Revised as of 01/02/2021.

1. SUBJECT

This Charter is established by MC | FACT located at Avenue de l'Aiglon 32, 1420 Braine-l'Alleud, registered with the Crossroads Bank for Enterprises under number: BE 0655.689.811 (hereinafter referred to as " the controller ").

The purpose of this Charter is to inform visitors to the website hosted at www.mc-fact.eu (hereinafter referred to as the " website ") of the manner in which data is collected and processed by the data controller.

This Charter is part of the controller's desire to act transparently, in compliance with the law of 8 December 1992 on the protection of privacy with regard to the processing of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "General Data Protection Regulation").

The data controller pays particular attention to the protection of the privacy of its users and therefore undertakes to take reasonable precautions to protect the personal data collected against loss, theft, disclosure or unauthorised use.

If the user wishes to react to one of the practices described hereafter, he can contact the person in charge of treatment at the postal address or the e-mail address specified in the point "contact data" of the present Charter.

2. CONSENT

By accessing and using the website, the user declares that he/she has read the information described below, accepts the present Charter and expressly agrees that the data controller may collect and process, in accordance with the methods and principles described in the present Charter, his/her personal data that he/she communicates through the website and/or on the occasion of the services offered on the website, for the purposes indicated below.

The user has the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of the processing based on the consent previously given.

3. WHAT DATA DO WE COLLECT?

By visiting and using the website, the user expressly consents to the collection and processing of the following personal data by the data controller in accordance with the methods and principles described below:

Its domain (automatically detected by the controller's server), including the dynamic IP address.
The user's e-mail address, if the user has previously revealed it, for example by sending messages or questions to the website, by communicating with the data controller by e-mail, by participating in discussion forums, by accessing the restricted part of the website with identification, etc.
All the information concerning the pages that the user has consulted on the website.
Any information that the user has given voluntarily, for example in the context of information surveys and/or registrations on the website, or by accessing the restricted part of the website through identification.

The data controller may also collect non-personal data. These data are qualified as non-personal data because they do not allow the direct or indirect identification of a particular person. It may therefore be used for any purpose, for example to improve the website, the products and services offered or the advertising of the controller.

In the event that non-personal data are combined with personal data in such a way that identification of the data subjects is possible, such data shall be treated as personal data until such time as it is impossible to link them to a specific person.

4. COLLECTION METHODS

The data controller collects personal data in the following way:

Web form when registering
Newsletter subscription form
Use of cookies

5. PURPOSES OF THE TREATMENT

Personal data are collected and processed only for the purposes mentioned below: to ensure the management and control of the execution of the services offered.

Sending and follow-up of orders and invoices.
Sending promotional information on products and services of the controller sending, possibly, free samples or offer services at preferential conditions, answer questions from the user.
To make statistics.
To improve the quality of the website and the products and/or services offered by the controller.
To transmit information on new products and/or services of the controller for direct marketing purposes.
To allow a better identification of the user's interests.

The person in charge of the treatment could be brought to carry out treatments which are not yet envisaged in the present Charter. In this case, the person in charge of the treatment will contact the user before re-using his personal data, in order to inform him of the changes and to give him the possibility, if necessary, to refuse this re-use.

6. RETENTION PERIOD

The data controller keeps personal data only for as long as is reasonably necessary for the purposes for which it is to be used and in accordance with legal and regulatory requirements.

A customer's personal data is kept for a maximum of 3 years after the end of the contractual relationship between the customer and the controller.

Shorter retention periods apply to certain categories of data, such as traffic data, which are kept for only 12 months.

At the end of the retention period, the data controller shall make every effort to ensure that the personal data has been made unavailable.

7. ACCESS TO DATA AND COPYING

By means of a written, dated and signed request sent to the person in charge of processing at the address referred to in the "contact data" section of this Charter, the user may, after having proved his identity (by enclosing a copy of his identity card), obtain, free of charge, the written communication or a copy of the personal data concerning him that have been collected.

The controller may charge a reasonable fee based on administrative costs for any additional copies requested by the user.

Where the user makes such a request electronically, the information shall be provided in a commonly used electronic form, unless the user requests otherwise.

The user will be provided with a copy of his or her data within one month of receiving the request.

8. RIGHT OF RECTIFICATION

By means of a written, dated and signed request sent to the person in charge of processing at the address referred to in the "contact data" section of this Charter, the user may, after having proved his identity (by enclosing a copy of his identity card), obtain, free of charge, as soon as possible and at the latest within one month, the rectification of his personal data which would be inaccurate, incomplete or irrelevant, as well as complete them if they prove to be incomplete.

