Tomeco privacy policy

1. This privacy policy (“Privacy Policy”) regulates the processing of your personal data as part of your use of our Website (the “Website”) and related services. This processing is carried out by Tomeco as data controller, with its registered office at 2320 Hoogstraten (“we”, “us”), registered in the CBE under number 0642.906.003, in accordance with applicable legislation on the protection of personal data.
2. By using our website or services, you agree that you have read this Privacy Policy carefully and that you unreservedly agree to it. We reserve the right to change the Privacy Policy regularly in our sole discretion. Such changes will be communicated via the Website.
3. “Cookies” or similar technology may be used as part of the website or services. Cookies are text files that are placed on the hard drive of a device and contain certain information, sometimes including personal data. For more information about the use of cookies, you can find out in our cookie policy.
4. This Privacy y was last updated on 18/04/2025.

What & why we process data

1. When you use the Website and/or Services, we process personal data that relates to you:
   ◦ When? Use of Services, Use of Website
   ◦ Which ones? Identification information
   ◦ Why (goal)? Processing the request
   ◦ Legal basis? Legitimate interest
2. ◦ When? Contacting us
   ◦ Which ones? Identification information
   ◦ Why (goal)? Submitting related information and additions
   ◦ Legal basis? consent

In principle, we obtain the personal data mentioned above directly from you. In addition to the above, we can also process your personal data:

1. To provide you with the information about products and services that you request in a personalized and efficient way, whether via the website, email, phone or social media channels.
2. To process your personal data so that we can provide a correct service
3. For direct marketing purposes, i.e. to provide you with targeted communications, promotions, offers and other advertisements from us or our selected partners. To do this, we will ask for your permission.
4. To perform statistical analyses to improve our Website and/or Services, or develop new products or services.
5. To provide to a financial institution or payment service provider, to enable your bank and payment service provider to meet their obligations.
6. To hand over to the police or judicial authorities as evidence of possible crimes or if there are well-founded suspicions of a wrongful act or crime committed through your registration with or use of the Website or Services.
7. In the context of a possible merger with, acquisition of/by or division by a third party, even if that third party is outside the EEA.

If and when your registration on the website or use of the website or services could be considered (a) a violation of the terms or proprietary rights, (b) a threat to the security or integrity of our service, (c) a threat to our Website or Services or our subcontractors' systems due to viruses, Trojan horses, spyware, malware, or any other form of malicious code, or (d) illegal in any way whether unlawful, discriminatory or offensive, may we process your data in the interests of ourselves, our partners or third parties.

Do we share your data

1. We can call on external processors to provide you with the best possible website. We ensure that third party processors are only allowed to process your personal data in our name and on our written instructions.
2. We do not transfer your personal information to third parties in an identifiable way if this is not required to provide the services without your explicit consent.
3. We may transfer anonymized data to other organizations that can use this information to improve products and services and organize the marketing, presentation and sale of customized products and services.

Where do we process data

1. We and our external processors will only process your identifiable personal data in the European area.
2. We can transfer your anonymized data to organizations outside the European area. If such a transfer occurs, we will ensure that appropriate safeguards are in place to ensure the security and integrity of your personal information, and that all personal data rights that you may enjoy under applicable law are guaranteed.
3. If there is a transfer of personal data and/or anonymized data, the following legal protection mechanism will be introduced:
   ◦ Which ones? Webflow
   ◦ Country outside the EEA? USA
   ◦ Legal transfer mechanism? US - EU Privacy Shield
   

How we process data

1. We will do our utmost to process only your personal data that is necessary to achieve the goals set out in this policy. We will process your personal data in a legal and transparent manner. As well as doing our utmost to keep personal data accurate and up to date.
2. Your personal data will only be processed until you withdraw your consent to its processing. This withdrawal of consent may mean that you are no longer able to use all or part of the website services. If you have registered with our website, we will delete your personal data if you delete your profile, unless a legal or regulatory obligation or court or administrative order would prevent this.
3. We will take appropriate technical and organizational measures to keep your personal data safe against unauthorized access or theft and against accidental loss, manipulation or destruction. Access by our staff or staff of our external processors is only possible on a need-to-know basis and is subject to strict confidentiality obligations
   

Your personal data rights

1. You have the right to request access to all personal data that we process about you. However, requests for access that are apparently made with a view to causing inconvenience or damage to us will not be processed.
2. You have the right to request that any personal information about you that is inaccurate or inaccurate be corrected free of charge. However, if you have registered on our website, you can correct much of this information yourself via your profile. If such a request is made, you must also attach to this request proof that the personal data for which correction is requested is inaccurate.
3. You have the right to withdraw your previously given consent to the processing of your personal data. This can be done by sending an email to info@tomeco.be.
4. Instead of deletion, you can also ask us to restrict the processing of your personal data if (a) you dispute the accuracy of that data, (b) the processing is unlawful or (c) the data is no longer necessary for the purposes mentioned, but you need it to defend yourself in court proceedings.
5. You have the right to object to the processing of data if you can demonstrate that there are serious and legitimate reasons related to special circumstances that justify such an objection. However, if the intended processing qualifies as direct marketing, you have the right to object to such processing free of charge and without justification.
6. When your personal data is processed on the basis of consent or on the basis of a contract and the processing is carried out by automated means, you can receive the personal data provided in a structured format.
7. If you would like to request to exercise one or more of the rights listed above, please send an email to info@tomeco.be. This request must clearly state which right you wish to exercise and why. It must also be dated, signed and accompanied by a digitally scanned copy of your ID card. If the request appears to be well-founded, we will grant it as soon as reasonably possible and no later than thirty (30) days after receipt of the request.
8. If you have a problem with our processing of your personal data, you can always contact us. If you remain dissatisfied with our response, you can file a complaint with the competent data protection authority, the Belgian Privacy Commission.