Privacy Policy

PRIVACY POLICY


Welcome to HYPERVAULT!

Thank you for your interest in our company. We care about our environment, our people and our planet, but we also care about your privacy.

As part of our relationship with our customers or suppliers, and during your visit to and use of our website, we may need to process certain of your personal data. We want to assure you that your personal data will be treated by us in a secure and confidential manner, in full compliance with existing and applicable legal provisions on the protection of personal data, including Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the 'GDPR') and the national implementing legislation.

Further information on the processing of your personal data can be found in this privacy statement.


  1. Introduction

HYPERVAULT is the protected trade name, domain name and trademark of BV GTS DATA, having its registered office at 2243 Pulle, Boudewijnlaan 136, Belgium, registered with the Crossroads Bank for Enterprises under number 0760.349.742, in the capacity of controller, hereinafter referred to as “HYPERVAULT” or “we”.

You can contact us using the following contact details:

B.V. GTS DATA

Boudewijnlaan 136

2243 Pulle

E-mail : info@hypervault.com


HYPERVAULT attaches great importance to the protection of your data and your privacy.

The present personal data protection policy clarifies how HYPERVAULT manages the personal data (hereinafter “personal data”) of its physical person customers and of any physical person coming into contact with HYPERVAULT, including potential customers, representatives or guarantors of our customers, whether physical persons or legal entities (for example, company directors, mandated officers, legal representatives, other contact persons), our suppliers, our partners, etc. (hereinafter referred to as “you”).

By “personal data” HYPERVAULT refers to all information with which we can directly or indirectly identify you as a physical (natural) person.

A natural person is considered 'identifiable' if he/she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements characteristic of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. This necessarily includes any information from which a natural person can be identified, among other things, the name, date of birth, address, telephone number, e-mail address and IP address of the person in question.

“Processing of data” includes any action or set of actions applied to your personal data. The term processing includes all aspects related to the collection, confirmation, saving, organizing, structuring, storing, updating, adapting or changing, filtering, consulting, using, transmitting, distributing or making available in any way, comparing or linking, as well as the archiving, deleting or destruction of this personal data.

HYPERVAULT, in its capacity as controller, determines the purpose for which your personal data is processed, the means used and the entirety of the processing as defined in this policy document. HYPERVAULT is your intermediary and is responsible for compliance with the legislation regarding your personal data.

HYPERVAULT handles your data openly and in accordance with all legislation applicable to the protection of personal data and privacy, including the “GDPR” (Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data), the Act of 8 December 1992 (“Privacy Act”), the Act of 13 June 2005 (“Electronic Communications Act”) and the associated implementing decrees. We are committed to fulfilling all our obligations and respecting all your rights when processing your personal data.

  1. Person responsible for the processing of your personal data ("controller")

HYPERVAULT is the legal person responsible for the processing of your personal data. This means that it is we who determine the purposes for which your personal data is processed and the means used.

  1. When do we collect your personal data?


The occasions on which we collect your personal data include: a) when you visit our website; b) when we approach you as a customer, when you decide to become a customer or when you express your interest in becoming a customer or contacting our customer service; c) when we approach you as a supplier, when you decide to become a supplier to us or when you express your interest in becoming a supplier to us or contacting our supplier service; d) when you subscribe to our email newsletter; e) when you complete the contact form on our website or contact us in any other way. We also use cookies when you visit our websites. Cookies are small files that contain certain information and that are stored on your tablet or mobile device in order, among other things, to improve the user-friendliness of our website in the most optimal way.  That is why we use functional cookies that make it easier to use our website (for example, by saving the language settings of our website). By using high-performance cookies, we can, for example, analyse whether you have previously visited our website, whether you are a regular visitor and whether you are looking for different information on our website than during previous visits. In doing so, we can also check the location from which our website is visited and the time and date of this visit. You can, however, delete or disable all cookies installed on your device at any time via your browser settings. Please note that, if you change your cookie settings, our website may no longer function properly. For further information on ‘cookies’, we invite you to consult the following website: www.allaboutcookies.org . In principle, there is no intention to collect personal data from persons under the age of 16. Persons under the age of 16 may not provide us with their personal data or a statement of consent without the consent of the persons exercising parental authority over them.


  1. What personal data do we process?

HYPERVAULT collects and uses only the personal data that is necessary in the context of our activities, and that we need in order to offer you quality services and products. We collect and process different categories of personal data, in particular:

Under no circumstances do we collect or process sensitive information.
Some of the personal data we collect is indispensable to enable us to fulfil our contractual obligations to you. In a number of cases, the law obliges us to request certain information. Depending on the type of personal data and the purpose for which we process it, we may not be able to fulfil our contractual obligations if you refuse to provide it to us. In extreme cases, we may even have to stop working with you.

