted on the website;
  • any information that the user has given voluntarily, for example in the context of information surveys and/or registrations on the website, or by accessing the restricted part of the website with identification.
We also collect the following data (if provided by you):
  • Name
  • Phone number
  • Address
The controller may also collect non-personal data. These data are called non-personal data because they do not allow the direct or indirect identification of a specific person. It may therefore be used for any purpose, for example to improve the website, the products and services offered or the advertising of the controller. In the event that non-personal data are combined with personal data in such a way that identification of the data subjects is possible, such data will be treated as personal data until such time as it is impossible to link them to a specific person.  

4. Collection methods

The controller collects personal data in the following way:
  • Web form available at the time of user registration

5. Purposes of the processing

Personal data are collected and processed only for the purposes mentioned below:
  • to ensure the management and control of the execution of the services offered;
  • sending and follow-up of orders and invoices;
  • sending promotional information on the products and services of the controller;
  • sending free samples or offering services on preferential terms; answering questions from the user;
  • to carry out statistics;
  • to improve the quality of the website and of the products and/or services offered by the controller;
  • to send information about new products and/or services of the controller; for direct marketing purposes;
  • to enable better identification of the user’s interests.
We also collect and process personal data for the following purposes:
  • Sending goods matching the search criteria
The data controller may carry out processing operations that are not yet provided for in this Charter. In this case, the data controller will contact the user before re-using his/her personal data, in order to inform him/her of the changes and give him/her the possibility, if necessary, to refuse this re-use.

6. Duration of data retention

The controller shall only keep personal data for as long as is reasonably necessary for the purposes for which it is to be used and in accordance with legal and regulatory requirements. A customer’s personal data is kept for a maximum of 3 years after the end of the contractual relationship between the customer and the controller. Shorter retention periods apply to certain categories of data, such as traffic data, which is retained for only 12 months. At the end of the retention period, the controller shall make every effort to ensure that the personal data has been made unavailable.

7. Data access and copying

By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, after having proved his identity (by enclosing a copy of his identity card), obtain free of charge the written communication or a copy of the personal data concerning him that have been collected. The data controller may require payment of a reasonable fee based on administrative costs for any additional copies requested by the user. Where the user makes such a request electronically, the information shall be provided in a commonly used electronic form, unless the user requests otherwise. The user will be provided with a copy of his or her data no later than one month after receipt of the request.

8. Right of rectification

By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, after providing proof of identity (by enclosing a copy of the identity card), obtain free of charge, as soon as possible and at the latest within a period of one month, the rectification of personal data which are inaccurate, incomplete or irrelevant, as well as supplementing them if they prove to be incomplete.

9. Right to object to processing

By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may at any time, for reasons relating to his or her particular situation and after having provided proof of identity (by enclosing a copy of his or her identity card), object free of charge to the processing of his or her personal data, when:
  • the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail (in particular where the data subject is a child).
The data controller may refuse to implement the user’s right to object if it establishes compelling legitimate grounds for the processing which override the interests or rights and freedoms of the user, or for the establishment, exercise or defence of legal claims. In the event of a dispute, the user may lodge a complaint in accordance with the “Complaints” section of this Charter. By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, at any time and after having provided proof of his identity (by enclosing a copy of his identity card), object, without justification and free of charge, to the processing of personal data concerning him when his data are collected for direct marketing purposes (including profiling). Where personal data are processed for scientific or historical research or statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out in the public interest. The controller is obliged to respond to the user’s request as soon as possible and at the latest within one month and to give reasons for not responding to such a request.

10. Right to restrict processing

By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, after having proved his identity (by enclosing a copy of his identity card), obtain the limitation of the processing of his personal data in the cases listed below:
  • when the user disputes the accuracy of a data and only for the time necessary for the controller to check it;
  • when the processing is unlawful and the user prefers the restriction of processing to erasure;
  • when, although no longer necessary for the purposes of the processing operation, the user needs it for the establishment, exercise or defence of legal claims;
  • for the time necessary to examine the merits of a request for objection made by the user, in other words for the time necessary for the controller to check the balance of interests between the legitimate interests of the controller and those of the user.
The controller will inform the user when the restriction on processing is lifted.

