Privacy policy Sevendays

Summary

What? This Privacy Policy explains how we collect, store, and use your personal data.

Who are we? Seven Days Digital, a private limited liability company represented by Max Acke, located at Regine Beerplein 1 D201, 2018 Antwerp, and operating under company number BE.0650.950.469.

What data do we process? Basic identification data (name, address, email, preferences), financial data, and browsing behavior.

For what purposes do we process these? To provide our services to you, communicate about our services, analyze the website, and for marketing and communication purposes.

How long do we process your data? For the duration of the execution of the agreement. Certain data need to be retained longer for social or fiscal reasons.

Questions? You can send us your question via email at info@sevendays.be.


Article 1. The Privacy Policy of Sevendays

Seven Days Digital (hereinafter: “Sevendays”) values the privacy and protection of your personal data. Sevendays aims to inform, respect, and give control to its Customers and users of its Services regarding what happens to their data. Sevendays strives to manage and use its customer data securely, respectfully, and responsibly to better serve its Customers and offer the best possible experience. Sevendays operates on the principle that everyone should have control over their Personal Data. Below you will find information about what data Sevendays collects, why, for how long, and how you can control this.

With this privacy statement (hereinafter “Privacy Statement”), Sevendays wants to inform the user in detail about the processing of their personal data and associated rights when using the website (hereinafter “Website”) and using our services (hereinafter “Services”).

In this Privacy Statement, the following terms are understood as follows:

- Sevendays: Sevendays, a private limited liability company represented by Max Acke, located at Regine Beerplein 1 D201, 2018 Antwerp, and operating under company number BE.0650.950.469.

- Sevendays Website: the website of Sevendays, accessible via the domains www.sevendays.be and related subsites.

- Services: the products and/or services that Sevendays will deliver to Customer under an Agreement. The exact definition is described in Article 1 of the additional terms of the relevant service.

- Privacy Policy: the provisions from this document.

- Customer: the natural or legal person with whom Sevendays has concluded an Agreement. It also includes those negotiating with Sevendays about this, as well as their representatives, authorized persons, successors, and heirs.

- GDPR: General Data Protection Regulation, including the implementing law of this regulation.

- Personal Data: 'all information about an identified or identifiable natural person, whereby an identifiable natural person is considered one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, an online identifier, or one or more elements specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.'

- Processor: 'processor' as defined in the GDPR.

- Processing: 'processing' as defined in the GDPR.

- Controller: 'controller' as defined in the GDPR.

By using certain features of the Website, Sevendays gains access to your personal data, which it will process with respect for user privacy and in compliance with the law of 8 December 1992 on the protection of privacy in relation to the processing of personal data, which will be replaced by the (European) General Data Protection Regulation (‘GDPR’ better known as ‘AVG’) from 25 May 2018.

The European General Data Protection Regulation 2016/679 of 27 April 2016 (“General Data Protection Regulation”), the law of 8 December 1992 (“Privacy Law”), the law of 13 June 2005 (“Electronic Communications Law”) and associated implementing decisions, as well as any future amendments thereof, regulate the protection of personal data.

For more information about privacy and data protection, you can always visit the website of the Belgian Commission for the Protection of Privacy (also known as the Data Protection Authority) via the link: https://www.privacycommission.be.

By accepting this Privacy Statement, a general consent is given for all processing described in this Privacy Statement for which consent is required.


Article 2. To whom does this Privacy Statement apply?

This Privacy Statement applies to all our potential, current, and former users of the Website and our Customers.

The Privacy Statement is valid for all pages hosted on the Website and for the registrations of this Website. This does not apply to pages hosted by third parties to which Sevendays may refer and whose Privacy Statement may differ. When you are redirected to another website or application, the Privacy Statement of that other website applies.

This Privacy Statement is an integral part of our General Terms and Conditions. By accessing and using the Website or otherwise providing personal information, you explicitly agree to this Privacy Statement.

Sevendays Website sometimes includes links to third-party sites (social media, organizers of events sponsored by Sevendays) whose terms of use are not covered by this Privacy Policy. Carefully read their personal data protection policies.


Article 3. Who is responsible for processing?

Sevendays, a private limited liability company represented by Max Acke, located at Regine Beerplein 1 D201, 2018 Antwerp, and operating under company number BE.0650.950.469, acts as the controller when processing personal data for which it determines the purposes and means of processing within its own responsibility and authority.

