Voor de nederlandse versie van de privacy policy, klik hier.

1. Parties and subject matter

GROW BV (hereinafter “GROW” or the “Processor”)          
Sint-Servaasstraat 76, 3500, Hasselt, Belgium

KBO/ VAT: BE0760.445.752    
E-Mail: dpo@grow.eu.com  
Phone: +32489712758

GROW establishes this Privacy Policy, which aims to transparently inform Users about the website hosted at the following address: https://grow.eu.com, (hereinafter the “Site”), and about how personal data is collected and processed by GROW.

The term “User” refers to any user, whether a natural or legal person, who visits the Site or interacts with the Site in any way.

In its capacity as data controller, GROW determines all the technical, legal and organizational means and the purposes for processing the personal data of the Users. GROW undertakes to take all necessary measures to ensure that the processing of personal data takes place in accordance with the Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data (hereinafter the “Law”) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (i.e. the General Data Protection Regulation (AVG) or “GDPR”; hereinafter the “Regulation”).

GROW is free to choose a natural or legal person to process the users’ personal data at its request and on its behalf (hereinafter the “Processor” or “Subcontractor”). Where appropriate, GROW undertakes to select a Processor that provides sufficient guarantees regarding the technical and organizational measures for the processing of personal data, in accordance with the Law and the Regulation.

2. Processing of Personal Data

The use of the Site by Users may result in the collection of personal data. The processing of this data by GROW, in its capacity as Processor or by service providers acting in the name and on behalf of GROW, is done in accordance with the Law and the Regulation.

Personal data is processed by GROW, in accordance with the purposes set out below, through the following methods:

Use of cookies, storage of data in internal CRM system, storage of contact data on a central server, automation for creation of invoices and sending mails, printing of documents where personal data is mentioned such as invoices, letters, communications,… Data are also processed in the presentation of advertisements, these follow the guidelines of the relevant social media platform.

3. Purpose of processing personal data

In accordance with Article 13 of the Regulation, the purposes of processing personal data are communicated to the User. Those purposes are the following:

Performance of the agreed and offered service mentioned on the site; Legal obligations for record keeping.

4. Personal data that may be processed

The User agrees that, during the visit and use of the Site, GROW collects and processes the following personal data:

name, address, email address, telephone number, user name, date of birth, bank account number, information for services provided, and for business customers VAT, VAT or KVK number, information around employees within your company to contact for our services.

GROW collects and processes these personal data in accordance with the conditions and principles described in this Privacy Policy.

5. Consent

By accessing and using the Site, the User declares that he/she has read and given his/her free, specific, informed and unequivocal consent to the processing of his/her personal data. This agreement relates to the contents of this Privacy Policy.

Consent is given by the positive and active act by which the User accepts the Privacy Policy during the selection of the pop-up of the cookies policy. This consent is an essential condition for performing certain actions on the Site or for enabling the User to enter into a contractual relationship with GROW. Any agreement that connects GROW and a User with respect to the services and goods offered on the Site is subject to the User’s acceptance of the Privacy Policy.

The User agrees that, in accordance with the terms and principles set forth in this Privacy Policy, the Processor collects and processes his/her personal data that he/she provides on the Site or in connection with the services offered by GROW for the purposes set forth above.

The User has the right to withdraw this consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing based on the prior consent.

6. Retention period of the personal data of the Users

In accordance with Article 13, paragraph 2 of the Regulation, the Processing Controller shall retain the personal data only for as long as is reasonably necessary to achieve the purposes for which they are processed.

In all cases, this duration shall not exceed 10 years.

7. Recepients of data and disclosure to third parties

Personal data may be disclosed to employees, collaborators, subcontractors, processors or suppliers of GROW to the extent that adequate guarantees are provided for the security of the data and to the extent that they cooperate with GROW in marketing the products or providing services. They act under the direct authority of GROW, and are in particular responsible for the collection, processing or outsourcing of this data.

In all cases, the recipients of the data and those to whom the data is provided comply with the contents of this Privacy Policy. GROW shall ensure that they process this data only for the purposes intended and in a discreet and secure manner.

In the event that the data would be provided to third parties for purposes of direct marketing or prospecting, the User will be informed in advance so that he or she can give the prior and express consent to this use of personal data.

8. Data Protection Officer (DPO)

The following person is appointed as the ‘Data Protection Officer’ or ‘Data Protection Officer’ (hereinafter “DPO”): Julio Sanchez-Tirado.

The DPO’s role is to ensure the proper implementation and compliance with national and supranational provisions on the collection and processing of personal data.

