Privacy Statement

Privacy statement Our Lady of Leffe Abbey

The web application (hereinafter referred to as the “Application”) is offered by:
Our Lady of Leffe Abbey (hereinafter referred to as “The Abbey”, “We” and “Us”)
Place de l’Abbaye 1, 5500 Dinant – Belgium | steven.dc@abbaye-de-leffe.be

Do not hesitate to contact us if you have any privacy-related questions. We promise you a quick answer.

Please use the above contact information only for your privacy-related questions.

Why this privacy statement?

Any person who contact us (hereinafter referred to as the “Customer”) will inevitably release certain personal data. This personal information constitutes information that allows us to identify you as a natural person, whether or not we actually do this. You are identifiable as soon as it is possible to create a direct or indirect link between one or more personal data and you as a natural person.

We use and process your personal data in accordance with the GDPR and other relevant legal provisions. Any reference in this privacy statement to the GDPR is a reference to the regulation of 27 April 2016 on the protection of individuals with regard to the processing of personal data and concerning the free movement of such information (General Data Protection Regulation).

This privacy statement will inform each Customer of the processing activities that The Abbey may carry out with his or her personal data. The Abbey reserves the right to modify this privacy statement at any time. Any substantial change will be clearly reported to the Customer. We recommend that the Customer consults this document on a regular basis.

Who processes your personal data?

Controller

The Abbey determines which personal data are collected from you, as well as the purpose and means of processing such personal data. Consequently, The Abbey is a “Controller” within the meaning of the GDPR.

The Abbey has taken appropriate technical and organisational measures to protect the personal data of its Customers. The Abbey uses various appropriate security technologies and procedures to protect your personal information from unauthorised access, use or disclosure. The Abbey ensures that the personal data supplied are kept securely in a controlled environment. Keep in mind, however, that no method of transmission via the Internet is completely safe. You are responsible for maintaining the confidentiality of your password.

On what legal basis are your personal data processed?

In accordance with the GDPR we process personal data on the basis of the following legal grounds:

• On the basis of the implementation of the agreement as agreed with the Customer, or the exercise of pre-contractual steps taken at the request of the Customer; or
• On the basis of compliance with legal or regulatory provisions, with respect to the management of the contractual relationship with the Customer, in particular the invoicing;
• On the basis of our legitimate interest in responding to Customer requests for information;

What personal data are processed?

The Abbey undertakes to collect and process only those personal data which are relevant and necessary for the purposes for which they are processed.

How much and what personal data The Abbey collects about you depends on your use of our services. The collection of personal data is further expanded as more intensive use is made of our application. Specifically, we process the following categories of personal data:

• Personal identification details such as name, forename and address;
• Contact details (telephone number and e-mail address);

For what purposes are your personal data used?

We only use your information in the context of this service and under no circumstances to send you subsequent promotional offers. Your personal data is collected to properly handle our Customer administration and to do order billing.

Furthermore, the personal data of the Customer can also be used for the management of disputes and for protection against fraud and violations.

In addition, we use cookies to recognize (the IP address of) Customers and provide them with a personal user experience, to remember their technical choices and to detect and correct any errors on the application. Please refer to our cookie statement for more information on how we use cookies.

When you visit the application, some data are collected for statistical purposes. Such data are necessary to optimize the use of our application. These data are: presumed place of consultation, date and time of consultation, which pages were visited, etc. In order to optimally protect your privacy, these data are always anonymised.

We do not collect sensitive personal data, such as information about your race, political opinions, health, religious and other beliefs, sexual orientation, etc.

The client always provides the personal data to The Abbey and can thus exercise a certain control. The Abbey reserves the right to suspend or cancel certain operations if the required personal data are missing, incorrect or incomplete.

Who receives your personal data?

Your personal data will exclusively be processed for internal use within The Abbey. Your personal data will not be sold, passed on or communicated to third parties, except if you have given us your explicit consent in advance or if the transfer is necessary for the execution of the contractual or statutory obligation.

How long do we keep your personal data?

Your personal data will be retained for as long as it is necessary to pursue the objectives set out in article 5. They are removed from our database when they are no longer required to pursue these goals or if the Customer applies the right to remove the personal data. In any case, your contact details will be kept for three years from the sale, corresponding to the shelf life date of the beer. In this way, we can contact you again in the context of the relevant food legislation. 

What are you rights?

Guarantee of lawful and safe processing of personal data

Your personal data will always be processed for legitimate purposes as set out in article 5. They are collected and processed in an appropriate, relevant and proportionate manner, and are not retained longer than necessary to achieve the objectives set.

Right to access

If you can prove your identity, you obtain the right to obtain information about the processing of your personal data. Thus, you have the right to access the purposes of the processing, the categories of personal data, the categories of recipients to which the personal data are sent, the criteria that determine the period of data retention and the rights that you can exercise in relation to your personal data.

Right to rectification

Inaccurate or incomplete information can be corrected. In the first instance, it is the Customer’s responsibility to make the necessary adjustments to his “user profile”. The Customer can also contact us with a request for modification.

Right to delete your personal data

You also have the right to obtain the removal of your personal data, in the following cases:

• Your personal data are no longer required for the intended purpose;
• You revoke your consent to the processing of your personal data and there is no other legal basis for the processing of your personal data;
• You have lawfully lodged an objection against the processing of your personal data;
• Your personal data are processed unlawfully;
• Your personal data must be removed on the basis of a legal obligation.

Right to limitation of processing

In some cases, you have the right to request restrictions on the processing of your personal data. This is particularly true in the event of a dispute regarding the accuracy of personal data, if the personal data are necessary in the course of a legal procedure or during the time necessary for The Abbey to determine that you can validly exercise your right of removal.

Right to object

You have the right at all times to oppose the processing of your personal data for ”direct marketing” purposes, for profiling purposes or for purposes resulting from the legitimate interests of the Controller. The Abbey will cease to process your personal data unless The Abbey can demonstrate that there are compelling legal reasons for processing your personal data that prevail on your right to oppose.

Right to data transfer

You have the right to obtain the personal data provided to The Abbey in a structured, common and machine-readable form. In addition, you also have the right to transfer this personal data to another Controller, unless this is technically impossible.

How can you exercise your rights?

If you wish to exercise your rights, you must send a written request and proof of identity by registered letter to The Abbey Our Lady of Leffe, Place de l’Abbaye 1, 5500 Dinant – Belgium or via e-mail to steven.dc@abbaye-de-leffe.be. We will reply as soon as possible, no later than one (1) month after receiving your request.

Possibility of lodging a complaint

If you have any comments or complaints about how we handle your personal data, please report it to us first. In this way, we can reach an amicable solution by mutual agreement.

If, after this report, you are not yet satisfied with the processing of your personal data by The Abbey, you have the right to lodge a complaint with the competent supervisory authority (for Belgium: https://www.dataprotectionauthority.be/ )