Sevendays is only responsible for the Processing of Personal Data according to its own activities, but not if the Processing occurs under the instructions of the Customer, where this happens under the express (final) responsibility of the Customer. Sevendays has no control over the means and purpose of the Processing of Personal Data processed by Sevendays on behalf of the Customer. In case of Customer instructions, Sevendays does not make decisions about the receipt and use of Personal Data, provision to third parties, and storage duration of Personal Data unless a legal obligation opposes this.


Article 4. What personal data do we process for which purposes when using our website and our Services?

The Personal Data that Sevendays collects and processes mainly concern the data that the Customer enters via various pages of the Sevendays Website and those Sevendays obtains through your use of the Sevendays Website and/or our Services.

This does not change the fact that the Customer has several obligations regarding the Processing of Personal Data, allowing the Customer to use Sevendays’s Services. In this capacity, the Customer must always obtain the legally required consents from the end-users for processing their Personal Data by Sevendays, if necessary, within the scope of Sevendays’s Services.

Sevendays will not process the Personal Data for any other purpose than agreed upon in this Privacy Statement.

  1. Personal data processed when filling out the contact form or visiting the Website: Personal identification data are processed when a visitor contacts Sevendays via a contact form on the Website. This person is seeking more information about Sevendays’s services. This processing is based on the contractual relationship and prior contacts. If you visit the Sevendays Website to gather and/or request information about our Services or, for example, sign up for Sevendays’s newsletter, Sevendays will at least need your address details. All information Sevendays receives about you in this pre-contractual phase is only used to provide you with the requested information, in the manner you prefer. If you eventually decide to become a Customer of Sevendays, Sevendays will ask you for several Personal Data such as name, address, phone number, email address, and will also assign certain data to you, such as login details and a customer number.

  2. Personal data you provide to us: Firstly, we process some of the personal data you have provided to us in the context of our services. For example, we will collect your personal data when you contact us, for example, when you send an email with questions or complaints about our services. Furthermore, we process your basic identification data for managing our customers and suppliers. To use our services, you must provide your data, including some personal data such as your email address, name, address, language preference, and contact details. After providing our services, we may also request additional information to help us deliver more customized services, such as your experiences and suggestions. Our legal basis for this is our legitimate interest and because it is necessary for the execution of the agreement.

  3. Personal data we collect based on your use of the website: We keep technical data about every individual who visits our website. To facilitate navigation on the Website and optimize technical management, the Website uses "cookies." This specifically concerns log file data, such as an IP address, pages opened, mouse clicks, the date and time of your request, your browser, the search engine, browser, device data, and keywords used to find the Website, etc. These data allow us to recognize you and tell us how you use our website, for example, which pages you have viewed. Our legal basis for this is your consent. These analyses allow us to improve the usability of our website and adapt it to your preferences and interests.

  4. Personal data we obtain from third parties: Furthermore, we also process certain data that we obtain from other companies, namely our suppliers. This mainly concerns the basic details of your profile (name, email address, date of birth, postal code, gender). This information includes, among other things, direct identification data, email addresses, and information such as professional background, indications of average age, gender distribution, language preference, and location data. Additionally, we may supplement the personal data we collect with information from other reliable sources, both online and offline data providers. Sevendays will only do this insofar as this data has been lawfully collected by the third party and can also be lawfully shared with us for the purposes we intend. If necessary, Sevendays will obtain explicit consent on-site for this. Our legal basis for this is the performance of the agreement and our legitimate interest.

  5. Personal data we are required to process due to legal obligations: In many cases, Sevendays is legally obligated to retain and/or disclose certain personal data to government authorities, for example, in light of general tax and accounting obligations. In the context of a police or judicial investigation, Sevendays may be required to confidentially disclose certain data to the necessary authorities.

  6. Other purposes based on our legitimate interest or based on the performance of the agreement: To maintain studies, tests, and statistics, for example, trend analysis, Sevendays may use anonymous, aggregated data to report internally and externally on the use of its services. The data used in this process cannot be traced back to an individual. The information Sevendays derives from these analyses is used to evaluate the current service portfolio and Sevendays' processes and to adapt them to new developments. Furthermore, Sevendays may use personal data to evaluate its services and monitor performance. This includes: requesting feedback on services (e.g., through market research), data obtained during responses to customer inquiries, detecting fraud, and quality assurance.

