Privacy Policy

Privacy Policy for the Processing of Personal Data of Customers and Website Users

Introduction

Welcome to the Semasu website. Semasu recognizes the importance of respecting the privacy and protecting the personal data of customers and visitors to our website. This policy describes how we process your personal data.

Scope

This website is managed by Semasu. We act as the data controller for the personal data of our customers and website users.
It is important for us to create and maintain an environment where our customers can trust that their information will not be misused. We comply with applicable data protection regulations, including the General Data Protection Regulation 2016/679 (“GDPR”), as well as relevant national legislation. This regulation concerns the protection of your personal data and grants you rights in relation to that data.
The purpose of this policy is to inform you about the personal data we collect and how it is used when you visit our website, and to ensure that these data are processed correctly.
By visiting our website, this privacy policy and the website terms of use apply. The terms of use for the website supplement this privacy policy and can be reviewed by users at the following address: https://easi.net/fr/legal/website-terms-of-use.
The application of any other terms than this policy is expressly excluded unless we give prior written consent. In that case, this policy remains applicable in addition to the specific agreements. The use of this website, platform, and its content is only permitted if you comply with this policy. If you do not fully accept and comply with this policy, you must stop using the website, platform, and its content.

Interpretation

Where terms defined in the GDPR appear in the clauses of this policy, they are understood as in the relevant regulation.
This applies especially to terms used in this policy such as “personal data,” “sensitive data,” “processing,” “controller,” “purpose,” “legal basis,” “legitimate interest,” “consent,” “technical and operational measures,” etc.
Reminder: personal data is any information that can directly or indirectly identify an individual, including first and last name, age, postal or email address, phone number, and any other element defined as personal data, such as an IP address.

Identity of the data controller

Our official contact details are as follows:
Semasu
Leuvensesteenweg 643 bus 12
1930 Zaventem
Belgium
+32 2 303 4 202
welcome@domeinloft.be
BE0762.772.366

Personal data we collect about you

Most of our website is accessible without requiring you to provide personal data.
We may collect and process your personal data for the following purposes:

Information you provide to us

This refers to information we receive directly from the individual concerned, particularly personal data collected through online forms on our site.
You provide us with personal data when you, for example, fill out an online form to contact us, download documents, schedule an appointment, request a demonstration of our solutions, register for an event, subscribe to a newsletter, and so on. These are the following categories of personal data:
• First and last name
• Email address
• Phone number
• Company/organization on behalf of which the request is made
Sometimes, additional information is requested (company size, the role of the person in the organization, etc.). The information we request is limited to what is necessary to process your request as effectively as possible and to pursue our legitimate interest, i.e., to follow up with the individual to determine how we can meet their needs.

Publicly available information

This refers to information we can find in publicly available sources, such as the individual’s public profile on LinkedIn, the website of the company/organization the individual is representing, and any other public information sources on the internet. We may combine publicly available information with data you provide us to verify data we have previously collected and to manage and expand our business.

Information we collect using cookies

When you visit our site, data about you are automatically and passively collected using cookies, based on your internet habits and behavior. Specifically, we may collect information about your IP address, the pages of our website you visit, your geolocation, the language you use to visit our site, where you came from (if you found us via a search engine, an advertising campaign, social media, etc.).

Purposes for processing your personal data

We collect the above information to better understand your needs and provide you with better service, and in particular for the following purposes:

Customer relationship management

When you order a product or service through our website, we may use your personal data to manage and monitor our relationship with our customers. This includes, but is not limited to:
• Providing you with the products and services you ordered;
• Verifying your identity and financial information for payment of our products and services;
• Managing contracts and contractual obligations;
• Improving our products and services;
• Investigating complaints about our products or services or related to our website.

Communication

We will respond to any requests you make through our website, including requests for documentation, support, assistance, or demonstrations regarding our products and services, event registrations, complaints, price inquiries, and any other purpose of an online form related to our products, services, or website. We may use your personal data, for example, to call you back or communicate with you via email, LinkedIn, or another communication channel.

Direct marketing

We may use your personal data for direct marketing purposes, to provide you with specific information you requested on our site or more general information about Semasu’s offerings, as well as to send you invitations to events or workshops, newsletters, etc. We only carry out our marketing activities based on your explicit consent or if you have a contractual relationship with us, and the information sent is relevant to the contract.

Improving our website

We continuously use and analyze visitor data to improve the user experience of our website.

Legal obligation

We are also authorized to retain personal data to comply with legal and regulatory obligations and compliance requirements.

