Privacy Policy

SonIT determines the purposes for which and the means by which personal data is processed.

This privacy policy is as such applicable to SonIT acting as a data controller for the processing of data of the website visitors, its clients and providers.

SonIT is committed to process your personal data, information by which you may be identified, with care, to take the appropriate measures to prevent misuse, loss, unauthorised access, unwanted disclosure and unjustified modification and any other unauthorised processing.

SonIT processes your personal data taking into account the following principles mentioned in the applicable laws: fairness, lawfulness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality.

By way of this privacy policy SonIT would like to inform you of:

what and how personal data is collected;
for what purposes your personal data is used as well as the legal basis;
how the personal data is protected;
to whom we disclose your personal data;
whether your personal data is transferred outside of the European Economic Area (EEA); and
how long the data is stored.

Furthermore, it will be explained how you can exercise your rights related to the collected information.

This transparency ensures that you are able to take informed decisions when transferring your personal data.

SonIT can modify this privacy policy at any time. SonIT will publish the latest version of the privacy policy on its website. As such it is advisable to consult this policy periodically.

If, following the applicable laws, your prior consent would be required for making changes to this privacy policy, SonIT will contact you and await your consent.

What personal data is collected by SonIT?

SonIT limits the collection of personal data to what is necessary to comply with the purposes mentioned below.

SonIT processes the following personal data:

Category 1

For what concerns the processing of personal data of (contact persons) of customers and prospects of SonIT:

Generic personal data: first name, last name, address, phone number(s), email address and function (in case of a professional client);
Bank account details such as bank account number (not applicable in case of prospects).

Category 2

For what concerns the processing of personal data of (contact persons) of providers and other business contacts of SonIT:

Generic personal data: first name, last name, address (as the case may be), phone number(s), email address and function;
Bank account details such as bank account number (in case of an actual cooperation).

Category 3

For what concerns the processing of personal data of website users of SonIT:

In case you register for our newsletter: first name, last name, e-mail address (optional: company name and function) and other details received from our mailing provider such as whether or not you opened the email;
In case of contacting us through the contact form: email address and your message (first name and last name are optional);
In case you browse our website, we may capture behavioural personal data such as your browsing history and your IP address, in principle through cookies;

In this context SonIT is also referring to its Cookie Policy.

You may have submitted your personal data to SonIT through our SonIT website, by emailing us or in any other way.

Please remember to inform SonIT if your personal data has changed and this is relevant for SonIT. In turn, SonIT is committed to keep your personal data accurate.

If you prefer not to transfer data SonIT may not be able to deliver the requested services (adequately).

For what purposes is your personal data used by SonIT and based on which legal basis?

Customer management

Relevant categories: 1 and 3

Firstly, SonIT uses your personal data to be able to deliver you the services and for proper customer management. SonIT needs the information to be able to execute the agreement correctly or to be able to enter into an agreement with you (precontractual communication).

Provider and business contact management

Relevant categories: 2 and 3

Firstly, SonIT uses your personal data to be able to communicate with you on the products and services its service providers offer and so in general for proper provider and business contact management. SonIT needs the information to be able to execute the agreement correctly or to be able to enter into an agreement with you (precontractual communication).

Optimisation of the services and security and statistics

Relevant categories: 1, 2 and 3

Of course we are entitled to optimise and secure our tools such as the website and services. This is in principle based on SonIT's legitimate interest.

For processing more than strictly necessary cookies SonIT will await your consent. In this context SonIT is referring to its Cookie Policy.

SonIT may process analytical cookies to track the browsing history on its website in order to optimise the browsing experience.

Marketing by SonIT

Relevant categories: 1, 2 and 3

If you are a client of SonIT, we may send you online marketing communication such as newsletters regarding the promotion of identical or similar services or products. This based on the legitimate interests of SonIT. You may at all times use your right to object to the receipt of such information.

If you are not a client of SonIT, you may register on our newsletter through our website and SonIT will ask your first name, last name, email address and optional your company name and function. You may unsubscribe at all times.

Our website may process marketing cookies. Marketing cookies may at all times be refused. These marketing cookies may be used to show you digital advertisements linked to the providers of those accepted marketing cookies on social media. In this context, we would like to refer to our Cookie Policy.

Compliance with applicable legal provisions and safeguarding rights

Moreover, SonIT uses your data to comply with the applicable legal provisions.

E.g. legislation regarding invoices.

SonIT also processes your personal data to safeguard its rights.

E.g. in case of a claim your personal data will be used to send you the necessary communication.