11. Right to erasure (right to be forgotten)

By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, after having proved his identity (by attaching a copy of his identity card), obtain the deletion of personal data concerning him, when one of the following reasons applies:
  • the data are no longer necessary for the purposes of the processing;
  • the user has withdrawn his consent to the processing of his data and there is no other legal basis for the processing;
  • the user objects to the processing and there is no compelling legitimate reason for the processing and/or the user exercises his or her specific right to object in relation to direct marketing (including profiling);
  • the personal data have been processed unlawfully;
  • the personal data must be erased in order to comply with a legal obligation (of Union or Member State law) to which the controller is subject;
  • the personal data have been collected in the context of the provision of information society services to children.
However, erasure of data is not applicable in the following 5 cases:
  • where the processing is necessary for the exercise of the right to freedom of expression and information;
  • where processing is necessary for compliance with a legal obligation to process laid down by Union law or by the law of the Member State to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • where the processing is necessary for reasons of public interest in the field of public health;
  • where processing is necessary for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes and provided that the right to erasure is likely to render impossible or seriously compromise the achievement of the purposes of the processing in question;
  • where the processing is necessary for the establishment, exercise or defence of legal claims.
The data controller is obliged to respond to the user’s request as soon as possible and at the latest within one month and to give reasons for not doing so if it intends to refuse the request. The user also has the right, under the same conditions, to obtain, free of charge, the deletion or prohibition of use of any personal data concerning him which, taking into account the purpose of the processing, is incomplete or irrelevant, or the recording, communication or storage of which is prohibited, or which has been stored for longer than is necessary and permitted.  

12. Recipients of data and disclosure to third parties

The recipients of the data collected and processed are, in addition to the data controller itself, its employees or other subcontractors, its carefully selected commercial partners, located in Belgium or in the European Union, who collaborate with the data controller in the context of the marketing of products or the provision of services. In the event that the data is disclosed to third parties for direct marketing or canvassing purposes, the user will be informed in advance so that he/she can choose whether or not to accept this processing of his/her data by third parties. By means of a written, dated and signed request sent to the data controller at the address referred to in the “contact data” section of this Charter, the user may, at any time and after having provided proof of his identity (by enclosing a copy of his identity card), object free of charge to the transmission of his data to third parties. The data controller shall comply with the legal and regulatory provisions in force and shall ensure in all cases that its partners, employees, subcontractors or other third parties having access to this personal data comply with this Charter. The data controller reserves the right to disclose the user’s personal data in the event that a law, legal proceedings or an order from a public authority makes such disclosure necessary. No personal data is transferred outside the European Union.

13. Use and management of cookies

General principles. This section provides information about the use of cookies on the website.

This cookie policy applies to the website. These are managed by the controller.

The website uses cookies in order to make navigation more useful and reliable. Some of these cookies are essential for the website to function, others are used to improve the user experience.

Most web browsers are configured to accept cookies automatically. If the user wishes to customise their management, they must modify the settings of their browser. Further information on this subject can be found in the “Cookie management” section of this provision.

By visiting and using the website, the user expressly agrees to the cookie management described below.

Definition of cookies.

A “cookie” is a data or text file that a website’s server temporarily or permanently stores on the user’s equipment (computer hard disk, tablet, smartphone, or any other similar device) through the user’s browser. Cookies may also be installed by third parties with whom the controller collaborates.

Cookies store a certain amount of information, such as the language preferences of visitors or the contents of their shopping cart. Other cookies collect statistics about the users of a website or ensure that graphics appear correctly and that applications work well on the website. Still others allow the content and/or advertising on a website to be tailored to the user.

Use of cookies on the website. The website uses different types of cookies:

  • Essential or technical cookies: these are cookies that are essential for the operation of the website, enabling good communication and intended to facilitate navigation;
  • Statistical or analytical cookies: these cookies make it possible to recognise and count the number of visitors and to see their browsing behaviour when they visit the website. This makes it possible to improve the user’s browsing experience and makes it easier for them to find what they are looking for;
  • Functional cookies: these cookies enable specific features on the website to improve usability and user experience, including remembering the user’s preference choices (e.g. language);
  • Performance cookies: these cookies collect information about how visitors use the website. They allow us to evaluate and improve the content and performance of the website (e.g. by counting the number of visitors, identifying the most popular pages or clicks), and to better match commercial offers to the user’s personal preferences;
  • Advertising or commercial cookies: these are files designed to collect data relating to the profile of visitors and which may be installed or read by third parties with whom the data controller collaborates in order to measure the effectiveness of an advertisement or a web page and to better adapt it to the user’s interests;
  • Tracking cookies: the website uses tracking cookies via Google Analytics, with the aim of helping the controller to measure the ways in which users interact with the content of the website, and which generates visit statistics in a strictly anonymous manner. These statistics make it possible to continually improve the website and to offer the user relevant content. The controller uses Google Analytics to gain insight into the traffic on the website, the origin of this traffic and the pages visited. This means that Google acts as a subcontractor. The information collected by Google Analytics is generated as anonymously as possible. For example, it is not possible to identify the persons who visit the website. For further information, the user is invited to consult the Google data protection policy, available at the following address: http://www.google.nl/intl/en_uk/policies/privacy/

The controller may also use cookies and beacons to collect information about users’ surfing habits on the various websites and applications belonging to its advertising network.