Legal basis for processing your personal data

We strive to process your personal data in strict compliance with applicable laws and, in particular, on the basis of the following legal grounds listed in Article 6.1 (a), (b), (c), and (f) of the GDPR:

Consent of the data subject

If you are not yet a customer, we ask for your consent to electronically inform you about our events, products, and services for promotional purposes.
By submitting an online form on our site, you consent to the transfer of your personal data to Semasu and understand that Semasu will process your personal data in accordance with this privacy policy.
You have the right to withdraw your consent at any time.

Performance or preparation of a contract

We may process your personal data when this is necessary for the performance of our obligations under a contract for the provision of our products or services to which you are a party or for the preparation of that contract (e.g., when submitting a quote).

Legal obligation

In certain cases, the processing of personal data and its transfer to third parties (for example, to public authorities in the context of public procurement or anti-money laundering) is necessary to comply with a legal obligation.

Legitimate Intrests

Direct marketing activities (prospecting) are considered a legitimate interest under the GDPR. For processing personal data based on legitimate interest, explicit consent is not required. We distinguish three categories of activities based on the legitimate interest legal basis:
1) Contacting individuals who have submitted an online form
We believe it is in our legitimate interest to contact individuals who have submitted an online form on our site, as we will contact them to follow up on their requests. This task is directly assigned to our sales team, which uses available resources (phone, email, LinkedIn, etc.). However, we never send mass commercial mailings to individuals who have not explicitly subscribed to our newsletters by filling out an online form.
2) Keeping Semasu customers informed about developments at Semasu
A customer can receive e-newsletters without explicit consent. These newsletters contain information we believe is useful to the customer, such as details about new features in Semasu solutions, invitations to Semasu events and workshops, a summary of the latest articles on the Semasu blog, etc.
We make every effort to ensure that the information provided by each individual remains relevant. However, if they no longer wish to receive our e-newsletters, they can unsubscribe or change their preferences at any time. Each e-newsletter contains a link to unsubscribe and a link to modify email preferences.
3) Contacting potential prospects
Our sales team systematically contacts companies where Semasu may add value. To do this, our salespeople consult publicly available information sources such as the internet, LinkedIn, and other databases. If they find personal data (for example, the name of the sales manager of a company), they may process this data as necessary to fulfill Semasu’s legitimate interest in contacting that person with a personalized Semasu offer.
Individuals contacted this way will never receive direct marketing communications from Semasu.

Use and sharing of your personal data with third parties

Semasu is obligated not to sell, rent, or disclose the collected personal data to third parties unless otherwise specified at the time of data collection.

We may share your personal data with companies that belong to the same group and/or subsidiaries, or with third parties with whom you have asked us to share your data, such as Facebook or other social media if you have requested us to link your account.

Based on our legitimate interest, we may also share your personal data with third parties who help us provide our products and services. To the extent that these service providers act as subcontractors, they are not authorized to use or disclose the data for any purpose other than what is strictly necessary for carrying out their activities. Our subcontractors are obligated to comply with the GDPR and therefore to protect the confidentiality and security of the personal data they process on our behalf. These obligations are defined in a subcontracting agreement established as part of every collaboration.

We may disclose your personal data to enforce our policies, comply with our legal obligations, or for security, public interest, or law enforcement purposes in any country where we have entities or subsidiaries. For example, we may respond to a request from a law enforcement agency, regulatory body, or government agency. We may also disclose data in connection with actual or potential legal proceedings or to protect our property, safety, personnel, or other rights or interests.

In the event of a sale or merger of Semasu’s business with another company, your data will be provided to the potential buyer’s advisor and transferred to the new owners of the company. In this case, we will take appropriate measures to ensure the integrity and confidentiality of your personal data. However, the use of your personal data will remain subject to this policy.

Retention period of your personal data

If you are an Semasu customer, we retain your personal data (such as invoices and communications) for the period required by applicable accounting laws. Once the business relationship has ended, your data will only be retained as long as necessary to comply with applicable limitation periods. You may request that we delete your data sooner, in which case we will delete all data in our possession, to the extent technically possible, except for data we are legally required to keep.

If you are not an Semasu customer, we will make a decision based on the information we receive. We delete your data if we find that it is no longer accurate and we cannot correct the errors (e.g., if we receive a “failed delivery” message in response to an email). In cases of prolonged inactivity on your account (site visits, clicks on a collective email, personal contacts with our representatives), your personal data will automatically be deleted from our systems in accordance with applicable law. We will also delete your data upon your request.