You can contact the DPO as follows:

dpo@grow.eu.com (during office hours and only on Wednesdays)

9. Rights of Users

Users may exercise their rights at any time by sending a message by e-mail to the following address: dpo@grow.eu.com, or a letter by post accompanied by a copy of their identity card to the following address: Sint-Servaasstraat 76, 3500, Hasselt, Belgium.

9.1. Right of access

In accordance with Article 15 of the Regulation, GROW guarantees the User’s right of access to their personal data. The User has the right to access this personal data and the following information:

the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data have been or will be disclosed;
in case the recipients are located in third countries or international organizations, the appropriate or suitable safeguards;
if possible, the proposed storage period for personal data or, if this is not possible, the criteria by which this period will be determined;
the existence of automated decision-making, including profiling, as referred to in Article 22(1) and (4) of the Regulation, and, at least in such cases, relevant information on the underlying logic, as well as the importance and the likely consequences of such processing for the data subject.

The Processing Controller may require reasonable compensation based on the administrative costs for additional copies requested by the User.

If the User makes this request electronically (e.g., via email address), the data will be provided in electronic form and for general use, unless the User requests otherwise.

The copy of the data will be communicated to the User no later than one month after receipt of the request.

9.2 Right to rectification.

GROW guarantees the right to rectification and deletion of personal data to the User.

In accordance with Article 16 of the Regulation, incorrect, inaccurate or irrelevant data may be corrected or deleted at any time. The User shall first make the necessary changes himself from his user account, unless they cannot be made independently, in which case the request may be addressed to GROW.

In accordance with Article 19 of the Regulation, the Processor shall notify each recipient to whom the personal data has been provided of any rectification of the personal data, unless such rectification proves impossible or requires disproportionate efforts. The controller shall provide the data subject with information on these recipients if the data subject so requests.

9.3. Right to erasure

The User has the right to obtain the deletion of his/her personal data as soon as possible in the cases specified in Article 17 of the Regulation.

Where the Processing Controller has disclosed the personal data and is obliged to erase it under the previous paragraph, the Processing Controller shall, taking into account available technologies and implementation costs, take reasonable measures, including technical measures, to inform other controllers processing such personal data that the data subject has requested by such controllers to erase the link with such personal data or a copy or reproduction thereof.

The two preceding paragraphs shall not apply to the extent that such processing is necessary:

the exercise of the right to freedom of expression and information;
to comply with a legal obligation to process under Union law or the law of the Member State to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
the establishment, exercise or defense of legal claims.

In accordance with Article 19 of the Regulation, the controller shall notify each recipient to whom the personal data have been disclosed of any deletion of personal data or any restriction on their processing, unless such disclosure proves impossible or involves a disproportionate effort. The controller shall provide the data subject with information on such recipients if the data subject so requests.

9.4. Right to restrict processing

The User has the right to restrict the processing of his/her personal data in the cases listed in Article 18 of the Regulation.

In accordance with Article 19 of the Regulation, the controller shall notify each recipient to whom the personal data has been disclosed of any restriction on the processing carried out, unless such disclosure proves impossible or involves a disproportionate effort. The controller shall provide the data subject with information on such recipients if the data subject so requests.

9.5 Right to data portability

In accordance with Article 20 of the Regulation, Users have the right to receive from GROW their personal data in a structured, commonly used and machine-readable format. Users have the right to transfer this data to another data controller without preventing GROW from doing so, in the cases provided for in the Regulation.

When the User exercises its right to data portability under the previous paragraph, it has the right to have personal data transferred directly from one Processing Controller to another, as far as this is technically possible.

The exercise of the right to data portability does not affect the right to erasure. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

The right to data portability does not affect the rights and freedoms of third parties.

9.6 Right of Objection and Automated Individual Decision Making

The User has the right to object at any time to the processing of his/her personal data due to his/her particular situation, including the automation of data by GROW. In accordance with Article 21 of the Regulation, GROW will no longer process personal data unless there are legitimate and compelling grounds for the processing that override the interests and rights and freedoms of the User, or for the establishment, exercise or defense of legal rights.

When processing personal data for prospecting purposes, the User shall have the right to object at any time to the processing of personal data concerning him/her for such prospecting purposes, including profiling in so far as it relates to such prospecting.

Where the data subject objects to the processing for the purpose of prospecting, the personal data shall no longer be processed for that purpose.

9.7 Right of Complaint

The User has the right to lodge a complaint regarding the processing of his personal data by GROW, to the Data Protection Authority competent for the Belgian territory. More information can be found on the website: https://www.gegevensbeschermingsautoriteit.be/.