9. RIGHT TO OBJECT TO PROCESSING

By means of a written, dated and signed request sent to the person in charge of processing at the address referred to in the "contact data" section of this Charter, the user may at any time, for reasons relating to his or her particular situation and after having provided proof of identity (by enclosing a copy of his or her identity card), object free of charge to the processing of his or her personal data, when :

The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail (in particular where the data subject is a child).

The data controller may refuse to implement the user's right to object when it establishes the existence of compelling and legitimate reasons justifying the processing, which override the interests or rights and freedoms of the user, or for the establishment, exercise or defence of legal claims.

In the event of a dispute, the user may lodge a complaint in accordance with the "Complaints" section of this Charter.

By means of a written, dated and signed request sent to the data controller at the address referred to in the "contact data" section of this Charter, the user may, at any time and after having proved his identity (by enclosing a copy of his identity card), oppose, without justification and free of charge, the processing of personal data concerning him when his data is collected for direct marketing purposes (including profiling).

Where personal data are processed for scientific or historical research or statistical purposes in accordance with the General Data Protection Regulation, the user has the right to object, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out in the public interest.

The data controller is obliged to respond to the user's request as soon as possible and at the latest within one month and to give reasons for not responding to such a request.

10. RIGHT TO RESTRICT PROCESSING

By means of a written, dated and signed request sent to the person in charge of processing at the address referred to in the "contact data" section of this Charter, the user may, after having proved his identity (by attaching a copy of his identity card), obtain the limitation of the processing of his personal data in the cases listed below:

When the user disputes the accuracy of a data and only for as long as it takes for the data controller to check it.
When the processing is unlawful and the user prefers the limitation of processing to erasure when, although no longer necessary for the purposes of the processing, the user needs it for the establishment, exercise or defence of legal claims.
For the time necessary to examine the merits of a request for opposition made by the user, in other words for the time necessary for the controller to check the balance of interests between the legitimate interests of the controller and those of the user.

The data controller will inform the user when the processing restriction is lifted.

11. RIGHT TO ERASURE (RIGHT TO BE FORGOTTEN)

By means of a written, dated and signed request sent to the data controller at the address referred to in the "contact data" section of this Charter, the user may, after having proved his identity (by enclosing a copy of his identity card), obtain the deletion of personal data concerning him, when one of the following reasons applies

The data are no longer necessary for the purposes of the processing.
The user has withdrawn his consent to the processing of his data and there is no other legal basis for the processing.
The user objects to the processing and there is no compelling legitimate reason for the processing and/or the user exercises his/her specific right to object in relation to direct marketing (including profiling).
Personal data have been processed unlawfully.
Personal data must be erased in order to comply with a legal obligation (of Union or Member State law) to which the controller is subject.
The personal data were collected in the context of offering information society services to children.

However, the deletion of data is not applicable in the following 5 cases:

Where the processing is necessary for the exercise of the right to freedom of expression and information where the processing is necessary for compliance with a legal obligation which requires the processing under Union law or the law of the Member State to which the controller is subject, or in the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
Where the processing is necessary for reasons of public interest in the field of public health.
Where the processing is necessary for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes and provided that the right to erasure is likely to make impossible or to seriously jeopardise the achievement of the purposes of the processing in question.
When the processing is necessary for the establishment, exercise or defence of legal claims.

The data controller is obliged to respond to the user's request as soon as possible and at the latest within one month and to give reasons for not responding to such a request.

The user also has the right, in the same way, to obtain, free of charge, the deletion or prohibition of use of any personal data concerning him/her which, taking into account the purpose of the processing, is incomplete or irrelevant, or the recording, communication or storage of which is prohibited, or which has been stored for longer than is necessary and permitted.

12. RIGHT TO "DATA PORTABILITY

By means of a written, dated and signed request sent to the person in charge of processing at the address referred to in the "contact data" section of this Charter and after having provided proof of identity (by attaching a legible copy of the identity card), the user may at any time request to receive free of charge his/her personal data in a structured, commonly used and machine-readable format, with a view in particular to transmitting them to another person in charge of processing, when :

Data processing is carried out using automated processes and when
The processing is based on the user's consent or on a contract concluded between the user and the controller.

Under the same conditions and in the same way, the user has the right to obtain from the data controller that personal data concerning him/her be transmitted directly to another data controller, provided that this is technically possible.

The right to data portability shall not apply to processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

13. RECIPIENTS OF DATA AND DISCLOSURE TO THIRD PARTIES

The recipients of the data collected and processed are, in addition to the data controller itself, its employees or other subcontractors, its carefully selected commercial partners, located in Belgium or in the European Union, who collaborate with the data controller in the context of marketing products or providing services.

In the event that the data is disclosed to third parties for direct marketing or canvassing purposes, the user will be informed in advance so that he/she can choose whether or not to accept this processing of his/her data by third parties.

By means of a written, dated and signed request sent to the data controller at the address mentioned in the "contact data" section of this Charter, the user may, at any time and after having proved his identity (by attaching a copy of his identity card), oppose free of charge the transmission of his data to third parties.