If you are an applicant, your CV and personal data will be stored in our system for as long as necessary to evaluate your application and establish a position. Upon request, we can delete your previous data.

Transfer of your personal data outside the European economic area

We may transfer your personal data to third parties in third countries (outside the European Economic Area (EEA)). This data transfer outside the EEA is legal if the data recipient is in a country that guarantees an adequate level of protection, confirmed by an adequacy decision by the European Commission. Some of these countries may not have equivalent data protection laws to safeguard your personal data. In such cases, we have explored the possibility of applying adequate safeguards similar to those in effect in the EU, such as through standard contractual clauses. In certain specific cases, we ask for your prior consent to transfer your personal data outside the EEA. For more information on data transfers, you can follow the procedure described in the article “Rights of the Data Subject.”

Your rights regarding the collection and processing of your personal data

Data protection laws provide data subjects with several rights regarding the processing of personal data, allowing them sufficient control over their personal data processing.

You have the right to see what information we hold about you and to obtain a copy of the information we hold about you. If your personal data has changed, you have the right to request us to correct, supplement, or delete outdated, incorrect, or incomplete information we hold about you. You also have the right to restrict the processing of your data and to object to the processing of your personal data. Furthermore, you have the right to receive the personal data concerning you that you have provided to a data controller in a structured, commonly used, and machine-readable format and to transmit that data to another data controller.

We have appointed a Data Protection Officer (DPO), who can be contacted by email at welcome@domeinloft.be or by post at Semasu SA – Data Protection, Leuvensesteenweg 643 bus 12, 1930 Zaventem, for all your questions about the processing of your personal data. The DPO will also respond to your requests to exercise your rights. This request is free of charge.

To enable Semasu to respond to your request, you may be asked to provide certain information, such as your full name, email address, and customer account number.

Semasu commits to responding as soon as possible, with a response time that should not exceed one (1) month from receipt of the request. If you submit your request electronically and do not request another communication method, the information will be provided to you electronically. Upon your request, information can be communicated to you orally, provided your identity is otherwise confirmed.

Semasu may refuse to fulfill your request if it is unfounded or excessive, especially in view of the previous existence of other requests, whether from you or not. The burden of proof that the request is excessive or unfounded rests with Semasu.

You may file a complaint regarding the processing of your personal data with the competent authority in the member state where you have your habitual residence, where you work, or where the infringement may have occurred.

In Belgium, complaints can be filed with the Data Protection Authority, Rue de la Presse 35, 1000 Brussels (tel: +32 22744800, email: contact@apd-gba.be). Visit https://www.autoriteprotectiondonnees.be/citoyen for more information on your rights.

Cookies and similar technologies

Semasu’s website uses cookies for three reasons: (i) to offer our visitors the most effective web experience (for example, when a visitor has selected a language, the site will automatically display in that language on the next visit); (ii) to analyze visitor behavior to improve their experience and site performance; and (iii) to help us present quality advertising that most interests our visitors. You can find our cookie policy at https://domeinloft.be for more information on the use of cookies.

Security

When Semasu receives or transmits data via its website, we take all reasonable measures to ensure the security of your data. We have implemented reasonable technical and organizational measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to transmitted, stored, or otherwise processed personal data. However, please be aware that the internet is an open system, and we cannot guarantee that unauthorized third parties will never be able to circumvent these measures or use your personal data for improper purposes. Semasu cannot therefore be held responsible for the security of the transmission of your personal data over the internet.

Applicable law and competent courts

Our website, this policy, and all related disputes are governed by Belgian law. In case of a dispute, only the courts of Semasu’s registered office will have jurisdiction.

Changes to the privacy policy

Semasu reserves the right to modify this policy at any time to ensure website users comply with applicable law and to ensure this policy reflects how we process your personal data at any given time. Any changes will not affect previously concluded contracts, which will remain subject to the policy in effect at the time the mentioned contract was concluded and as accepted by the user at the time of acceptance. The updated version of this policy will be published on the same webpage and will take effect upon publication. Users are invited to review this policy each time they use our services, without the need to formally notify them.

Contact Us

If you wish to exercise any of the above rights, if you have a complaint regarding the processing of your data, or for any other related matter, you may contact us at the following email addresses: welcome@domeinloft.be, or you may write to the following address:

Semasu – Data Protection
Leuvensesteenweg 643 bus 12
1930 Zaventem
Belgium
+32 2 303 4 202
BE 0762.772.366

This policy was published on 14 novemeber 2024.