Thank you for visiting our website. COMPO is not just concerned about the care and protection of your plants. The protection of your privacy when collecting and processing personal data is also a matter we take very seriously. The following information aims to provide you with an overview of the processing of your personal data by us and of your rights under data protection legislation. We process personal data that we receive whenever our website is accessed by, among others, customers/applicants or other interested parties (hereinafter referred to as 'you'). The type of data we process and how we use it depends primarily on the requested or agreed services; therefore, not all the information below will be applicable to you. Which entity controls the data processing and which entity can I contact in this regard?

The controller is :

COMPO Benelux nv - Venecolaan 56 - B-9880 Aalter
Phone : +32(0)9 311 00 00
E-mail : compo@compo.be

You can reach our company's data protection officer at the above address using the keywords DATA PROTECTION or using the following email contact: privacy@compo.be.

1. WHY DO WE PROCESS YOUR DATA (PURPOSE OF PROCESSING) AND ON WHAT LEGAL BASIS?

We process personal data in accordance with the provisions of the EU's General Data Protection Regulation (GDPR).

a) To fulfil contractual obligations (Article 6(1.)(b) GDPR)

The processing of data can take place in the context of executing contracts with you as our customer or in order to implement pre-contractual measures.

b) in the balancing of interests (Article 6(1.)(f) GDPR)

If required, we can process your data beyond the actual fulfilment of the contract to safeguard our or a third party's legitimate interests.
Examples:

c) based on your consent (Article 6(1.)(a) GDPR)

Once you have agreed to the processing of personal data for specific purposes (e.g. for marketing purposes, receipt of newsletters), the legitimacy of such processing shall be deemed to be given based on your consent.

d) based on legal requirements (Article 6(1.)(c) GDPR) or in the public interest (Article 6(1.)(e) GDPR)

In addition, we are subject to various legal obligations, i.e. statutory requirements (e.g. tax laws). The purposes of processing include the fulfilment of fiscal inspection and reporting requirements, and much more.

2. WHAT DOES THIS MEAN PRECISELY IN RELATION TO THE PROVISION OF THIS WEBSITE AND THE SERVICES AVAILABLE THEREIN?

2.1. PROVISION OF THE WEBSITE AND CREATION OF LOG FILES

Each time our website is accessed, our system automatically collects data and information from the accessing computer. The following data are collected:

  1. information about the browser type and the version used;
  2. the user's operating system;
  3. the user's internet service provider;
  4. the user's ip address;
  5. date and time of access;
  6. websites from which the user's system accesses our website, and websites accessed by the user's system via our website.

The data are also stored in the log files of our system. These data are not stored together with other personal data of the user. The legal basis for the temporary storage of data in log files are our legitimate interests. Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. To do this, the user's IP address must be kept for the duration of the session. Storage in log files takes place to ensure the functionality of the website. In addition, the data are used to optimise the website and to ensure the security of our IT systems. An evaluation of the data for marketing purposes does not take place in this instance.

The data are deleted immediately when no longer required for the purpose of collection. In terms of data collection for the provision of the website, this is the case when the respective session has ended.

Data collection for the provision of the website and data storage in log files is essential for the operation of the website. Consequently, the user has no opportunity to opt out.

2.2. COOKIES AND SIMILAR TECHNOLOGIES

2.3. PARTICIPATION IN PRIZE GAMES AND PRODUCT TESTS

On our website, we offer you the opportunity to register for prize games, product tests and other competitions (referred to hereinafter as 'promotions') by providing personal data. Here, the data are entered in an input mask and then transmitted to us and stored. The data are only forwarded to service providers that support us in the fulfilment of the aforementioned purposes.The following data are collected as part of the registration process:

  1.  title
  2.  first name
  3.  last name
  4.  email address
  5.  road
  6.  building number
  7.  postcode
  8.  city
  9.  prize game question
  10. receipt

In addition, the following data are stored at the time of registration:

  1. quiz ID
  2. date and time of registration

You give your consent to the processing of these data as part of the registration process. The legal basis for processing your data, when consent is provided, is Article 6(1.)(a) GDPR.You may cancel your registration at any time. You may also have the data stored about you modified at any time. The data are deleted immediately when no longer required for the purpose of collection. This is the case for data collected during the registration process if the promotion has ceased or the statutory retention periods have expired. As a user, you may opt out of the promotion at any time. To do this, please send an email to privacy@compo.be. We will then delete all the data specified by you, unless statutory retention periods prevent us from doing so.

2.4. CONTACT FORM AND EMAIL CONTACT

Our website contains contact forms that can be used for electronic communication. If you make use of this option, then the data entered in the input mask will be transmitted to us and stored. Such data include:

  1. first name
  2. middle name
  3. last name
  4. email address
  5. road and building number
  6. postcode
  7. city
  8. phone number (queries)
  9. fax
  10. your message/question
  11. picture

As part of the sending operation, your consent will be obtained and you will be referred to this Data Privacy Statement for the processing of your data.

Alternatively, contact can be initiated using the email address provided. In this case, the personal data transmitted with your email address will be stored. Data will not be passed on to third parties in this instance. It will only be used for the purpose of processing the correspondence.

The legal basis for the processing of data with your consent is Article 6(1.)(a) GDPR. The legal basis for the processing of data transmitted when sending an email are our legitimate interests. If the email contact is geared towards the conclusion of a contract, then the additional legal basis for processing shall be Article 6(1.)(b) GDPR.