With consent, Sevendays collects personal data to inform you about (new) services from Sevendays. Sevendays may use personal data to offer (in writing, by phone, or electronically) new services or special promotions that Sevendays believes may be of interest to you. You can unsubscribe from these messages, see Article 10 of this Privacy Statement.

In some cases, Sevendays uses anonymous, aggregated data for commercial purposes or external reporting. This data can never be traced back to an individual.


Article 5. What are cookies?

Cookies are text files placed on your computer to collect standard internet logbook registration, information, and behavioral information. This information is used to track website visitor behavior and to compile statistical reports on website activity.

For more information about which cookies we use, for what purposes, and how long they are stored in your browser, we kindly refer you to our Cookie Statement.


Article 6. Who receives my personal data?

Sevendays

Personal data processed by using the contact form on this website is processed by Sevendays. If Sevendays shares personal data with third parties in any other way, this will be done with explicit communication, explaining the third party, the purposes of the transfer, and the processing. Where legally required, Sevendays will obtain the explicit and unequivocal consent of the data subject. The data subject also always has the opportunity to object (see Article 11 of this Privacy Statement).

Processors

For some aspects of our services, we collaborate with third parties or engage subcontractors. These third parties are always carefully selected, and there is always an agreement between Sevendays and this third party in accordance with applicable legislation.

The customer gives Sevendays permission to use a subcontractor for the processing of personal data within the framework of the agreement, with due observance of applicable privacy legislation. Sevendays will, at the customer's request, provide a list of the subcontractors Sevendays engages in the performance of the agreement. This includes, among other things, temporarily sharing data with third parties for certain tasks or research if we do not have the resources ourselves, such as website hosting, email platforms, helpdesk tools, billing platforms, etc. If we do so, we will always ensure that your data is treated confidentially and used securely. We also always contractually stipulate this with these processors. For example, this processor will never be allowed to use your data on its initiative, and your data must, unless otherwise legally required, be deleted once the processor has completed the task. For more information about our subcontractors, you can always contact us via the contact details under Article 12 of this Privacy Statement.

If you purchase an (online) product or service from a manufacturer or supplier located outside the European Union through Sevendays, additional measures may be required to ensure the security of personal data, such as certification under the EU-US Privacy Shield and/or a processor agreement with model clauses established by the European Commission.

If a person refuses to have their data transferred, it is possible that some services can no longer be offered by Sevendays.

Government authorities

To government authorities and regulators in the context of certain legal obligations, if we suspect and/or try to detect certain criminal offenses, in the context of enforcing intellectual property rights of third parties, if we believe you have violated the terms of use of our website and/or app, or if we wish to enforce our Privacy Statement.

Your personal data will not be disclosed to other external parties without prior consent or notification via this way unless Sevendays is required to do so by a legal provision or court order.

Article 7. How long are my data kept?

Sevendays retains and processes your Personal Data for as long as necessary to achieve the purposes described in Article 4. Sevendays will only retain your personal data for the minimum period necessary to fulfill the purposes set out in this Privacy Statement, unless resolving disputes or a longer retention period is legally required for tax, social, and administrative purposes. Non-personal information can be retained indefinitely for statistical purposes.

Specifically, Personal Data collected via the contact form is stored for 1 year after storage to provide service.

Your data is only actively retained for up to 5 years after your last order of our services. Sevendays will retain your personal data for the period necessary to achieve the intended purposes. Sometimes, we are legally required to retain data for longer periods for tax, administrative, and labor law reasons, up to 10 years, such as invoices or data used in case of a dispute. Sevendays may also retain personal data to answer questions or complaints that may be sent after the termination of its services and to comply with all applicable laws, including tax laws.

Sevendays may not retain personal data longer than necessary to achieve the purpose for which it was collected. In practice, Sevendays retains data and personal information of its customers for as long as necessary to comply with legal accounting and tax obligations, but also out of legal necessity to retain certain data as evidence in disputes. Archived data (data from terminated agreements) is deleted after a maximum period of 10 years.

If you wish to modify your data or have yourself removed from the Sevendays systems, you can contact Sevendays using the contact details provided in Article 12 of this Privacy Statement.

