Charter on the protection of personal data

Pro Velo asbl attaches particular importance to observing the privacy of its current and future customers, its suppliers, and visitors to its website. This Charter enables you to understand how we collect and use your personal data, as well as your rights pertaining to this use.

Latest update: 25/06/2018

  1. What is the scope of this Charter?
  2. Who is the controller of your Personal Data?
  3. What Personal Data do we process?
  4. For what purposes do we use your Personal Data?
  5. What are the legal bases allowing us to use your Personal Data?
  6. To whom is your Personal Data transmitted?
  7. Where is your Personal Data processed?
  8. How do we protect your Personal Data?
  9. How long do we store the Personal Data for?
  10. What are your rights as the Data Subject?
  11. How do you change your communication preferences?

1. What is the scope of this Charter?

Personal Data means any information relating to an identified or identifiable natural person (the Data Subject).

This Charter is up-to-date as of the date stated above. It may be amended so please check it regularly for any changes. You will be notified of any substantial change made to the Charter or it will be expressly referred to on the Website’s homepage.

This Charter may be supplemented by contracts or specific clauses intended to cover a particular aspect of our relationship with you when it is necessary to provide you with further information concerning the manner in which we collect and use your Personal Data.

If you provide us with Personal Data concerning another person, you are required to:

  1. inform this person of the content of this Charter as well as of any other contract entered into with us related to the Personal Data;
  2. obtain the permission of this person in order to share this Personal Data with us in accordance with this Charter as well as any other contract entered into with us related to the Personal Data; and
  3. as appropriate, obtain the consent of this person when legally required.

2. Who is the controller of your Personal Data?

The different Pro Velo asbl departments are the controller of any Personal Data that they process about their current and future customers, suppliers, and visitors to the website www.provelo.org.
Pro Velo asbl

Rue de Londres 15, 1050 Brussels,  BE 0449 049 820

For any questions related to how we process your Personal Data, you can contact us as follows:

  • by mail: Pro Velo, rue de Londres 15, 1050 Brussels
  • by email: rgpd@provelo.org

3. What Personal Data do we process?

We collect and process various types of Personal Data depending on the type of relationship that we have with you:

Customers
  • Contact details (first name, surname, address, phone no., fax and e-mail address, copy of identity card in case of rentals)
  • Business information (company, title/position, department, website)
  • Information related to the services we provide
  • Financial and banking information (account number, credit history and other financial information)
  • Information enabling us to provide our services (e.g. height of the cyclist, national registration number to be engraved on the frame, etc.)
Potential customers
  • Contact details (first name, surname, address, phone no., fax and e-mail address)
  • Business information (company, title/position, department, website)
Suppliers
  • Contact details (first name, surname, address, phone no., fax and e-mail address)
  • Business information (company, title/position, department, website)
  • Financial and banking information (account number, credit history and other financial information)
  • Information enabling us to receive your products or services
Volunteers
  • Contact details (first name, surname, address, phone no., fax and e-mail address)
  • Banking information (account number)

Pro Velo is the responsible data controller for these data.

4. For what purposes do we use your Personal Data?

Your Personal Data is processed for various purposes depending on the type of relationship that we have.

Customers
  • To communicate with you
  • To establish, meet and fulfil our obligations related to our services
  • To manage our customer relations
  • To provide you with services
  • To improve the quality of our services
  • To provide promotional information
  • To comply with applicable legal and regulatory obligations
  • To establish and/or defend our rights in court
Potential customers
  • To communicate with you
  • To manage our relationship with potential customers
  • To provide promotional information
Suppliers
  • To communicate with you
  • To manage our supplier relations
  • To draw up, perform and terminate our product and/or service supply agreements
  • To make decisions concerning the conditions of these agreements
  • To manage complaints, returns and requests related to our purchases
  • To comply with applicable legal and regulatory obligations
  • To establish and/or defend our rights in court
Volunteers
  • To communicate with you
  • To pay expenses

As a potential customer, you are under no obligation to provide us with Personal Data. If you are a customer or supplier, the provision of certain Personal Data is a legal obligation or contractual requirement. Therefore, we need to hold some of our customers’ Personal Data in order to meet our obligations, as well as for invoicing purposes.

5. What are the legal bases allowing us to use your Personal Data?

In accordance with the law on the protection of personal data, we must be transparent concerning the legal bases or reasons for which we are processing Personal Data. Generally our bases for processing Personal Data are as follows.