If SonIT would process your data based on a different legal basis or for another purpose, it will transfer all relevant information related hereto prior to such transfer and SonIT will ask your consent, if required.

SonIT is not making use of automated decision-making, including profiling, on which decisions are based that produce legal effects or similarly significantly affect you.

What protection measures has SonIT implemented?

SonIT has implemented administrative (such as the use of passwords or signing of non-disclosure agreements if needed), organisational (e.g., appropriate method of storage, periodic back-ups, limiting the access to the persons that need the information) as well as technical (e.g. antivirus programmes, secure network connections by making use of a Secure Socket Layer (SSL)) measures to protect your personal data.

SonIT is committed to periodically check the measures implemented and to continue to take the appropriate measures, always taking in to account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

SonIT's website may contain links, plug-ins to external websites. If you transfer your personal data to those websites, the privacy rules of such websites apply, and those parties will act as the main controllers.

Whom is SonIT disclosing your personal data to?

SonIT only discloses your data to external providers who help SonIT execute the services e.g. subcontractors, IT-providers, accountant.

SonIT will not sell, rent, distribute or otherwise commercially exploit your personal data, except as described in this privacy policy.

SonIT will make the necessary arrangements with them (such as the conclusion of a data processing agreement). They will only receive the personal data needed to execute their services and may only use the data to execute their services. However, for what concerns the processing of data by payment providers we also refer to their privacy policy.

It is also possible that we transfer your personal data to new owners in the context of a transfer of our enterprise.

Lastly, SonIT may share your personal data with the relevant authorities following an order or to comply with mandatory legislation. SonIT will inform you prior to the submission if this is allowed.

Is your personal data transferred outside of the EEA?

SonIT may transfer your personal data to other countries. In case of a transfer to countries outside of the EEA, SonIT will continue to take the necessary measures to safeguard your rights related to personal data and ensure the protection and the integrity of the data. In principle SonIT is transferring your personal data outside of the EEA based on an adequacy decision or by using the standard contractual clauses as approved by the European Commission.

How long does SonIT store your personal data?

SonIT will not store your personal data longer than necessary.

Personal data of prospective clients are deleted three (3) months after the last contact.
Personal data of clients and providers is deleted three (3) years after the last contact.
If you subscribed to newsletter, SonIT will retain your personal data until you unsubscribe.

Furthermore, SonIT stores the personal data to comply with the legal provisions such as the fiscal provisions related to the storage of data. In this context SonIT may process the data for seven (7) years after the first of January of the following year.

SonIT is also retaining the necessary details to protect its rights in case of claims (e.g., ten (10) years for contractual liability).

We also refer to the retention periods mentioned in our Cookie Policy.

What rights do you have?

You have several rights:

1. Right to access and right to obtain a copy

At any time, you can request to access your personal data.

SonIT will then send you a free copy within a reasonable time.

2. Right to withdraw consent, rectify, erase and restrict

Furthermore, you can request to rectify or erase your personal data or to restrict the processing (such as in case SonIT is checking on the correctness of your personal data) or withdraw your consent related to the use or processing (if applicable).

3. Right to object

In certain circumstances you may object to the processing if you have sound and lawful reasons to do so. Such as in the context of direct marketing.

4. Right to data portability

You have the right to receive the personal data in a structured, commonly used, and machine-readable format and to transmit such data to another controller.

5. Right to lodge a complaint with the competent authority

Moreover, you can always lodge a complaint with the competent authorities. For Belgium this is the Data Protection Authority, Drukpersstraat 35, 1000 Brussels, Tel +32(0)22744800, Fax +32(0)22744835, contact@adp-gba.be.

You may also file a claim in court.

This all within the framework and limits of the applicable laws.

Applicable laws and jurisdiction

Belgian laws, especially the General Data Protection Regulation and the supplementing Belgian legislation, apply to this privacy policy and the processing of the personal data.

Preferably all complaints will be handled in an amicable way. If this would be impossible, for all complaints following this privacy policy and the processing of your personal data the courts of the district of the registered office of SonIT will have exclusive jurisdiction, unless applicable laws would prohibit.

Contact

Do you have questions, would like to submit a request or a complaint related to this privacy policy or the processing of your personal data?

Please contact SonIT through info@son-iq.be. You can also reach SonIT through normal mail through its registered office mentioned above.

SonIT will reply as soon as possible and normally within one month. Exceptionally this may take longer (max up to three (3) months). If so, SonIT will contact you accordingly.