A beacon is an invisible image file that follows the user’s navigation on one or more websites and/or applications. In addition, other commercial cookies may be installed by advertisers when their ad is displayed.

Commercial cookies do not contain any personal data. The information collected through commercial cookies and beacons is used to measure the effectiveness of advertising and to better personalise advertising on the website and on other websites belonging to the advertising network or for which the controller provides advertising services.

The retention period for cookies varies according to their type: essential cookies are generally kept until the browser is closed, while functional cookies remain valid for 1 year and performance cookies for 4 years.

The controller allows public search engines to visit the website via spiders with the sole purpose of making access and content of the website available via their search engines, without the controller granting the right to archive the website. The controller reserves the right to withdraw the authorisation as formulated in this article at any time.

In order to make offers that may be of interest to the user, the controller may enter into agreements with internet advertising agencies. They have received permission from the controller to place advertisements on the website. When the user visits the website, the advertising companies may also collect information.

Cookie management. Most browsers are set to automatically accept cookies, but all allow you to customise the settings according to your preferences.

If the user does not want the website to place cookies on their computer/mobile device, they can easily manage or delete them by changing their browser settings. The user can also set their browser to notify them when they receive a cookie and decide whether or not to accept it.

If the user wishes to block and/or manage certain cookies, they can do so by following the link linked to their browser:

Internet Explorer: As this browser is no longer monitored and updated by Microsoft, we strongly recommend that you stop using it
Chrome: https://support.google.com/accounts/answer/61416?hl=fr
Firefox: https://support.mozilla.org/fr/kb/protection-renforcee-contre-pistage-firefox-ordinateur
Safari: https://support.apple.com/fr-be/guide/safari/sfri11471/mac

If the user does not wish to accept cookies from Google Analytics, they can indicate this via the cookie message that appears on their first visit to the website or by customising their browser settings to refuse cookies. To stop being tracked by Google Analytics on any website, the user is invited to visit the following website: http://tools.google.com/dlpage/gaoptout

If the user deactivates certain cookies, it is possible that certain parts of the website may not be accessible and/or usable, or may only be partially accessible.

14. Security

The controller shall implement appropriate technical and organisational measures to ensure a level of security of the processing and of the data collected appropriate to the risks presented by the processing and the nature of the data to be protected. It shall take into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks to the rights and freedoms of users.

The controller always uses encryption technologies that are recognised as industry standards within the IT sector when transferring or receiving data on the website.

The data controller has put in place appropriate security measures to protect and prevent the loss, misuse or alteration of information received on the website.

15. Communications by post, electronic or telephone

Communication by post. If the user provides the controller with his/her postal address via the website, his/her data will be stored in the controller’s address file in order to respond to the user’s request and to keep the user informed of products and services offered by the controller. Unless the user objects, the controller may also pass on the user’s data to third parties (such as groups of companies and business partners) for direct marketing purposes. If the user does not want his data to be used for direct marketing purposes, he can indicate this when registering on the website.

The user may at any time consult, correct or delete his/her data from the file of the data controller. To do so, he/she should contact the data controller at the address mentioned in the “contact data” section of this Charter, remembering to specify his/her exact name and address (spelled correctly). The data controller undertakes to delete his data from the list that he shares with other companies or organisations.

Communication by phone. If the user provides the controller with his/her telephone number via the website, he/she may receive a telephone call:

  • from the controller in order to provide information about its products, services or upcoming events;
  • groups of companies and business partners with which the controller has a contractual relationship.

If the user does not wish/no longer wishes to receive such telephone calls, he/she may contact the data controller at the address referred to in the “contact data” section of this Charter, remembering to state his/her exact name and address (spelled correctly). The data controller undertakes to delete his data from the list that he shares with other companies or organisations.

If the user provides the controller with his/her mobile phone number via the website, he/she will only receive messages (SMS/MMS) from the controller that are necessary to answer his/her questions or to inform him/her about his/her online orders.

Communication by e-mail. If the user provides the controller with his e-mail address via the website, he may receive:

  • e-mails from the controller in order to communicate information about its products, services or upcoming events (for direct marketing purposes), provided that the user has expressly consented to this or is already a customer of the controller and has communicated his e-mail address to the controller;
    e-mails from groups of companies and companies/organisations to which the controller is contractually bound, for direct marketing purposes, provided that the user has explicitly consented to this.
  • If the user does not wish/no longer wishes to receive such e-mails, he/she can contact the controller at the address referred to in the “contact details” section of this Charter, remembering to state his/her exact name and address (spelled correctly).

The data controller undertakes to remove his contact details from the list that he shares with other companies or organisations.

16. Miscellaneous provisions

The data controller reserves the right to modify the provisions of this Charter at any time. The modifications will be published with a warning as to their entry into force.

The current version of the Charter is dated 20/05/2022.