5. For what and why do we use your personal data?

We process your personal data for various purposes and with the following legal motives:

  1. To be able to handle your question (agreement)


We use your personal data when you contact us with a question (for example via our website contact form) about our products or our services or to obtain advice, for the purpose of:


  1. To be able to perform the contract we have concluded with you or to take (pre)contractual measures


We use your personal data to conclude and perform our contracts, including:


  1. To comply with our legal and regulatory obligations


We use and store (archive) your personal data in order to comply with our legal and regulatory obligations, including our tax and accounting obligations.


d. To protect our legal interests


We use your personal data to provide and develop our products and services, to optimize our risk management and to defend our legal interests, including to:

6. With whom do we share your personal information?

a. Your personal data may be processed on our behalf by reliable service providers.

For the execution of certain tasks, we make use of specialized partners as subcontractors. We provide them only with the information they need in order to provide their services and we ask them not to use your personal information for any other purpose. We always make every effort to ensure that this third party we work with maintains the discretion and security of your data. For example, we may make your personal data available to third parties who assist and help us with IT services or storage management (suppliers of platforms, storage systems, maintenance systems and technical support). In order to protect your personal data, we have entered into agreements with all these external service providers to ensure that your personal data is managed and administered in a secure, respectful and careful manner.

b. We may also pass on your personal information to other parties:

This means that no personal data is passed on to third parties under other circumstances, unless we are obliged to do so on the basis of mandatory legal or regulatory provisions (e.g.: the transfer of personal data to external bodies or authorities, such as law enforcement authorities).

c. Your personal data will be passed on or disclosed to third-country processors or controllers only to the extent that we are legally authorized to do so. To the extent that such disclosure or transfer is necessary, we will take appropriate steps to ensure that your personal information is substantially protected and that any disclosure or transfer of personal information outside the EEA is lawful and legitimate. If a disclosure or transfer is made to a country outside the EEA, for which the European Commission has not determined that this country does not maintain an equivalent level of protection of personal data, such disclosure or transfer is always subject to contractual or other legally binding instruments governed by the terms and conditions for transfers of personal data to third countries, such as the approved standard terms and conditions for transfers of personal data to third countries, as established by the European Commission.


You can consult the approved standard terms and conditions of the European Commission via the hyperlink: https://ec.europa.eu/info/law/law-topic/dataprotection/data-transfers-outside-eu/model-contracts- transfer-personal-data-third-countries_en.

7. Where do we store your personal data?

Your data is stored in a data centre in the European Union and fully in accord with the GDPR.

We store your personal data for the period necessary to fulfil the purpose for which this personal data is processed. Please note that we have to take into account a number of (legal) retention periods (time limits) that oblige us to continue to store your personal data. Where there is no commitment or obligation to store the personal data, it will be routinely erased and destroyed once the purpose for which the personal data was collected has been achieved.

In addition, we may store your personal data if you have given us your consent or if such storage is necessary for the establishment, exercise or defence of legal claims. In the latter case, certain personal data is used as evidence. Such personal data is therefore stored in accordance with the statutory limitation period, which can be up to thirty years, as against the normal, customary limitation period of up to ten years for personal claims.

8. How long do we retain your personal data?

We may not retain your personal data for longer than is necessary for the processing for which we collected it. In concrete terms, we make a distinction between the retention period and the archiving period.

9. How do we protect your personal data?

HYPERVAULT attaches great importance to the protection of your personal data and takes all reasonable precautions to prevent loss, misuse, distribution, unauthorized access to or alteration of this data.

For this reason we store your personal data in a secure place on our server to ensure that third parties do not have access to your personal data. Any information stored outside our company premises will be given the same appropriate level of protection as internally stored information. We have also introduced the ‘least privilege’ principle so that only authorized users can access our information systems and data (through access control policies and standards).

Adequate measures have been taken on both a technical level (encryption, anti-virus, firewall, access control, etc.) and an organizational level (careful selection of our employees, suppliers, etc.) to guarantee the security of your data. In addition, these measures are regularly reviewed and adapted to guarantee the highest possible level of protection.

10. Link with social networks

Our website contains links to the social networks we use (Facebook, LinkedIn, Twitter). Please note that these websites have their own personal data protection policies and that we disclaim any responsibility for the use by these websites of data they collect when you click on these links. We recommend that you consult their policy on this before providing them with your personal information.

