Introduction and legal notices
In accordance with regulation no. 2016/679, known as the general regulations on data protection:
The personal data which we process may concern you as a client, but also as a business relationship of our clients (if you are a supplier or a client of our client, for example).
We are obliged to advise you, in your status as a data subject whose personal data we process, of the following:
1. Personal data controller
The personal data controller and Officer is Martial Dollinger for Pharma Technology and Pharma Flex S.A.
The controller's registered office is located at Rue Graham Bell 8 à 1402 Thines in Belgium and his company number is 0443.803.803 and 0897.187.147
For any matter relating to personal data protection, please contact the administrative and financial department, by post at the address above or by email (GDPR@pharmatec.be).
2. Purposes of processing personal data
The company processes personal data for the following purposes:
A. The obligations incumbent on the company vis-à-vis the Belgian authorities, foreign authorities or international institutions, pursuant to a legal or regulatory obligation, in accordance with a court ruling legal or as part of the defence of a legitimate interest, including but not limited to, if the current and future tax (VAT listings, tax forms, etc.) and social laws oblige us to process personal data as part of the mission with which we have been entrusted.
The processing of such personal data is a legal obligation. Without this data, we cannot enter into a business relationship.
B. Fulfilment of this contract relating to deliveries or services. The processing of personal data involves the data of the clients themselves, of the members of their staff, of their directors, among others, and also of other persons/entities, such as the clients and suppliers involved in their activities.
If this data is not provided and processed, we are unable to properly carry out our data protection mission.
3. What personal data and from whom?
Within the context of the purposes mentioned in point 2, the company is authorised to process the following personal data: first name, surname, email address, photo, address, company number and national number.
The company processes the personal data which the data subject or his/her close relatives have provided themselves.
The company also processes the personal data which has not been provided by the data subject, such as the personal data passed on by the client and concerning its employees, directors, clients, suppliers or even shareholders.
The personal data can also come from public sources such as the Banque-Carrefour des Entreprises [Belgian Central Enterprise Databank], the Moniteur belge [Belgian Official Gazette] and its appendices and the National Bank of Belgium (Balance Sheet Centre).
The data is only processed if such processing is necessary for the purposes mentioned in point 2.
The personal data is never passed on to third countries or to international organisations.
4. Recipient of the data
In accordance with the foregoing, and unless it is necessary to pass on personal data to organisations or entities whose involvement as third party service providers on behalf and under the supervision of the controller is required for the above-mentioned purposes, the company shall not pass on the personal data collected in this regard, nor shall it sell or rent such data to or exchange such data with any organisation or entity, unless you have been advised of this in advance and have expressly given your consent.
The company uses third party service providers:
The company uses ERP, CRM, electronic accounting;
The company uses external staff to carry out certain tasks or specific assignments;
The company can take all of the measures needed to guarantee the proper management of its website and its computer system.
The company can pass on personal data at the request of any legally competent authority or on its own initiative if it considers, in good faith, that the passing on of such information is necessary to comply with the law or the regulations or in order to defend and/or protect the rights or the assets of the company, its clients, its website and you yourself.
5. Security measures
In order to prevent, as far as possible, any unauthorised access to the personal data collected in this regard, the company has drawn up procedures relating to security and organisation. These procedures concern both the collection and the retention of such data.
These procedures also apply to all data processors that the firm uses.
6. Retention period
6.1. People's personal data is only kept for the periods stipulated by the applicable legislation, such as the accounting legislation, the tax legislation and the social legislation.
6.2. Once the aforementioned periods have expired, the personal data is deleted, unless another legislation in force stipulates a longer retention period.
7. Rights of access and rectification, right to be forgotten, data portability, objection, non-profiling and notification of security breaches
7.1. Personal data that we have to keep
For the application of your rights relating to all other personal data, you can always contact: GDPR@pharmatec.be
You can lodge a complaint relating to the processing of personal data by our firm with the Belgian Data Protection Authority:
Commission pour la protection de la vie privée [Belgian Commission for the Protection of Privacy]
Rue de la Presse 35, 1000 Brussels
Tel.: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35