Rmed values your privacy. Although most of the information on this site is available without requiring personal information, it is possible that the user may be asked to provide personal information. This information will only be used to keep you informed about our activities. The user may, free of charge and on request, object to the use of his data for direct marketing purposes. To this end, he must contact Rmed. Your personal data will never be passed on to third parties.
In accordance with the law of 08/12/1992 on the processing of personal data, the user has the legal right to check and correct his personal data. Subject to proof of identity (copy of identity card), you can obtain written notification of your personal data by means of a written, dated and signed request to Rmed. If necessary, you can also ask to correct data that is incorrect, incomplete or irrelevant.
Rmed may collect anonymous or aggregated data of a non-personal nature, such as the type of browser or IP address, the operating system you are using or the domain name of the website that enabled you to navigate on our website or through which you leave it. This enables us to constantly optimise our website for users.
The use of "cookies"
What personal data is collected?
- The data that the customer provides with the online form.
- The data provided by the customer in the context of the execution of an order.
- The data collected are: surname, first name, postal address, email address and telephone number.
- In an effort to secure our computer systems, the web server to which you connect will collect and store your public IP address in activity logs.
How is your personal data used?
- The personal data provided by the customer is managed by the data controller whose identity is LightSpeed and RMed.
- The personal data collected and processed in connection with your file are strictly confidential. These data are collected and gathered for statistical, accounting and good management purposes of your file.
How to access your personal data?
- If you have any questions about your rights regarding your personal data, please contact RMed.
- In accordance with Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and in accordance with the Law of 8 December 1992 on the protection of privacy with regard to the processing of personal data, the client has a right of access to the data as well as a right of rectification (Contact RMed). He may also object to the use of this data for purposes other than the proper management of his file, if necessary.
- Where the grounds provided by law apply, the client has the right to obtain from the controller the erasure of personal data concerning him/her as soon as possible and the controller has the obligation to erase such personal data as soon as possible.
- The customer must prove his identity to the data controller in order to assert his rights.
Where is your data stored?
- Customer personal data is stored in our databases located exclusively within the European Union.
Is your personal data stored securely?
- RMed is committed to implementing all appropriate and reasonable technical and organisational measures to ensure the protection of customer data. In this respect, RMed is committed to an obligation of best endeavours.
How long is your data kept?
- The personal data of customers is stored in our databases located exclusively within the European Union.
Is your personal data stored securely?
- RMed undertakes to implement all appropriate and reasonable technical and organisational measures to ensure the protection of customer data. In this respect, RMed is committed to an obligation of best endeavours.
How long is your data kept?
- The data collected through the online form will not be kept if it does not result in a contract/service between RMed and the customer.
- Personal customer data is kept for a maximum of 10 years after the end of the contractual relationship between the customer and RMed.
- Once the deadline has expired, the accounting data are archived and the other data are either deleted or made unavailable (anonymisation).
Complaints and claims
- The client may lodge a complaint with the Belgian Commission for the Protection of Privacy at the following address:
Commission for the Protection of Privacy
Rue de la Presse, 351000 Brussels
Phone + 32 2 274 48 00
Fax + 32 2 274 48 35
- The data controller reserves the right to modify the provisions of this charter at any time, in particular as a result of changes in the relevant legislation in force.
General regulations on data protection
With the entry into force of the new Data Protection Regulations (in English :
"The provisions described below will apply to the parties as of 25 May 2018.
Capitalized terms used have the meaning given to them in Article 1 below.
Personal Data under common control: Personal Data from the Client that may be shared with RMed (part of DécoJumbo sprl) each as far as he is concerned, in the context of the sale and provision of services in the treatment of sleep apnea, snoring, bruxism and all other activities related to respiratory or other assistance.
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person means a person who can be identified, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an on-line identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject: any identified or identifiable natural person about whom Personal Data is collected.
Data Protection Regulations: the Personal Data Protection Act of the country in which the Data Controller is established. If the Data Controller is established in a Member State of the European Union (hereinafter the "EU Controller"), the applicable Data Protection Law shall mean the DPA, as well as all additional regulations and rules in force in the relevant Member State(s) of the European Union governing the Processing.
DPMR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
Data controller: any natural or legal person, public authority, agency or any other body which alone or jointly determines the purposes and methods of processing Personal Data that may be processed in connection with the sale and provision of services in connection with the processing of sleep apnea, snoring, bruxism and any other activities related to respiratory or other assistance.
Processing or dealing: any operation or set of operations carried out with respect to Personal Data, including, without limitation, the collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, combination, association with other data, blocking, erasure or destruction of the Customer's Personal Data.
Violation of Personal Data or Breach: any alleged or actual breach of security leading to the accidental or unlawful destruction, loss, alteration, disclosure of or unauthorized access to Customer Personal Data transmitted, stored or otherwise processed.
2. PROTECTION OF PERSONAL DATA
2.1 DATA LINKAGE
RMed (part of DécoJumbo sprl) and the Client hereby undertake to act as independent Co-Managers, as follows: Under the terms of the Data Protection Regulations and applicable security legislation, the Client, in his capacity as Data Controller, is responsible for the Processing of Personal Data communicated to RMed (part of DécoJumbo sprl) by the Client in the context of the sale and provision of services for the treatment of sleep apnea, snoring, bruxism and all other activities related to respiratory or other assistance.