  1. Your consent. Personal Data may be processed on the basis of your consent. We may for example ask for your consent so that we can process your data in order to provide you with promotional information. We may obtain your consent in writing or electronically. When we ask for your consent, we will inform you of the manner in which your data will be used, as well as of the purposes for this use. In some cases, such as during a telephone conversations, consent may be given orally. Once you have given your consent, you may withdraw it at any time.
  2. Necessity for the performance of a contract. Our customers’ Personal Data may be processed in order to draw up, perform or terminate a contract (in particular for the provision of our services). Before a contract exists – during the period prior to its conclusion – Personal Data may be processed in order to prepare offers, respond to requests or to fulfil any other requirement of our potential customers concerning the conclusion of a contract. Potential customers may be contacted during the contract preparation process on the basis of the information that they have given us.
  3. Legal obligations to which we are subject. In some cases, we may be required or authorised to process your Personal Data due to legal or regulatory obligations, in particular for the purposes of preventing, detecting and investigating fraud or offences, or for the purposes of meeting certain specific tax obligations.
  4. Our legitimate interests. In many cases, we process your Personal Data as our not-for-profit organisation has a legitimate interest to do so. This is particularly the case when we process your Personal Data in order to communicate with you, improve the quality of our services, provide you with promotional information (including direct marketing) and manageour commercial activities and IT infrastructure. Depending on the processing concerned, our legitimate interests in general consist of (i) pursuing our activities and objectives; (ii) protecting our association and customers; (iii) improving or developing our services and activities in general; (iv) complying with our legal and regulatory obligations, standards, guidelines and codes of conduct.

The legal basis for which we process your Personal Data will differ depending on our relationship. We have summarised below the main legal bases applicable to our processing of your Personal Data.


Customers
  • Necessary for the performance of a contract
  • Legal obligations to which we are subject
  • Your consent
  • Our legitimate interests
Potential customers
  • Your consent
  • Necessary to take steps at your request prior to entering into a contract
  • Our legitimate interests
Suppliers
  • Necessary for the performance of a contract
  • Legal obligations to which we are subject
  • Your consent
  • Our legitimate interests
Volunteers
  • Necessary for the performance of a contract
  • Legal obligations to which we are subject
  • Your consent

6. To whom is your Personal Data transmitted?

In order to achieve the objectives set out in Section 4 above, we may transmit your Personal Data to third parties (the “recipients”). These third-party recipients in particular include:

(i) external service providers who assist us as part of our activities (in particular auditors, lawyers and other consultants, IT and hosting service providers, banks and financial institutions);

(ii) government authorities, if we are legally obligated to do so.


7. Where is your Personal Data processed?

We are a legal entity under Belgian law that does not have any branches outside of Belgium. Your Personal Data will be stored in Belgium or in another country of the European Economic Area.

If Personal Data needs to be transferred from the European Economic Area to a third country that does not ensure an adequate level of protection of the Personal Data, we will make sure (i) that this transfer is based on an appropriate legal basis (e.g. your express consent or the need to provide our services) or (ii) that appropriate guarantees are in place in order to protect your Personal Data according to standards equivalent to those included in this Charter. We therefore remain responsible for the processing of your Personal Data and take the necessary measures in order to protect its processing (e.g. by means of standardised contractual clauses).
8. How do we protect your Personal Data?

We have put in place appropriate technical and organisational measures in order to prevent or take action against any unauthorised or unlawful processing or disclosure of your Personal Data, as well as its accidental loss, alteration or destruction. Before implementing new data processing methods, in particular new computer systems, we will define and put in place appropriate technical and organisational measures. These measures will be based on state-of-the-art solutions and will take into account the risks inherent in processing and the need to protect Personal Data. We will also regularly adapt these technical and organisational measures that aim to protect your Personal Data according to the development of technology and changes to our association.

9. How long will we store the Personal Data?

We will store your Personal Data for no longer than is necessary for the fulfilment of the purposes for which the data has been collected. The exact period will depend on the purposes for which we store your Personal Data. Furthermore, certain legislation or regulations may be applied and define a maximum storage period for your Personal Data. We will inform you in greater detail of the storage period of your Personal Data through specific clauses intended to cover a specific aspect of our relationship with you.

10. What are your rights as the Data Subject?

As the Data Subject, you have the following rights:

  • Right of access: you have the right to obtain confirmation as to whether or not your Personal Data is being processed, and, if that is the case, access to this Personal Data and information related to the processing.
  • Right to rectification: you have the right to obtain the rectification of inaccurate Personal Data concerning you, as well as to have incomplete data completed.
  • Right to erasure: you have the right to have Personal Data concerning you erased.
  • Right to restriction of processing: you have the right to obtain a restriction on the processing of your Personal Data to the point of the simple storage of this data.
  • Right to data portability: under certain conditions, you have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and have the right to transmit this data to another controller.
  • Right to object: under certain conditions, you have the right to object to the processing of your Personal Data. Where your Personal Data is used for direct marketing purposes, you have the right to object to this under any circumstances.
  • Right to withdraw your consent: if you have given your consent for the processing of your Personal Data, you have the right to withdraw this consent at any time, without this withdrawal affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to not be subject to automated decision-making, including profiling: you have the right not to be subject to a decision based solely on automated processing, including profiling. You have the right to obtain human intervention, express your point of view, obtain an explanation of the decision reached after such assessment and to challenge the decision.
  • Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with a supervisory authority. The data protection authority may be contacted as follows:

Data Protection Authority

Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
contact@apd-gba.be

11. How do you change your communication preferences?

We regularly give you the opportunity to inform us of your communication preferences. You can change these preferences at any time.

If you are a past or current customer, we may use your contact details, including your email address, in order to send you promotional communications. You may freely opt out at any time from receiving such communications by contacting us using the details given in Section 1.