PRIVACY POLICY of KRIS DE LEENEER BV

1. Your privacy is important

Your privacy is important to us. We want to process your personal data in an honourable,
legal, correct and transparent manner. In this document, our privacy policy, we explain how
the processing is carried out and what personal data is involved. The term processing
includes the following: collection, recording, organisation, storage, updating, modification,
retrieval, consultation, use, dissemination or making available in any way, compilation,
combination, archiving, deletion or eventual destruction.
We are talking about you as a customer of our company, as a potential future customer, as a
beneficiary, another data subject or a contact person at another organisation who is in
contact with us.

1.1 Beforehand

We encourage you to read this document carefully to understand why and for what purpose
we process your personal data. You will also find your rights and how you can exercise them.
We may amend our privacy policy. The most recent version can be found on our website
https://deleeneer.be. We encourage you to regularly review our privacy policy to
understand any changes.
If you would like more information on privacy legislation in Belgium, please visit the website
www.gegevensbeschermingsautoriteit.be.

1.2 Who processes your data? Who are we?

KRIS DE LEENEER BV is active in Belgium with its registered office at Bosveld 22, 9200
Dendermonde and is responsible for the processing of your personal data.

1.3 How can you reach us?

If you have any questions about your privacy or if you want to change your privacy settings
or exercise your rights you can reach us in the following ways:
– By mail: Bosveld 22 in 9200 Dendermonde
– By e-mail: privacy@deleeneer.be
KRIS DE LEENEER BV has appointed a Data Protection Officer (DPO). You can always contact
our DPO at the above coordinates.

1.4 The leading supervisory authority of KRIS DE LEENEER BV

For KRIS DE LEENEER BV the leading supervisory authority is the Belgian Data Protection
Authority:
Data Protection Authority
Drukpersstraat 35, 1000 Brussel
+32 (0)2 274 48 00 / Contact@apd-gba.be

2. Your right to privacy

You have many rights regarding the processing of your personal data. If KRIS DE LEENEER BV
requests your permission, you can always withdraw it.
The implementation of your rights in our systems and procedures takes place within 30 days
after we have received your request. If for any reason this period cannot be met, we will
inform you before the expiry of the original period.

2.1 Your right to access your personal data

You have the right to view the personal data that we process about you, the purpose of the
processing, where we have obtained the data and who receives the data.
In this case, you can also find out how long we keep the data, whether the data is used for
automated decision-making and whether we intend to send the data to a country outside
the European Union. We will provide you with the requested information in writing or
electronically within a reasonable period of time.

2.2 You can have your data corrected/updated

It may happen that the data we process about you is not or is no longer correct. You can
always ask to have the incorrect data corrected or supplemented with the missing data.

2.3. Right to erasure

If you believe that we are unlawfully processing your personal data, you can request that we
delete it.
This request to erase personal data can be refused by KRIS DE LEENEER BV when it is
justified. Examples are the exercise or substantiation of a legal claim or because of a legal
obligation to keep certain data.

2.4 Right to restrict personal data

You can ask us to restrict the processing of your personal data when you suspect that the
data are incorrect or the processing is unlawful. We will comply with this request unless
there are compelling reasons not to do so, for example, to prevent fraud or non-payment.

2.5 Right to lodge an objection

You have the right to object to the processing of your personal data, including profiling. The
processing will then be stopped, unless it is necessary for compliance with social and fiscal
legislation, to protect the interests of a third party or for the establishment, exercise or
substantiation of a legal claim.

2.6 Right to data portability

You can ask us to transfer the personal data you have given us to a third party.

2.7 Right to lodge a complaint

If you do not agree with our position, you can contact the Belgian Data Protection Authority.
You can also lodge a complaint there. You will find the contact details above in 1.4.

2.8 Identification of the applicant

You can exercise your rights concerning the processing of your personal data by making a
written request
– By mail: Bosveld 22 in 9200 Dendermonde
– By e-mail: privacy@deleeneer.be
Always be as specific as possible when you want to exercise your rights. This way, we will be
able to exercise your request correctly.
To prevent someone else from exercising your rights, we want to check your identity as
much as possible. Therefore, the application must always be accompanied by a document
that proves that the identity of the applicant corresponds to your identity. You can do this by
attaching a copy of your identity card to the application. Please make sure that your
passport photo and identity card number are black, to protect your privacy.
If we are of the opinion that the document provided is insufficient proof, we will inform you.
We reserve the right not to accept the application until sufficient proof has been provided.

3. Why do we want to process your personal data?

3.1 KRIS DE LEENEER BV has to comply with legal obligations

In some cases, we are legally obliged to process your personal data. The most important
ones are listed below:
– tax law
– commercial law
– We may be forced to provide personal data to authorities or other third parties. For
example, if this is necessary in connection with a legal obligation or to carry out a
task of public interest.

3.2 KRIS DE LEENEER BV must be able to fulfil its contract with you

As a customer with us, you make use of our services or buy our products. In order to ensure
the proper execution of our contract, we need to process and manage these contracts
administratively, accounting-wise and operationally.
This also applies if you are a supplier of KRIS DE LEENEER BV. Also in that case, we have to
respect the contract and we have to process and manage the supplier contracts
administratively, accountably and operationally.

3.3 KRIS DE LEENEER BV does not sell your personal data

We do not sell, rent or transfer your personal data to third parties for their own use.

4. What personal data do we process from you and for what
purposes?

4.1 From our business relations

Business relations include suppliers, customers and prospects.
KRIS DE LEENEER BV processes the personal data of those who work for companies with
which we do business. The purpose of this processing is to provide information about the
products and services and to maintain business relationships.
In order to contact and identify you, for our customer and supplier management, we process
the following data: name, first name, address, telephone and/or mobile phone number, email address, VAT number, bank account number

4.2 From our prospective buyers

Our potential new customers are interested in our services. KRIS DE LEENEER BV is a
specialist in transport and the potential new customers have shown their interest in our
offer. In order to communicate with them, we process the following personal data: surname,
first name, telephone and/or GSM number and e-mail address.

4.3 Images from surveillance cameras are temporarily stored

We may use cameras in and around our buildings. When it comes to surveillance cameras,
we respect the legal rules. You will recognise the buildings under camera surveillance by a
clearly visible sticker.
Image recordings are kept for a maximum of 30 days. Exceptions to this are
– if the recorded images are useful for proving a crime or nuisance
– to prove a loss
– to identify an offender, a witness or a victim

5. About sharing and storing your personal data

5.1 With whom do we share your personal data?

We only share your data with people who have been explicitly authorised by us if they need
the data to carry out their tasks. These persons will process your data under the same
grounds as we have received them from you.
We use various processors for the processing of personal data. These are our subcontractors
who process personal data on our behalf. KRIS DE LEENEER BV only works with processors
that guarantee the same security on a technical and operational level.
We only share your data if we are obliged to do so by law or governmental order.

5.2 We do not keep your data indefinitely

KRIS DE LEENEER BV uses your personal data with a clear purpose in mind. When this
purpose has been reached, the data are removed.
The starting point for keeping your personal data is the legal retention period.
We initially store the personal data of our customers, suppliers and prospects for 10 years.
If, during this period, there has been a new contact, then a new period of 10 years starts
from this contact.