Privacy policy
The GDPR (EU General Data Protection Regulation) came into effect on 25 May 2018. This is the privacy legislation to better protect the personal data of European citizens. This privacy policy is to ensure that our customers are optimally informed about the processing of their personal data in terms of purchases and services from ThicoFC. The protection of our customers’ privacy is extremely important to us and to this end, we will keep you as well informed as possible and give you control over what happens to your personal data.
Definitions
Processing of personal data: The term ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). The term ‘processing’ is broad and covers, among other things, data collecting, recording, organizing, storing, updating, modifying, retrieving, consulting, using, distributing or making available in any way, merging, combining, archiving, erasing or eventually destroying the data.
Controller: a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor: the controller can appoint an external subcontractor to process personal data. In such a case, the subcontractor is the ‘processor’. This can be a natural or legal person, a public authority, agency or another body that processes personal data on behalf of the controller.
Scope
ThicoFC CV, with its registered office at 2800 Mechelen, Pareipoelstraat 126/0201, registered with the CBE (Crossroads Bank for Enterprises) under number 0838.808.389, is the controller of the personal data (hereinafter ‘ThicoFC’).
This privacy policy therefore only applies to the personal data that ThicoFC, as controller, processes with regard to its customers in terms of the sale of products and/or services. In addition to our current customers, it also applies to former customers, potential customers, sponsored athletes and ambassadors.
In the case of B2B customers, the processing of personal data is only applicable to natural persons. Where the B2B customer is a legal entity, the privacy policy applies only to the natural person or persons with whom we have direct contact in terms of sales or services.
This privacy policy also applies to customers who visit our registered office or website, participate in competitions, events or surveys, take part in promotions or use our services in another way.
Overview:
Categories of personal data |
Legal ground |
Purpose |
Retention period |
Personal identification data, financial data, professional activity |
In the preparation and execution of a placed order or implementation of a service |
To process a request for ThicoFC products or services |
Two years after the last contact |
Personal identification data, physical description, professional activity |
In the preparation and execution of a placed order or implementation of a service or legitimate interest |
To provide personalised information and advice |
Two years after the last contact |
Personal identification data, physical description, electronic identification data, professional activity, financial data |
Legitimate interest |
To continuously improve our products and services and retain statistics for internal use |
One year (we also anonymise the data after which it is kept for longer) |
Personal identification data, professional activity |
Consent |
To announce new products and services |
Until consent is revoked |
Personal identification data, professional activity |
Consent and in execution of an agreement |
Promotional content |
Once made, promotional content can be kept and re-used as long as ThicoFC exists, in accordance with the agreed upon terms |
Data Categories
ThicoFC processes the following categories of personal data of its customers:
- Personal identification data: data that enables us to identify and contact our customers such as surname, first names, address, telephone number and email address.
- Physical description: data such as age, gender, height, weight and body measurements, that enables us to offer the most suitable products and services. Data relating to the clothing sizes of our customers is also processed in order to produce our personalized garments.
- Financial data: invoicing and payment details, including data relating to the assessment of the creditworthiness of customers.
- Electronic identification data: IP addresses and cookies are processed to improve the usability of our online environments.
- Professional activity: data about the type of customer enables us to, for example, apply the correct pricing in terms of dealers, agents, natural persons, teams or B2B transactions.
- Electronic location data: the location data of customers to whom a ThicoFC commercial vehicle was leased or made available (GPS tracking).
- Images or videos: ThicoFC may process images and/or videos of customers or sponsored athletes for promotional purposes.
More than one of the above data categories can be combined.
ThicoFC does not process special categories of personal data that are prohibited in terms of Article 9 of the GDPR which reveal racial or ethnic origin, membership in interest groups, political opinions, ideological or religious views, health status, or data concerning a natural person’s sex life or sexual orientation. ThicoFC does not process genetic or biometric data with the aim of uniquely identifying a natural person.
Processing grounds
ThicoFC processes personal data for various purposes and will always try to process only data that is necessary in order to achieve specific objectives. The use of personal data is necessary in the following cases:
- In the preparation and execution of a placed order or implementation of a service (agreement).