The data controller complies with the legal and regulatory provisions in force and will ensure in all cases that its partners, employees, subcontractors or other third parties with access to this personal data comply with this Charter.

The data controller reserves the right to disclose the user's personal data in the event that a law, legal proceedings or an order from a public authority makes such disclosure necessary.

No personal data is transferred outside the European Union.

14. USE AND MANAGEMENT OF COOKIES

General principles. This article provides information about the use of cookies on the website.

This cookie policy applies to the website. These are managed by the controller.

The website uses cookies to make navigation more useful and reliable. Some of these cookies are essential for the operation of the website, others are used to improve the user experience.

Most web browsers are configured to automatically accept cookies. If the user wishes to personalise the management of cookies, he/she must change the settings of the browser. Further information on this subject can be found in the "Cookie management" section of this provision.

By visiting and using the website, the user expressly agrees with the management of cookies described below.

Definition of cookies. A "cookie" is a data or text file that a website's server temporarily or permanently stores on the user's equipment (computer hard drive, tablet, smartphone, or any other similar device) through their browser. Cookies may also be installed by third parties with whom the controller collaborates.

Cookies store a number of pieces of information, such as visitors' language preferences or the contents of their shopping cart. Other cookies collect statistics about the users of a website or ensure that graphics appear correctly and that applications work properly on the website. Still others allow a website's content and/or advertising to be tailored to the user.

Use of cookies on the website. The website uses different types of cookies:

Essential or technical cookies: these are cookies that are essential for the operation of the website, allowing good communication and intended to facilitate navigation. Statistical or analytical cookies: these cookies make it possible to recognise and count the number of visitors and to see their browsing behaviour when they visit the website. This makes it possible to improve the user's browsing experience and makes it easier for them to find what they are looking for.
Functional cookies: these cookies enable specific features on the website to improve the user experience, including remembering the user's preference choices (e.g. language).
Performance cookies: These cookies collect information about how visitors use the website. They allow us to evaluate and improve the content and performance of the website (e.g. by counting the number of visitors, identifying the most popular pages or clicks), and to better match commercial offers to the user's personal preferences.
Advertising or commercial cookies: these are files intended to collect data relating to the profile of visitors and likely to be installed or read by third parties with whom the data controller collaborates in order to measure the effectiveness of an advertisement or a web page and to better adapt it to the user's interests.
Tracking cookies: the website uses tracking cookies via Google Analytics, with the aim of helping the controller to measure the ways in which users interact with the content of the website, and which generates visit statistics on a strictly anonymous basis. These statistics make it possible to continually improve the website and to offer the user relevant content. The controller uses Google Analytics to gain an overview of the traffic on the website, the origin of this traffic and the pages visited. This means that Google acts as a subcontractor. The information collected by Google Analytics is generated as anonymously as possible. For example, it is not possible to identify the people who visit the website. For further information, the user is invited to consult the Google data protection policy, available at the following address Google policies privacy

The data controller may also use cookies and tags to collect information about users' surfing habits on the various websites and applications belonging to its advertising network.

A beacon is an invisible image file that follows the user's navigation on one or more websites and/or applications. In addition, other commercial cookies may be installed by advertisers when their ads are displayed.

Commercial cookies do not contain any personal data. The information collected through commercial cookies and beacons is used to measure the effectiveness of advertising and to better tailor advertising on the website and on other websites belonging to the advertising network or for which the controller provides advertising services.

The retention period for cookies varies according to their type: essential cookies are generally retained until the browser is closed, while functional cookies remain valid for 1 year and performance cookies for 4 years.

The controller authorises public search engines to visit the website via spiders with the sole purpose of making access and content of the website accessible via their search engines, without the controller granting the right to archive the website. The controller reserves the right to withdraw the authorisation as formulated in this article at any time.

In order to make offers that may be of interest to the user, the data controller may enter into agreements with Internet advertising agencies. They have received permission from the controller to place advertisements on the website. When the user visits the website, the advertising agencies may also collect information.

Cookie management. Most browsers are set to automatically accept cookies, but all allow you to customize the settings to suit your preferences.

If the user does not want the website to place cookies on their computer/mobile device, they can easily manage or delete them by changing their browser settings. The user can also set their browser to notify them when they receive a cookie and decide whether or not to accept it.

If the user wishes to block and/or manage certain cookies, they can do so by following the link linked to their browser:

Internet Explorer: Delete and manage cookies
Chrome: Enable or disable cookies
Firefox: Improved tracking protection in Firefox
Safari: Managing cookies and website data in Safari on the Mac

If the user does not wish to accept cookies from Google Analytics, they can indicate this via the cookie message that appears on their first visit to the website or by customising their browser settings to refuse cookies.