Complaints can be lodged at the following addresses:

Data Protection Authority      
Rue de la Press 35, 1000 Brussels        
Tel. + 32 2 274 48 00    
Fax. + 32 2 274 48 35  
E-mail: contact@apd-gba.be

The User may also submit a claim for cessation to the President of the Court of First Instance of his place of residence.

10. Cookies

The Site uses cookies to distinguish Users of the Site. This allows for a better browsing experience and improvement of the Site and its content for the Users. The purposes and methods of cookies are included in this article.

10.1 General Principles.

A “Cookie” is a file that is temporarily or permanently placed on the User’s device when viewing the Site for the purpose of a subsequent connection. Cookies allow the server to recognize the User’s device.

Cookies may also be installed by third parties with whom GROW works.

Some of the cookies used by GROW are necessary for the proper functioning of the Site, others are necessary to improve the User’s experience.

The User can modify or disable cookies.

By using the Site, the User expressly consents to the management of cookies as described in this article.

10.2 Types of cookies and intended purposes

Different types of cookies are used by GROW on the Site:

Technical cookies: these are necessary for the operation of the Site, allow the communication of the data entered and are intended to facilitate the User’s navigation;
Analytical and audience cookies: these cookies allow the recognition of the User and are used to count the number of Users of the Site over a given period. Since they also indicate browsing behavior, they are an effective way to improve the User’s browsing experience by displaying proposals and offers that may be of interest to the User. They also allow GROW to identify and correct any bugs on the Site;
Functional cookies: these cookies facilitate the use of the Site by preserving certain entered choices (for example, the username or language);
Tracking cookies: GROW uses tracking cookies through Google Analytics, to measure users’ interaction with the content of the Site and produce anonymous statistics. These statistics allow GROW to improve the Site. Google supports the explanation of these cookies at the following address: http://www.google.nl/intl/en_uk/policies/privacy/.

10.3 Retention Period of Cookies

Cookies are kept for the time necessary to achieve the intended purpose. The cookies that can be stored on the User’s hard drive and the storage period are as follows:

As long as the User himself does not delete the cookies. Please consult the help function of your browser to learn more about this.

10.4 Management of cookies

If the User does not want the Website to place cookies on his hard drive, he can easily manage or delete them by adjusting his browser settings. By programming the browser, the User can also receive a notification as soon as a website uses cookies and thus decide whether to accept or reject them.

If the User disables certain cookies, he accepts that the Site may not function optimally. Some parts of the Site may not be usable, or may be partially usable.

If the User wishes to manage and/or delete certain cookies in this manner, he/she can do so through the following link(s):

For Users with Browser:

Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
Microsoft Edge: http://windows.microsoft.com/en-gb/windows-10/edge-privacy-faq
Chrome: https://support.google.com/accounts/answer/61416?hl=fr
Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
Safari: https://support.apple.com/kb/ph21411?locale=fr_CA

If the User refuses to allow the use of Google Analytics cookies, he or she is invited to configure his or her browser to do so at the following website: http://tools.google.com/dlpage/gaoptout.

11. Limitation of the processor’s liability

The website may contain links to other third-party websites that are not linked to GROW. The content of these sites and compliance with the Regulation and the Act are not the responsibility of GROW.

The holder of parental authority must give his or her express consent to the minor under 16 years of age to disclose personal information or data through the Site. GROW strongly recommends that persons exercising parental authority over minors promote responsible and safe use of the Internet. The Processor shall not be held liable for the collection and processing of personal information and data of minors under 16 years of age whose consent is not effectively covered by that of their legal parents, nor for incorrect data – particularly with regard to age – entered by minors. In no case will personal data be processed by the Processor if the user indicates that he/she is under 16 years of age.

GROW is not responsible for loss, damage or theft of personal data, in particular due to the presence of viruses or following computer attacks.

12. Safety and Security

The Processor shall implement technical and organizational measures to ensure an appropriate level of security for the processing and collection of data. These security measures depend on the implementation costs related to the nature, context and purposes of the processing of personal data.

The Processing Controller uses standard encryption technologies within the IT sector when transferring or collecting data on the Site.

13. Amendments to the privacy policy

GROW reserves the right to amend this Privacy Policy in order to comply with legal obligations in this regard. The User is therefore invited to regularly consult the Privacy Policy in order to be informed of any changes and amendments. Such changes will be posted on the Site or sent by email to ensure objectionability.

14. Applicable law and competent court

This Privacy Policy is governed exclusively by Belgian law. Any dispute will be submitted to the courts of the judicial district of GROW’s registered office.

15. Contact

For any question or complaint regarding this Privacy Policy, the User may contact the Controller at the following address: dpo@grow.eu.com.