Article 8. Technical and organizational measures and Security

Sevendays takes appropriate organizational and technical measures to secure Personal Data against loss and any form of unlawful Processing. These measures ensure an appropriate level of security considering the risks of the Processing of the nature, extent, and context of the Personal Data to be protected. The customer only makes Personal Data available to Sevendays for Processing if it has ensured that the required security measures have been taken.

Sevendays acknowledges that the security of personal data is part of data protection. Therefore, Sevendays takes appropriate technical and organizational measures to protect your personal data against unauthorized processing or unauthorized access to prevent misuse.

For any transfer of personal data to a processor outside the EEA, Sevendays always does so in accordance with the conditions of this Privacy Statement and follows applicable data protection laws to ensure adequate safeguards.

Sevendays only retains personal data of its customers, which are also secured by its own security infrastructure. Sevendays strives to store all data it possesses (data, personal data, etc.) in the safest possible manner, both in its physical offices and on its network.

Sevendays uses various technical measures to protect personal data, such as: password security, encryption software, firewalls, antivirus, and intrusion and anomaly detection. In the event of a data breach with adverse consequences for personal data, the customer will be personally notified under the circumstances provided by law. Sevendays strives to protect Personal Data and privacy at all times, both in the physical offices and on the Sevendays network.

The existence and content of personal communication that takes place via the Sevendays network (for example: email traffic, hosting, etc.) is protected by the provisions of telecommunications confidentiality. This means that Sevendays and its employees may not take note of the existence or content of such communication except under the exceptions listed by law.

Sevendays employees are trained to handle confidential data correctly. In privacy-sensitive projects, an assessment is also made regarding security and the protection of Personal Data. Furthermore, Sevendays uses various technical measures to protect Personal Data, such as: password security, encryption software, firewalls, antivirus, and intrusion and anomaly detection. The number of Sevendays employees with access to personal information is limited and carefully selected. These employees are granted access to personal information to the extent they need that information to properly perform their duties.

In case of a data breach, Sevendays will make every effort to promptly inform the Customer, after which the Customer will assess whether to inform the supervisory authorities and/or affected parties. The notification obligation only applies if the breach has actually occurred. The Customer will ensure compliance with legal notification obligations. When required by law, Sevendays will cooperate in informing the relevant authorities and, if necessary, the parties involved.

The obligations of Sevendays continue after the termination of the underlying Agreement, insofar as Sevendays still has access to the Personal Data. Upon termination of the Agreement, the Customer is responsible for exporting Personal Data. Sevendays will destroy the Personal Data provided to it immediately or after deleting all backups. Sevendays may deviate from this when there is a legally applicable retention period or to the extent necessary to prove the fulfillment of its obligations to the Customer.

Article 9. How can I exercise my rights?

You can exercise your rights by sending an email to Sevendays. To prevent any unauthorized disclosure of your personal data, it is required to send the request from the email address associated with your account or contact form submission.

Sevendays has one month to respond to your request. This period begins when Sevendays has received your request and has all the required information to fulfill your request.

Sevendays will provide the requested information free of charge. When requests are unfounded or excessive, particularly due to their repetitive nature, Sevendays may charge a reasonable fee or refuse the request.

If, for any reason, you believe that Sevendays has not correctly handled your request, you can contact Sevendays, who will work with you to find a solution.

For completeness, we inform you that if Sevendays does not respond to your request, refuses it, or if our response does not meet your expectations, you always have the right to file a complaint with the Data Protection Authority. Address: Drukpersstraat 35, 1000 Brussels, Tel: +32 (0)2 274 48 00, Email: contact@apd-gba.be.

We do, however, ask you to contact us first. In the event of a dispute, we commit to promoting dialogue and openness to seek an amicable solution. If no amicable solution can be found, the Privacy policy is exclusively subject to Belgian law, and any dispute regarding the validity, interpretation, or execution of the Privacy policy falls under the exclusive jurisdiction of the courts of the judicial district of Antwerp, as far as allowed by applicable rules of private international law.

Article 10. Are my data processed outside Europe?

Your personal data is stored within Europe. Sevendays always strives to process personal data as much as possible within the EEA and only transfers data to a non-EEA country when that country provides an adequate level of protection within the meaning of the GDPR, or within the limits allowed by the same law, for example by ensuring the protection of data through appropriate contractual provisions.