11. What are your rights and how can you exercise them?

a. Right of access to the processed personal data (Article 15 GDPR)

You have the right to access the personal data we hold (subject to certain exceptions). For example, you have the right to access the personal data and the following information:

  1. the processing purposes;
  2. the categories of personal data involved
  3. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  4. if possible, the period for which the personal data is expected to be stored, or if that is not possible, the criteria for determining that period;
  5. the existence of the right to request the controller to rectify or erase personal data, or to restrict the processing of personal data relating to the data subject, as well as the right to object to such processing;
  6. the right to lodge a complaint with a supervisory authority;
  7. where the personal data is not collected from the data subject, any available information about the source of that data;
  8. the existence of automated decision-making.

If we are unable to provide you with access to the personal data (for example, in the case of a legal obligation to restrict access to such information by the person concerned), we will inform you of the reasons for such inability. It can be that we do not respond to requests for access that are manifestly unfounded, excessive, or repetitive.

We may charge you a reasonable fee here to cover the administrative costs involved in providing your data.

b. Right to rectification (Article 16 GDPR)

You are entitled to demand an adjustment of your personal data where this is incorrect or outdated and/or to complete it if it is not complete.

  1. Right to erasure (or “right to be forgotten”) (Article 17 GDPR)


In certain cases you have the right to have your personal data erased or 'forgotten'. This is not an absolute right as we may be required to keep your personal data for legal or judicial reasons, inter alia in the following cases:

  1. where this storage is necessary for the performance of an agreement to which you are a party;
  2. where this storage is necessary for compliance with a legal obligation, or
  3. where this storage is necessary for the establishment, exercise or defence of legal claims.

We will inform you of the reasons for keeping your personal data in our response to your request for erasure.

  1. Right to restrict processing (Article 18);


You have the right to demand that we restrict the processing of your personal data. This means that we may keep your data but not use it. This right applies in certain cases as provided for in the GDPR, in particular:


  1. Right to object (Article 21 GDPR)


You can object to the processing of your personal data for personal reasons, if this processing of your personal data takes place for the performance of a task undertaken in the public interest or in the context of the legitimate interests pursued by us. In such a case, HYPERVAULT will no longer process your data unless (1) there are compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or (2) the processing of the personal data takes place for the establishment, exercise or substantiation of legal claims.


You have an absolute right to object to the processing of your personal data for direct marketing purposes.


  1. Right to portability / data portability (Article 20 GDPR)


You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or, if this is technically impossible, to transfer it to a third party. This right applies solely to the data you have provided to us, which is processed on the basis of your consent or a contract and where the processing is carried out by automated means.


  1. Automated individual decision-making, including profiling (Article 22 GDPR)


You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.


However, this right cannot be invoked in the following circumstances:

  1. if the decision is authorized by law (for example: to prevent tax fraud);
  2. if the decision is based on the data subject’s explicit consent; or
  3. if the decision is necessary for entering into, or performance of, a contract between the data subject and the controller (please note that in such cases we will always assess on a case-by-case basis whether less privacy-infringing methods can be applied to facilitate the entering into or execution of the agreement).


  1. Right to withdraw your consent (Article 7 GDPR)


You may withdraw your consent to the processing of your personal data at any time.


  1. How can you exercise your rights?


To exercise your rights, please send a written request with proof of identity by post to HYPERVAULT -  address or by email to gdpr.be@hypervault.com. We will deal with your question as soon as possible and at the latest 1 month after receipt (subject to statutory deferment periods).


All rights can be exercised free of charge, except where your request is manifestly unfounded or disproportionate (for example: owing to the repetitive nature of your request). In such cases, we are entitled to charge you a reasonable fee or to refuse to comply with your request.

12. Adjustments

In a world of constant technological evolution, this personal data protection policy may be subject to change. We recommend that you always consult the most recent version of this document on our website. We shall inform you of any significant changes via our website or our other customary communication channels.

13. Questions and complaints

If you have questions about the use of your personal information as defined in this policy, you can contact us by post at: HYPERVAULT – address or by email to gdpr.be@hypervault.com. .
If you are not satisfied with the way HYPERVAULT processes your personal data, you can file a complaint with the Data Protection Authority (https://www.privacycommission.be/).

You can object at any time free of charge to the use of your data for commercial prospecting and/or direct marketing.

In addition, in certain very specific cases, the GDPR regulation offers you the possibility to request a restriction of processing, to obtain a copy of your data (right to portability) and to request erasure of the data. However, this right to erasure is not absolute. For further information on how to exercise your rights, please refer to the Privacy Charter available on the website ..................  Finally, any complaint can be addressed to:

Data Protection Authority

Drukpersstraat 35

1000 Brussels

Tel: +32 2 274 48 00

Email: commission@privacycommission.be


14 Further questions?

Feel free to contact us by email at the following email address: GDPR@hypervault.com . We will be happy to assist you further: