Privacy policy

Privacy policy

  • WHO WE ARE

1.1 "We", "us", "our" or "van Steenberge" means Hout-Bois van Steenberge NV with registered office at Steenweg op Aalst 27, B 9620 Zottegem (Belgium), RPR Ghent, division Oudenaarde with company number BE 0440.690.893. We are the data controller with respect to the personal data we collect in the context of your use of our website. Specific terms not defined in this privacy policy shall have the meaning as defined in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data ("GDPR").

1.2 The sole purpose of this privacy policy is to provide you with information regarding the processing of personal data in the context of our website.

1.3 Our website, https://www.vansteenberge.be/ is owned and operated by van Steenberge. The website is hosted by Digital Pulse NV, Lucky Lukestraat 6, 8500 Courtrai (Belgium), RPR Ghent, division Courtrai with company number BE 0704.609.483. For further information, please refer to article 6 of this privacy policy.

1.4 Your privacy is important to us. Hence, we have developed this privacy policy to provide you with more information regarding the collection, communication, transfer and use ("processing") of the personal data you share with us, as well as to provide you with more information regarding your rights. We therefore request that you read this privacy policy. By using our website and/or communicating your personal data, you expressly agree to the manner in which we collect and process your personal data, as described in this privacy policy.

1.5 If you have any questions, comments or complaints regarding this privacy policy or the processing of your personal data or wish to make a request in accordance with article 4 of this privacy policy, please contact us by any of the following means:

  • By e-mail: to klokkenluiders@vansteenbergeinvest.be;
  • By post: to van Steenberge, Steenweg te Aalst 27, B 9620 Zottegem (Belgium)

1.6 This privacy policy was last updated on 1 July 2025.

  • HOW AND WHY WE USE AND COLLECT YOUR PERSONAL DATA

2.1 Personal data is defined as any information about an identified or identifiable natural person. Identifiable refers to data (such as name, identification number, location data, etc.) that can be used to directly or indirectly identify a natural person.

2.2 We collect your personal data for the following processing purposes:

  • Customer management (necessary for the performance of a contract);
  • Service provision: to be able to respond to your request and to properly execute the contract to be concluded/closed (necessary for the performance of a contract);
  • Direct marketing (legitimate interest), sending newsletters (consent);
  • Supplier management (necessary for the performance of a contract);
  • Invoicing and administration (legal obligation) (legitimate interest: keeping of accounts);
  • Personnel management (legal obligation) (legitimate interest: conducting personnel management);
  • Enforcement or compliance with applicable law (legal obligation) (legitimate interest, e.g. bringing or defending against legal claims);
  • Website management and improvement, cookies (consent).

2.3 We collect the following categories of personal data:

  • Contact details: If you use the contact form, you will be asked to provide the following information: name, address, e-mail address, telephone number, and personal data that you enter yourself in the free box (please do not enter sensitive information, such as health information, information regarding criminal convictions, or bank account numbers). Also, if you subscribe to our newsletter, you will be asked to provide your e-mail address. This is information provided directly by you.
  • Usage information: We process personal data relating to your use of our website: IP address, device ID and type, referral source, language settings, browser type, operating system, geographical location, length of visit, page visited, or information regarding the timing, frequency and pattern of your visit. This information may be aggregated and may help us collect useful information regarding the use of the website. In the event that such usage information is anonymised (and therefore not traceable to you as a natural person), then such information is not covered by this privacy policy. This information is automatically collected through your use of the website.

2.4 The legal basis for the use of your personal data is always indicated for each processing purpose in brackets.

2.5 If the legal basis is the performance of a contract or a legal obligation, the personal data must be provided to enable the performance of the contract or to comply with a legal obligation. In the absence of such required personal data, the contractual relationship cannot be continued.

2.6 If the legal basis for processing your personal data is your consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of the processing that occurred before the withdrawal of your consent.

2.7 If the legal basis for the processing is our legitimate interest, you have the right to oppose the processing as set out in article 4 of this privacy policy.

2.8 Your personal data will only be used according to the purposes set out in article 2.2 of this privacy policy.

  • RETENTION OF YOUR PERSONAL DATA AND DELETION

3.1 Your personal data will not be kept longer than necessary to fulfil a specific purpose. However, as it is not possible to indicate a period in advance, the period will be decided as follows:

  • As long as interaction can be demonstrated between you and van Steenberge (or one of its related entities), the data will be kept.
  • At the moment there is no more interaction, your personal data will be kept for another two years, unless a longer period is imposed by law.

3.2 If you withdraw your consent or object to the processing of personal data, and such objection is withheld, we will delete your personal data. However, we will keep those personal data necessary to respect your preferences in the future.

3.3 We are, however, entitled to keep your personal data if this is necessary to comply with our legal obligations or for the establishment, exercise or defence of legal claims.

  • YOUR RIGHTS AS A DATA SUBJECT

4.1 This article provides an overview of your main rights in accordance with the GDPR. We summarise them for you in a intelligible and clearly legible manner.

4.2 If you wish to exercise any of your rights, please send us a written request in accordance with article 1.5 of this privacy policy. We will endeavour to respond to your request without unreasonable delay, but in any event within a period of one month from receipt of your request. If we are unable to respond within the aforementioned one-month period and wish to extend the period, or in case we will not respond to your request, we will notify you accordingly.

When you make a request to exercise your rights, we will first have to identify you. In case of reasonable doubt as to your identity, we reserve the right to request proof of identity.

The exercise of your rights is in principle free of charge. If your request is manifestly unfounded or excessive, we may always charge a reasonable fee based on the administrative costs incurred by us. In the same case, however, we may choose not to comply with your request. If necessary, you will always be informed of the reasons.

Right of access

4.3 In the event that we process your personal data, you have the right to access your personal data as well as certain additional information as defined in this privacy policy.

4.4 You have the right to receive a copy of your personal data held by us, provided that this does not adversely affect the rights and freedoms of others. The first copy will be provided to you free of charge, but we reserve the right to charge a reasonable fee if you request multiple copies.

Right of rectification

4.5 If the personal data we hold about you is inaccurate or incomplete, you have the right to request us to correct it, or to request us - taking into account the purposes of the processing - to complete it.

Right to data erasure / oblivion

4.6 Where any of the following applies, you have the right to obtain - without unreasonable delay - erasure of your personal data:

  • The personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • You withdraw your consent on which the processing is based, and there is no other legal ground for processing your personal data;
  • Your personal data have been unlawfully processed;
  • Erasure of your personal data is necessary to comply with EU or Belgian law;

4.7 There are certain exclusions to the right to data erasure. These exclusions include where processing is necessary:

  • For exercising the right to freedom of expression and information;
  • For reasons of public interest in the field of public health;
  • For archiving purposes in the public interest, or statistical purposes;
  • For compliance with a legal obligation; or,
  • For the establishment, exercise or defence of legal claims.

Right to restriction of processing

4.8 You have the right to obtain the restriction of the processing of your personal data (meaning that the personal data may only be stored by us and used only for limited purposes), if any of the following applies:

  • You dispute the accuracy of the personal data, for a period that allows us to verify the accuracy of the personal data;
  • The processing is unlawful and you oppose the erasure of the personal data and request instead that its use be restricted;
  • We no longer need your personal data for the purposes of processing, but you need them for the establishment, exercise or defence of legal claims; or,
  • You have objected to the processing, pending the answer to whether our legitimate grounds outweigh yours.

4.9 In addition to our right to store your personal data, we may still process it, but only:

  • With your consent;
  • For the establishment, exercise or defence of legal claims;
  • To protect the rights of another natural or legal person; or,
  • For reasons of public interest.

4.10 Before we lift the restriction on the processing of your personal data, you will be informed.

Right to portability of your personal data / data portability

4.11 If the processing of your personal data is based on your consent or the performance of a contract, the processing is carried out by automated means (i.e. not on paper) AND you have provided the personal data to us yourself, you have the right to receive your personal data in a structured, commonly used and machine-readable form. However, this right does not apply insofar as it would adversely affect the rights and freedoms of others.

