CEFALY Technology sprl attaches great importance to the protection of your privacy.
This Privacy Notice provides you with detailed information regarding the protection of your personal data by CEFALY Technology sprl, whose registered office is located at Rue Louis Plescia, 34- 4102 Seraing, Belgium.
1. Which personal data are we processing?
As part of our Sales activities, we may collect and process personal data. This data is limited to what is necessary for the realization of our commercial activities.
The following personal data is collected:
- Identification (for example: last name, first name)
- Contact (for example: physical and electronic address, phone number)
- Interactions between you and our different services and supports.
- Medical prescription (required to buy a Cefaly device)
2. Why and on what legal basis are we using your personal data?
The main purpose of our data processing is the execution of the contract that you conclude with us during a purchase on our site (execution of the contract). We use your data to organize the delivery of products, respond to requests for after-sales service, manage rentals, and any other requests related to the contract.
We may occasionally use your data to provide you with information about our products and services (for example, launching a new product). This processing is based on our legitimate interest.
As a manufacturer of medical devices, we are required to carry out safety and efficacy studies on our products. Those post-market studies (retrospective clinical study, analysis of epidemiological data, cost-efficacy and safety studies) are carried out according to the principle of legitimate interest.
Other commercial studies may be proposed to you. In this case, we will ask for your consent prior to the use of your personal data.
3. With who are we sharing your data?
The controller is CEFALY Technology. As part of our management, the data may nevertheless be transferred to third parties, which offer the necessary guarantees of security and confidentiality.
When we execute the contract that you have concluded with us, we may share your data with transport or delivery companies.
When we conduct post-market studies, data analysis companies may receive your data.
4. How long are we keeping your personal data?
We keep your personal data for as long as necessary to comply with applicable legal and regulatory provisions, while taking into account operational constraints such as a good quality customer service.
On this basis, your personal data is kept for 10 years after the purchase of our products.
5. What are your rights and how can you exercise them?
According to the applicable laws, you have several rights about your personal data, which are:
- The right of access: you can obtain information about the processing of your personal data, as well as a copy of this data.
- The right to rectification: if you are thinking that your personal data is not correct, or incomplete, you can require the modification of this data.
- The right to erasure: you can require the erasure of your personal data.
- The right to restrict processing: you can require that your personal data are not used for specific purposes.
- The right to object: you can object to the processing of your personal data, for personal reasons. You have the absolute right to object to the processing of your personal data for direct marketing purposes.
- The right to withdraw your consent: if you have given your consent to the processing of your personal data, you have the right to withdraw this consent at any time.
- The right to data portability: when this right is applicable, you may ask that the personal data that you provided to us is returned to you or, if this is technically possible, transferred to a third party.
You can exercise the rights listed above by contacting us by e-mail to the address email@example.com. We will answer you as soon as possible.
6. How are we protecting your data?
We always use encryption technologies that are recognized as industry standards in the IT sector when we transfer or receive your data on our website.
7. What should you know about third-party services?
On our website, we use tools developed by third parties. These third parties may place cookies or other Web tags on your browser for targeted advertising purposes. Those services may automatically record your browsing activities when you visit our website (IP address, cookies, activities on our website). This is the case for example of Google Analytics, Facebook, AddThis, AdRoll, Perfect Audience.
If you do not wish to be the object of targeted advertising (opt out), the following site allows you to regulate your advertising preferences: www.aboutads.info.
You may also adjust the parameters of your browser to delete or prevent the placement cookies.
8. Who to contact in case of complaint?
In accordance with the applicable regulations, you are entitled to lodge a complaint with the competent supervisory authority. For Belgium, the Competent Authority is the Data Protection Authority:
Last update: July 17th, 2018