Introduction
This privacy statement applies to Ontex BV, a company incorporated and existing under the laws of Belgium with its registered office at Genthof 5, 9255 Buggenhout, Belgium, and registered in the legal entities register (KBO) under number 0419.457.296, and any of its Affiliates* (hereafter “Ontex”) which control and make use of personal data (“Personal Data”) in the framework of its business operations (the “Business”).
Ontex reserves the right to modify or amend this privacy statement at any time and for any reason. The revised privacy statement shall apply from the date of the publication of the revised privacy statement on Ontex’ internet site www.ontexglobal.com. Please make sure you check this privacy statement regularly to ensure to be familiar with the latest version.
* Affiliates means any company controlled by, controlling or under common control of Ontex BV, whereby control shall mean the ownership of at least 50% of the shares. You can access the list of all Ontex entities in our annual report on our website ontex.com.
Collection of Personal Data: purpose
In its Business, Ontex collects and processes Personal Data for various purposes:
- Contacting and entering into Business relations with (potential) customers which may be companies or individual patients or their caregivers, as well as handling their requests in an efficient manner ;
- Direct marketing to (potential) customers ;
- Recruiting and employing personnel and ensuring them an optimal work environment ;
- Legal requirements and audits ;
- Interacting with and complying with government or competent authority requirements ;
- Researching, developing and testing new products ;
- Contacting and entering into Business relations with service and goods’ providers or other third party Business partners ;
- Contacting its investors and potential investors ;
- Properly managing its assets.
Where more detailed purposes are the reason for the collection, Ontex has issued specific privacy policies to cover these more accurately. Such privacy policies can in each instance be found on the Ontex website to which they refer.
Collection of Personal Data: legal basis
Ontex’ legal basis for collecting and processing Personal Data depends on the purpose of collection and hence are: (i) legitimate interest in order to ensure the Business interactions with customers, suppliers or other third party Business partners, as well as with investors and to manage Ontex’ assets (ii) execution of a contract with customers, suppliers, other third party Business partners and employees, (iii) fulfilling its legal obligations in various fields, including (where health related data of employees are required), legal requirements of social security and employment law, (iv) carrying out scientific research and (v) (explicit) consent in such cases as required such as for example the sending of direct marketing, certain interactions with patient customers (in its B2C Business) in order to ensure their products get delivered etc.
Retention & Deletion of Personal Data
The Personal Data is kept for a term as is needed based on the purpose for which such Personal Data is collected.
Disclosure of Personal Data to third parties
Ontex will never share the Personal Data with third parties for secondary or unrelated purposes unless otherwise disclosed at the point of collection.
Ontex may share Personal Data with third parties where required for achieving the above purposes.
This may include transfers outside the European Economic Area, including in countries that may not offer the same level of data protection as in the European Economic Area. Ontex has taken and will continue to take appropriate safeguards so that Personal Data remain subject to appropriate level of protection in accordance with applicable data protection law for the purposes identified above. These include implementing the EU Model Clauses, requiring third parties to have appropriate protection in place, firewalls, passwords, etc.
Where appropriate, Personal Data may be disclosed to law enforcement, regulatory or other government agencies, or third parties where necessary or desirable to comply with legal or regulatory obligations or requests or for the purposes identified above.
Access to Personal Data
Ontex is dedicated to providing access to persons who wish to review the Personal Data Ontex processes about them and/or correct any inaccuracies it may contain. A simple request to [email protected] suffices for this. Several websites which Ontex hosts, moreover provide the direct opportunity for the person wishing to access, review or correct or delete his/her Personal Data him/herself.
Your rights as a data subject
The GDPR and its implementing legislation give you several rights to manage your Personal Data. These rights are :
- the right to access the Personal Data which Ontex holds about you.
- the right to request that this Personal Data be corrected, limited or deleted,
- the right to object to the processing of the Personal Data.
- Personal data that you have transmitted to Ontex, can be requested back in a machine readable format.
- If you are of the opinion that Ontex has not properly treated your Personal Data, you also have the right to launch a complaint. Ontex lead Data Protection Authority is the Belgian Data protection Authority (autoriteprotectiondonnees.be), whom you can contact in such case. You have also the right to lodge a complaint with your local data protection supervisory authority at any time.
The easiest way to exercise your rights is to send a simple mail, specifying your request to [email protected].
Ontex highly values your privacy and would kindly request that for any questions or concerns you have on the use of your Personal Data, you contact us first via the above email address.
Information security
Ontex has in place market conform standards of technology and operational security to protect all Personal Data collected as per the above from loss, misuse, alteration or destruction. This Personal Data (and other confidential data) has been allocated to confidentiality categories, and based thereon, protection measures were put in place. Where the processing could result in a high risk for the persons whose Personal Data was collected, a privacy impact assessment was carried out (and is kept updated).
Children’s privacy protection
Ontex understands the importance of protecting children’s privacy in the interactive online world as well as in the real world. It is not Ontex’ policy to intentionally collect or maintain Personal Data about anyone under the age of 13. Nevertheless, for some of Ontex’ products (baby diapers and care products), it may be required that Ontex receives certain Personal Data of children (photo’s, name, date of birth of infants). To receive such Personal Data, and for any usage thereof, the explicit consent of the parent or guardian is requested.
Limitation of liability
Ontex takes all reasonable measures to ensure confidentiality of the Personal Data it collects. If you communicate with Ontex through the websites or via mail, you should be aware that transmission of Personal Data via the Internet or email is never without risk. To the fullest extent permitted by law, you agree, therefore, that any possible direct or indirect damage that you might suffer following an illegal or wrongful use of his or her Personal Data by third parties who do not have authorization to do so, can never be allocated to nor recovered from Ontex.
Contact details
Questions, feedback, concerns regarding this privacy statement can be addressed via [email protected] .