4.12 You also have the right to have your personal data, where technically feasible, transmitted directly by us to another controller.

Right to object

4.13 You have the right to object – on grounds relating to your particular situation - to the processing of your personal data at any time, but only to the extent that the legal basis for the processing is that the processing is necessary for:

  • The performance of a task carried out in the public interest or in the exercise of official authority vested in us;
  • The pursuit of our legitimate interests or those of a third party.

4.14 If you object to the processing of your personal data, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

4.15 Where your personal data are processed for the purposes of direct marketing, whether initial or further processing, you have the right to object to such processing at any time and free of charge, including in the case of profiling insofar as it relates to direct marketing. If you raise such an objection, we will stop processing your personal data for this purpose.

Right to complain to a supervisory authority

4.16 If you believe that the processing of your personal data carried out by us violates data protection legislation, you have the right to lodge a complaint with a data protection supervisory authority. You can do so in the EU Member State of your habitual residence, of the place where you work or of the place where the alleged breach took place. In Belgium, you can file a complaint with the Belgian Data Protection Authority, at the following contact details:

  • By post: Printing Press Street 35, 1000 Brussels
  • E-mail: contact@apd-gba.be
  • Tel: +32 (0)2 274 48 00
  • Website: https://www.gegevensbeschermingsautoriteit.be/burger/acties/klacht-indienen
  • SAFEGUARDS - HOW WE KEEP YOUR DATA SAFE

We have organisational and technical processes and procedures in place to protect your personal data. However, it cannot be guaranteed that electronic transmission over the internet or information storage technology is 100% secure, so we cannot promise or guarantee that hackers, cyber criminals or other unauthorised third parties will not be able to circumvent our security and improperly collect, access, steal or modify your information.

  • DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES

6.1 To provide our website, we work with service providers to process and store your personal data. We use the following service providers:

  • Hosted Power BVBA (hosting provider);
  • Digital Pulse NV
  • Pixel & Tonic (Craft CMS);

6.2 If you are a customer of ours, we may disclose your personal data to suppliers with whom we have contracted to offer you services. If you are a supplier of ours we may disclose your personal data to our customers to contact you.

6.3 Providing access to your data may be necessary compliance with a legal obligation. In such a case, we will be obliged to comply. We may also provide your personal data if this is necessary to protect the vital interests of another natural person.

6.4 Our website uses social media plugins that allow you to link to our social media channels or enable you to share content on your social media channels. These social media channels are: Facebook, Instagram, LinkedIn, Twitter, and YouTube. If you click on such links, the aforementioned social media partners may collect personal data, such as personal data relating to your profile.

6.5 As a data subject, you are free to visit/follow our social media platforms or not. We are not responsible for how these social media partners use your personal data. In such cases, they will act as data controllers. You will want to inform yourself in advance about the cookie and privacy policies with these external providers. For your information, we list the relevant links below (however, these may change from time to time):

  • Facebook: http://facebook.com/about/privacy;
  • Instagram: https://help.instagram.com/155833707900388;
  • LinkedIn: http://linkedin.com/legal/privacy-policy;
  • X: https://x.com/nl/privacy;
  • Google+: https://www.google.com/intl/en/policies/privacy/;
  • Vimeo: https://vimeo.com/privacy;
  • Pinterest: http://policy.pinterest.com/en/privacy-policy.
  • YouTube: https://policies.google.com/technologies/cookies?hl=en.
  • TRANSFER OF PERSONAL DATA

To the extent that your data is processed outside the European Economic Area, we provide appropriate safeguards in accordance with the GDPR where necessary.

  • COOKIES

Our website uses cookies. For further information, please refer to the cookie policy on our website.

  • CHANGES TO THE PRIVACY POLICY

From time to time, we may make changes to this privacy policy. The most recent version of the privacy policy can always be consulted on our website.