The processing of personal data in the input mask is for the sole purpose of facilitating communication. The legitimate interest also concerns the processing of data in the case of communication by email. The remaining personal data processed during the sending operation are used to prevent misuse of the contact form and to ensure the security of our IT systems.

The data will be deleted if no longer required for the purpose of its collection. This is the case for personal data entered in the input mask of the contact form and data sent by email if the respective correspondence with you, the user, has concluded. This is the case where circumstances make clear that the matter in question has been resolved. You may withdraw your consent to the processing of personal data at any time. You may object to the storage of your personal data at any time by sending us an email. Correspondence cannot be continued in such cases. To do this, please send an email to privacy@compo.be. All personal data stored during this period of communication will be deleted in such cases, unless statutory retention periods apply at the time.

2.5. DISCLOSURE OF PERSONAL DATA TO SERVICE PROVIDERS

When making use of the technical support services of our contract partners or during co-operation with our hosting partners, for example, it is possible that personal data may be viewed by these service providers.We currently co-operate with the below service providers for the following reasons:

Episerver: Email forwarder
Episerver is an email marketing service provider based in Berlin, among other places. We use this partner for sending newsletters (see section 2.4) and campaign emails, for example. Episerver data protection information can be found at: https://www.episerver.de/legal/privacy-statement/.

Adacor and Host Europe: Hosting
Adacor is our Essen-based hosting partner. Adacor's data centres are located in Frankfurt am Main. You can access the data protection information here: https://www.adacor.com/datenschutz/.

Nexum: Administrative, troubleshooting and support services
Nexum is our IT consultant. The company is based in Germany. You can find the data privacy statement here: https://www.nexum.de/datenschutz.If your data are processed by these service providers, it will normally only be data that you have made available to us, e.g. for making contact electronically or other reasons mentioned above.The legal basis for the temporary processing of your data for the above purposes are our legitimate interests (Article 6(1.)(f) GDPR). We would not be able to provide you with the website and services offered if we did not co-operate with our service providers.Processing the personal data enables us to continue corresponding with you by email and to offer and make available our website.The data will be deleted if no longer required for the purpose of its collection. Accordingly, in the case of a support service, the data are deleted immediately after completion by the service provider. In this regard, please also note the information on the descriptions mentioned in section 2 concerning data processing, as well as the options of objection and disposal.

2.6. USE OF GOOGLE MAPS FOR POSTCODE SEARCHES AND CALCULATING ROUTES

We make use of the Google Maps service on this website. This makes it possible for us to display interactive maps directly on the website and enable you to use the map function easily.When you visit this website, Google receives information that you have opened the corresponding subpage of our website. In addition, the following data are transmitted:

This takes place regardless of whether or not Google has provided a user account that you are logged on with. If you have logged on at Google, your data will be directly associated with your account. If you do not wish for association with your profile on Google to take place, then you must log out before activating the button. Google stores your data in the form of usage profiles. It then uses the data for advertising, market research and/or the demand-driven design of its website. The main purpose of assessments like this (even for users not logged on) is to provide demand-driven advertising and to inform other social network users about your activities on our website. You have the right to object to the creation of such user profiles, which must be lodged with Google directly.

3. WHAT RIGHTS CAN YOU ASSERT?

You have several rights concerning the information we hold about you. We would like to inform you that you have the right to:

You have also the right to object at any time to the processing of personal data for direct marketing. If you do not want to continue receiving any direct marketing from us, you can contact us (see below) or click on the unsubscribe function in any such communication. In that event, the personal data shall no longer be processed for such purposes.If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Data Protection Authority (“DPA”) in your jurisdiction. If you would like to be directed to the appropriate DPA, please contact us.Please contact our data protection officer to exercise your rights for queries in this regard.

4. DO I HAVE TO PROVIDE MY PERSONAL DATA?

In the context of our business relationship, you must provide such personal data as are required for the establishment and implementation of a business relationship and for the fulfilment of associated contractual obligations or for whose collection we are legally required. We would normally be forced to refuse conclusion of the contract or execution of the order or unable to continue implementing an existing contract and possibly have to terminate it without these data.

5. IS THERE AUTOMATED DECISION-MAKING?

No. For the establishment and implementation of business relationships, at present, we do not use any fully-automated decision-making processes pursuant to Article 22 GDPR. Profiling does not take place.

6. INFORMATION ON YOUR RIGHT TO OBJECT ACCORDING TO ARTICLE 21 GDPR

Right to object based on an individual case
You have a permanent right to object – on grounds relating to your particular situation – to the processing of personal data concerning you, which is based on Article 6(1.)(e) GDPR (data processing in the public interest) and Article 6(1.)(f) GDPR (data processing based on legitimate interests). That also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.We shall no longer process your personal data if you lodge an objection, unless we can demonstrate compelling legitimate grounds for its processing, which override your interests, rights and freedoms or such processing is used for the establishment, exercise or defence of legal claims.

Recipient of the objection
The objection may be filed without any form requirement using the subject 'Objection' and specifying your name, address and date of birth, and should be sent to:

COMPO Benelux nv
Venecolaan 56B-9880 Deinze
+32(0)9/311 00 00privacy@compo.be

7. MORE INFORMATION

If you require information not contained in this Data Privacy Statement or if you would like to receive additional information at a later date, please contact our data protection officer, who will be pleased to assist.