- To comply with the legal obligations to which ThicoFC is subject.
- To represent our legitimate interests, always striving to ensure that these interests do not outweigh the respect for the privacy of personal data, especially when it concerns children. These interests include advertising and marketing, CRM, product development and improvement (analysing personal data to understand customer preferences and behaviours, leading to the development of new products and the improvement of existing ones), fraud prevention and security, operational efficiency.
If the processing of personal data is not needed for any of the above three purposes, we will always request explicit permission from the data subject to process the personal data.
Children
If ThicoFC is aware that it is collecting personal data from children under the age of 16, permission must be obtained from a parent or guardian, as required by law.
Processing purposes
ThicoFC collects personal data for the following specific purposes:
1. To process a request for ThicoFC products or services.
People who are interested in the products and services of ThicoFC and who contact ThicoFC (by telephone, email, or through its website) are asked to leave their personal details so that we can contact them in order to make an appointment.
2.To provide personalised information and advice regarding our products and services, together with other companies within the ThicoFC group.
ThicoFC uses data in order to provide personal, specific advice about its products and services. This explicitly relates to presenting clothing that matches the needs of our (potential) customers with regard to model, design, technical characteristics and dimensions. This personal data is recorded for the purpose of customer management (preparation of quotations, (re)orders, invoices, follow-up payments) production follow-ups and after-service care, as well as the handling of complaints.
3. To continuously improve our products and services.
Feedback from (professional) athletes and customers regarding our products and services provides an important source of data that enables us to improve the comfort, quality and performance of our clothing under various conditions as well as different weather conditions.
4. To announce new products and services.
ThicoFC may use personal data to inform its customers (either electronically, in writing or by telephone) of new products, competitions, discounts, special promotions, or new services that have been added to the range. ThicoFC may also send a mail or newsletter to individuals and companies who no longer are ThicoFC customers. This can be cancelled by unsubscribing to these services (opting-out).
5. To retain statistics for internal use.
ThicoFC may use personal data to generate internal reports and analysis in order to evaluate our own procedures and operational processes, allowing us to improve our products and service offerings, or to adapt them in accordance with the evolution of the market (trend analysis).
6. To create promotional content.
ThicoFC may process personal data, including pictures and videos, for the purpose of creating promotional content and conducting marketing campaigns to showcase our products and engage with our audience.
ThicoFC does not use automated decision making which may result in legal consequences, or which may similarly significantly affect those involved.
Recipients and data transfers
ThicoFC does not sell personal data to third parties without permission and does not share personal data with third parties except in the following instances:
- With other companies in the ThicoFC group. Where necessary, and for the processing purposes as described above, personal data may be shared with other companies within the ThicoFC group within the European Union, which are directly or indirectly affiliated with ThicoFC or with a ThicoFC partner.
- Where necessary for the delivery of our products and services. ThicoFC may use third parties for the delivery of products and services, and as a result make its databases available for this purpose. These may include, for example, third party producers commissioned by us or independent commercial entities that market our products. This data will only be shared for the same purpose for which ThicoFC processes it and is limited only to the data necessary to carry out their mission. ThicoFC guarantees that these third parties shall take the appropriate technical and organizational measures needed in order to protect the personal data which they are privy to.
- When subject to legal obligation. ThicoFC will share personal data with government authorities, legal services or police services when required to do so by law.
- When ThicoFC or a third party has a legitimate interest. ThicoFC will only share personal data with a third party if the right to privacy does not outweigh the purpose. For example, in relation to collection agencies or partners when it comes to price offers for tenders.
- When given permission. In all other cases, when ThicoFC shares personal data with third parties, the data subject will be notified in advance, with an explanation regarding the third party and the purpose. Where required by law, permission will naturally be requested first.
When personal data is processed outside of the European Union, ThicoFC will take appropriate contractual or other measures to ensure that this personal data is subject to the same or comparable level of protection as if it were protected within the European Union and in accordance with the GDRP legislation.
A separate Cookies Policy can be found at https://shop.thibautcourtois.com/cookie-policy/