If the Customer transmits Personal Data to countries outside the European Union through the Services, the Customer indemnifies Sevendays against all claims from third parties based on the assertion that these Personal Data are transmitted in violation of the provisions of the GDPR.

Sevendays may process Personal Data in countries within the European Union. The Customer hereby also gives Sevendays permission for the Processing of Personal Data in countries outside the European Union, provided that the requirements regarding transfer to third countries from the GDPR are met. With regard to the international transfer of Personal Data, Sevendays protects all Personal Data in accordance with the level of protection required by European regulations.

Article 11. What rights can I exercise?

Right of access: You have the right to (free) access the data concerning you and to obtain a copy of these Personal Data. You can also ask us:

  • What rights you have;

  • Whether we process Personal Data about you;

  • For what purposes we process them;

  • What categories of Personal Data we process;

  • With which categories of third parties we share your Personal Data;

  • What the origin is of the processed data;

Right to rectification: As a data subject, you have the right to have incomplete, incorrect, inappropriate, or outdated Personal Data corrected or supplemented. For this, you can contact our customer service from a registered address. To keep your data up-to-date, we ask you to inform us of any changes, such as in case of a move.

Right to data erasure: You have the right to obtain the erasure of your Personal Data without undue delay if and insofar as:

  • The Personal Data are no longer necessary for the purposes;

  • There is no longer a legal basis;

  • You object to the Processing, and there are no overriding legitimate grounds for the Processing by Sevendays;

  • The Personal Data have been unlawfully processed; or

  • The Personal Data must be erased to comply with a legal obligation imposed on Sevendays.

Sevendays will send you a confirmation message after executing a request for deletion. In the case of partial deletion, Sevendays will also explain why the request could not be fully met.

It is possible that, depending on the nature of the request, some Services can no longer be offered by Sevendays. Sevendays may also not always be able to delete all requested data, for example, to comply with legal obligations (to meet accounting and tax obligations, Sevendays is, for example, required to retain invoicing data for at least 7 years).

Right to restriction of processing: As a data subject, you also have the right to obtain the restriction of the Processing of your Personal Data from Sevendays, if and insofar as one of the following elements applies:

  • You contest the accuracy of the Personal Data, in which case the Processing is limited for a period that allows Sevendays to verify the accuracy of the data;

  • The Processing is unlawful, and you oppose the erasure of the Personal Data and request the restriction of their use instead;

  • Sevendays no longer needs the Personal Data for the Processing purposes, but you need them for the establishment, exercise, or defense of legal claims;

  • You have objected to the Processing, pending the answer to the question of whether the legitimate grounds of Sevendays outweigh yours.

In case of restriction of the Processing, the data may still be stored by Sevendays.

Right to data portability: For Personal Data that (i) are processed in the context of the execution of the agreement, (ii) have been provided by yourself, and (iii) are processed through automated processes, you have the right as a data subject to obtain these data from Sevendays in a structured, commonly used, and machine-readable format, as well as to request Sevendays to transfer those data directly to another party, if technically possible, if you wish to switch to another provider where the processing is based on the grounds of consent or contractual relationship.

Right to withdraw consent: If the processing of personal data is based on the ground of consent, you, as a user, have the right to withdraw this consent at any time. This can be done by canceling your account.

Right to object: You have the right to object at any time, for reasons related to your specific situation, to the Processing of your Personal Data, which is based on the legitimate interest of Sevendays. If you object, Sevendays will cease the Processing of those Personal Data unless Sevendays demonstrates compelling legitimate grounds for the Processing that outweigh your interests, rights, and freedoms, or that relate to the establishment, exercise, or defense of legal claims.

Article 12. Questions or Contacting us?

Do you have questions or comments about our Privacy Statement? A question or request related to this Privacy Policy can be directed to info@sevendays.be at any time.

Article 13. Changes

We regularly check whether this Privacy Policy complies with the standards set by the GDPR. This Privacy Policy may be amended as our services continue to grow and evolve. Although we will do our best to notify you of significantly changed terms, we recommend that you regularly review this Privacy Policy for any changes. We will then publish the revised version online. Changes will take effect 30 days after we have published the latest version.

The last change was on July 1, 2024. You can always find the most recent version on our Website.