Your privacy and your private data matter to us.
Our commitment in this area is as follows:
1. Respect of your Privacy
1.1.The objective of this Policy on the protection of privacy and the processing of personal data (hereinafter the “Policy”) is to inform you, as a client, a potential future client or other counterparty, about the processing of your personal data and about your rights deriving from the European General Data Protection Regulation n°2016/679 dated of April 27, 2016, the “GDPR”) and other local laws on the Protection of Privacy and Personal Data (“Applicable Laws”). The GDPR only applies to the Processing of Personal Data relating to natural persons.
1.2. We process information about you or any other representatives, in the manner described below.
1.3. We are committed to protecting your privacy and personal data (hereinafter the “Data”) and to respecting your rights. This Policy explains how we process your Data, in accordance with the Applicable Laws.
2. Processing of your Personal Data
2.1. Antique Floors S.A. is considered to be the “Data Controller” with regard to the Processing of your Data. This means that it determines the Purposes and means of the Processing of your Data and that it is first responsible to ensure that the Processing is done in a lawful, transparent and secure manner.
You can reach the Data Controller by email at the following address: firstname.lastname@example.org
2.2. We guarantee that any person having access to your Data and acting under our authority processes your Data in respect of the instructions that we have given them and has committed to respect the confidentiality rules.
2.3. We may call on Processors for the Processing of your Data (e.g. IT, logistics services providers). In such case, we commit to only call on Processors providing sufficient guarantees with regards to the lawfulness, transparency and the security of the Processing of your Data.
2.4. We may also be required to transfer your Data to judiciary authorities, to our lawyers, counsels or other third parties, if we are required to do so by law or if we consider, in all good faith, that such disclosure is necessary to the safeguarding of the rights, property or security of our company. This type of transfer can for example take place in order to comply with a legal procedure. Such transfers will also be made in accordance with our obligations under the Applicable laws.
2.5. We will not transfer your Data outside of the European Economic Area.
3. Categories of Data
3.1. The categories of Data that we collect and process are the following:
Personal Data :
name, address, email, phone
3.2. In addition to listed above, we may process other types of Data relating to you that you may have voluntarily provided to us or that we have deducted or generated from Data that were already in our possession (for example banking details for an invoice).
4. Processing of your Data for specific purposes & required legal basis to do so
4.1. We process Data for the following purposes (“Purposes”)
Management of your demand of information and marketing service.
4.2. We process Data ensuring that one of the following legal bases exist:
The processing is necessary for execution of the demand
You have given your consent for the Processing of your data for a specific purpose
The processing is necessary for the purpose of our legitimate interest.
5. Retention of your data for a limited period and for the specific purposes as defined.
5.1. We only keep your Data for as long as it is required by the purpose of the processing. We will delete or anonymise your Data, as the case may be, as soon as the purpose of the processing or the legal obligation to retain it has disappeared.
6. Your rights
6.1. We have implemented appropriate technical and organizational measures to ensure that your Data is processed in the appropriate security conditions in order to protect it from loss, any unauthorized use, modification or destruction.
6.2. Please remember that, as Data Subject, you can at any time ask us to:
confirm that we actually process Data relating to you and to grant you access;
rectify or complete inaccurate or incomplete Data;
limit the processing of your Data or erase it
You can also object to the processing of your Data and withdraw your consent when processing is based on it (for example if you decide to unsubscribe from the newsletter). In order to guarantee the security of your Data and to avoid any misuse, before responding to your request, we will ask you to provide us with an acceptable proof of your identity and will verity the legitimacy of your request and whether all the conditions have been satisfied. If your request is valid, we will respond within one (1) month from the date of its reception.
We will not respond to excessive requests.
7. Do you still have questions or wish to file a complaint?
7.1. If you have any questions or concerns about the way we process your Data, don’t hesitate to reach us at the email address email@example.com by attaching a recto verso copy of your identity card to your request.
We assure you that we will deploy our best efforts to find a quick and fair solution to any concern that you may submit to us.
7.2. In addition, if you have reasons to believe that the processing of your Data by us infringes the Applicable Laws, you have the right, at all times, to lodge a complaint directly with the supervisory authority of your choice.
You can visit the websites of the Supervision Authority relating to you in order to obtain their up-to-date contact details:
Luxembourg – www.cnpd.public.lu