To stop being tracked by Google Analytics on any website, the user is invited to visit the following website Browser add-on to disable Google Analytics

If the user deactivates certain cookies, it is possible that certain parts of the website may not be available and/or usable, or that they may only be partially available.

15. EMBEDDED CONTENT FROM OTHER SITES

Articles on this site may include embedded content (e.g. videos, images, articles...). Embedded content from other sites behaves in the same way as if the visitor were on that other site.

These websites may collect data about you, use cookies, embed third-party tracking tools, and track your interactions with these embedded contents if you have an account with them.

16. SECURITY

The controller shall implement appropriate technical and organisational measures to ensure a level of security of the processing and of the data collected appropriate to the risks presented by the processing and the nature of the data to be protected. He shall take account of the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing operation as well as the risks to the rights and freedoms of users.

The data controller always uses encryption technologies that are recognized as industry standards within the IT sector when transferring or receiving data on the website.

The data controller has put in place appropriate security measures to protect and prevent the loss, misuse or alteration of information received on the website.

17. COMMUNICATIONS BY POST, ELECTRONIC OR TELEPHONE

Communication by post. If the user provides the controller with his/her postal address via the website, his/her data will be stored in the controller's address file in order to respond to his/her request and to keep him/her informed of the products and services offered by the controller. Unless the user objects, the controller may also pass on the user's data to third parties (such as groups of companies and business partners) for direct marketing purposes. If the user does not wish his/her data to be used for direct marketing purposes, he/she can indicate this when registering on the website.

The user may at any time consult, correct or delete his data in the file of the person in charge of the treatment. To do so, he/she must contact the data controller at the address indicated in the "contact data" section of this Charter, remembering to specify his/her exact name and address (spelled correctly). The person in charge of the treatment commits himself to delete his data from the list that he shares with other companies or organizations.

Communication by telephone. If the user provides the controller with his/her telephone number via the website, he/she may receive a telephone call:

From the data controller in order to communicate information about its products, services or upcoming events.
Groups of companies and business partners with which the controller is contractually bound.

If the user does not wish/no longer wishes to receive such telephone calls, he/she may contact the data controller at the address mentioned in the "contact data" section of this Charter, remembering to specify his/her exact name and address (spelled correctly). The data controller undertakes to delete his data from the list that he shares with other companies or organisations.

If the user communicates his mobile phone number to the controller via the website, he will only receive messages (SMS/MMS) from the controller that are necessary to answer his questions or inform him about his online orders.

Communication via e-mail. If the user provides the controller with his/her e-mail address via the website, he/she may receive:

E-mails from the controller in order to provide information about its products, services or upcoming events (for direct marketing purposes), provided that the user has expressly consented to this or is already a customer of the controller and has provided the controller with his/her e-mail address.
E-mails from groups of companies and companies/organisations to which the controller is contractually bound, for direct marketing purposes, provided that the user has explicitly consented to this.

If the user does not wish/no longer wishes to receive such e-mails, he/she can contact the data controller at the address mentioned in the "contact data" section of this Charter, remembering to specify his/her exact name and address (spelled correctly).

The data controller undertakes to remove its contact details from the list it shares with other companies or organisations.

Robinson's List.

If the user does not wish to receive mailings or telephone calls from any of the companies on the Robinson list, he/she can contact the Robinson service of the Belgian Direct Marketing Association:

robinsonlist.be
Free phone number: 0800-91 887.
Par courrier : ABMD, Liste Robinson, Buro & Design Center, Esplanade du Heysel B46, 1020 Bruxelles

18. CLAIMS AND COMPLAINTS

The user may lodge a complaint with the Belgian Commission for the Protection of Privacy at the following address

Commission pour la Protection de la Vie Privée
Rue de la Presse, 35
1000 Brussels
Tel. + 32 2 274 48 00
Fax. + 32 2 274 48 35
commission@privacycommission.be

The user may also file a complaint with the court of first instance of his residence.

For more information on complaints and possible remedies, the user is invited to consult the following address of the Belgian Commission for the Protection of Privacy:

Commission for the protection of personal data

19. CONTACT DATA

For any question and/or complaint, in particular concerning the clear and accessible nature of this Charter, the user can contact the data controller:

By email : info@mc-fact.eu

By mail : MC | FACT - Avenue de l'Aiglon 32 - 1420 Braine-l'Alleud

20. APPLICABLE LAW AND JURISDICTION

This Charter is governed by Belgian law.

Any dispute relating to the interpretation or execution of this Charter will be subject to Belgian law and will fall under the exclusive jurisdiction of the courts of the judicial district of Brussels.

21. MISCELLANEOUS PROVISIONS

The data controller reserves the right to modify the provisions of this Charter at any time. The modifications will be published with a warning as to their entry into force.