Privacy Policy
Welcome to Bnsmarkt, hereinafter referred to as "We," and thank you for visiting our website. We highly value the protection and respect of your privacy.
Through this document, we aim to provide you with clear and precise information regarding the collection and processing of personal data that you may provide to us through the Bnsmarkt website (hereinafter referred to as the "Bnsmarkt Site").
Article 1: Privacy Rules
The General Data Protection Regulation of April 27, 2016 (hereinafter GDPR) has been in effect since May 25, 2018. It imposes strict rules and conditions on companies and merchants regarding the processing of personal data of their customers and prospects, aiming to protect their privacy.
Article 2: Data Controller
The "data controller" of your personal data is Bnsmarkt, responsible for the Bnsmarkt Site that you visit and to which you provide data.
Article 3: Legal Basis for Data Processing and Use
We can only use your personal data for legitimate and necessary purposes (Art. 6 of the GDPR). This means that we process your personal data, whether electronic or not, for legitimate purposes in the context of contractual relationships, business, and security/safety. These purposes include, but are not limited to:
- Processing and fulfilling your orders and contracts.
- Managing your account and business relationship.
- Providing you with commercial, promotional, advertising information, or information on the use of our services.
- Communications in the execution of a contract.
- Improving the design, layout, and overall functionality of the site.
- Analyzing data for statistical purposes.
Article 4: What is Personal Data?
Personal data includes all information about you through which you can be identified (hereinafter referred to as "the data"). Anonymous data that does not allow your identification is not considered personal data.
Article 5: Sources and Origins of Personal Data
In principle, the data we possess comes from you when you fill out a form. If you choose not to provide mandatory or necessary information, you may lose certain benefits, and/or we may decide to terminate our services to you, or we may be unable to execute the contract.
Article 6: Access to Personal Data - With Whom Do We Share Your Information?
In accordance with current regulations, data may be transmitted to competent authorities upon request, including public bodies, exclusively to meet legal obligations, legal auxiliaries, ministerial officers, and organizations responsible for debt recovery, as well as in the case of investigating authors of offenses committed on the internet.
Your data is primarily for internal use. We may share your data with third-party companies, who will be able to process it, for legitimate reasons, including the proper execution of the contract, when we use service providers and subcontractors for order fulfillment or services provided by us (technical services, payment service, payment security, deliveries, sending commercial prospecting, etc.).
We only transmit to them the data they need to perform their services. However, we will ensure compliance with GDPR regulations by our subcontractors. The processing of data by them is governed by strict legal frameworks.
Article 7: Data Retention Period
We implement the necessary means to ensure that the retention of personal data for the purposes described above does not exceed legal durations.
Article 8: What Are Your Rights?
We are committed to taking appropriate technical and organizational measures to ensure the security of the processing of personal data for everyone (Art. 32 of the GDPR).
In accordance with applicable laws and regulations on the protection of personal data, you have a number of rights concerning your personal data, namely:
- Right of access (Art. 15 of the GDPR) and information: You have the right to be informed in a concise, transparent, intelligible, and easily accessible manner about how your data is processed. You also have the right to obtain confirmation that data about you is being processed and, if so, to access your personal data and the right to obtain or make a copy to the extent reasonable.
- Right to rectification (Art. 16 GDPR): You have the right to obtain the rectification of inaccurate data. You also have the right to complete incomplete data.
- Right to be forgotten (or Right to erasure - Art. 17 of the GDPR) and Right to restriction of processing (Art. 18 of the GDPR): We are committed to granting the erasure of your personal data, especially in the following cases:
- Data no longer necessary for the purposes for which it was collected or processed.
- You object to processing.
- Personal data has been unlawfully processed.
- Right to data portability (Art. 20 GDPR): You have the right to receive your data in a structured, commonly used, and machine-readable format, for your personal use or to transmit it to a third party of your choice.
- Right to withdraw consent at any time (Art. 7 of the GDPR): You can withdraw your consent to the processing of your data when the processing is based on your consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal.
- Right to lodge a complaint (Art. 77 of the GDPR): The customer has the right to lodge a complaint with the Data Protection Authority at any time if they believe that the processing of their personal data constitutes a violation of the GDPR.
To exercise your rights, you can contact us by email: info@bnsmarkt.com
Article 9: Our Commitment
We aim to implement security techniques to protect stored data against unauthorized access, inappropriate use, alterations, illegal or accidental destruction, and accidental loss.
Article 10: Procedure in Case of Violations
It is always possible that personal data processed in the context of the contractual relationship falls into the wrong hands due to human error, computer error, etc. When the violation poses a high risk to the rights and freedoms of the person, we will immediately inform them of the facts and measures. We will ensure that the necessary steps are taken regarding the notification of the violation to the Data Protection Authority within 72 hours after becoming aware of it, unless the violation does not pose a high risk to the rights and freedoms of the person. (Art. 32-34 of the GDPR).
Article 11: Consent
You give your express, informed, and unambiguous consent for the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time upon written request. We reserve the right to modify this Privacy Policy.
Article 12: Modification of Our Privacy
Policy
We may occasionally amend this privacy policy, particularly to comply with any regulatory, jurisprudential, editorial, or technical developments.
Article 13: Contact
For any questions regarding this Privacy Policy or any requests regarding your data, you can contact us.