2.2 GENERAL COMPLIANCE
Both Parties must, at their own expense, comply with their obligations under the Data Protection Regulations in the version then in force and process Personal Data in strict compliance with the applicable requirements, and not knowingly perform their obligations in such a way as to compel the other Party to breach any applicable requirement under the Data Protection Regulations.
2.3 SECURITY AND PERSONAL DATA INCIDENT
Taking into account the state of knowledge, the costs of implementation as well as the nature, extent, context and purposes of the Processing, as well as the risks of varying probability and severity with regard to the rights and freedoms of the natural persons to whom the Personal Data refer, RMed (part of DécoJumbo sprl) will implement appropriate physical, technical and organisational means in order to guarantee a level of security of the Personal Data adapted to the risk.
In the event of discovery by RMed (part of DécoJumbo sprl) of a violation of Personal Data involving the Personal Data of any Person concerned in the context of an employer-employee relationship with the Client, RMed (part of DécoJumbo sprl) will inform the Client without undue delay. RMed (part of DécoJumbo sprl) will communicate to the Client the information at its disposal concerning the Violation. If RMed (part of DécoJumbo sprl) considers it appropriate to inform the Persons concerned by the Violation, it will inform the Client.
2.4 REQUEST FOR ACCESS, COMMUNICATIONS AND OTHER OBLIGATIONS TOWARDS THE PERSONS CONCERNED
In the event of receipt of a complaint or a request from the Persons concerned by a party about a Processing operation carried out under the responsibility of the other party, it will promptly inform the latter.
2.5 DATA QUALITY, RETRIEVAL AND DESTRUCTION
RMed (part of DécoJumbo sprl) must ensure that the Personal Data under common control are accurate, relevant and limited to what is strictly necessary and undertakes not to keep them longer than necessary.
2.6 INTERNATIONAL TRANSFERS OF PERSONAL DATA
RMed (part of DécoJumbo sprl) cannot transfer Personal Data under common control across borders in violation of the Data Protection Regulations.
In case of international transfers of Personal Data under common control outside the EU/EEA, RMed (part of DécoJumbo sprl) will have to comply with one of the valid transfer mechanisms under the Data Protection Regulation:
Adequacy: the Processing of Personal Data may only take place within jurisdictions deemed to have adequate means of protection of personal data, as defined in the Data Protection Regulation.
Institutional rules binding on the Supervisor: the recipient of the Personal Data has adopted Institutional Rules binding on the Supervisor which apply to the Personal Data under common control which it processes and the Supervisor guarantees to keep these Rules in place.
EU Model Contract: The parties shall ensure that their contractors and sub-processors comply with the obligations of data importers (as defined in the EU Model Contract). In the event of any conflict, the terms of the EU Model Contract shall prevail.
Insofar as RMed (part of DécoJumbo sprl) calls upon third parties for the Processing of Personal Data under common control, RMed (part of DécoJumbo sprl) undertakes to do so in accordance with the applicable Data Protection Regulations.
2.8 AUTHORIZED COMMUNICATIONS OF SHARED PERSONAL DATA
Upon receipt of a legally binding request for disclosure of Personal Data under Common Control by a law enforcement agency or state security department, RMed (part of DécoJumbo sprl) may disclose Personal Data under Common Control to the extent that disclosure is required by law, by any government or regulatory body, or by a court of any competent jurisdiction, provided such disclosure is not prohibited by the Data Protection Regulations.
Each party is responsible within its perimeter for the Processing of Personal Data in accordance with the Data Protection Regulations and applicable security legislation.
ANNEX TO THE AMENDMENT DESCRIPTION OF THE TRANSFER
Data subjects The personal data transferred relate to the following categories of persons: Employees (Beneficiaries; Business contacts)
The personal data transferred relate to the following categories of data: Surname, first name, gender (M/F) E-mail address (personal or professional depending on what the Client communicates) Social security number Date of birth Telephone number, bank account numbers.
In some cases: address, IP address, geographical data (the location where the Title is used is indicated in our computer applications)
Shared personal data may be disclosed only to the following recipients or categories of recipients : RMed staff (part of DécoJumbo sprl) who need access to the data for the performance of the contract Subcontractors : Mollie (processing of credit card transactions), LightSpeed (online sales site), Marketing Partner (development of the online sales site). Sensitive data (if appropriate) Personal data transferred include the following categories of sensitive data: N/A
Additional useful information (storage limits and other relevant information) The data will be kept in accordance with social and fiscal regulations.
Contact person for data protection queries
RMed (part of DécoJumbo sprl)
Special Data Protection Contact
Processing manager: Eric Crusiau, [email protected]. 0488/815056
Purposes and categories:
- Management of customers, suppliers, staff, banks, insurance companies.
1. Customers: commercial follow-up, invoicing, dispatching of ordered products, product traceability, guarantee, etc.
2. Suppliers: commercial follow-up, payments, orders, returns and complaints
3. Banking and insurance: commercial follow-up, payments...
Data processed :
- Customers : Surname, First name, address, mobile phone number, e-mail address, pressure prescribed for CPAP
- Suppliers: all the contact details necessary for commercial follow-up, orders, invoicing, returns, complaints, disputes, credit notes...
- Banks and insurances: all the necessary contact details for commercial follow-up
Data retention period in accordance with legislation
Technical and organizational security measures :
- Backups on external hard disk
Written forms available for control