The website colorlab.io and the Colorlab platform (hereafter together: the "Website") is offered by: Spectrum Group BVBA (hereafter "Colorlab"), Antwerpseweg 1/4, 2440 Geel, Belgium - Company number (VAT-BE): 0632.570.454. Feel free to contact us at privacy - at - colorlab.io should you have any privacy-related questions.

This Privacy Policy forms part of the Terms and Conditions, EULA, Data Processing Addendum and any other written or verbal agreement between Parties.

1. Why this Privacy Policy?

Every person who visits or uses the Website or contacts us through one of our channels of communication (hereafter: the "Visitor") as well as every person who relies on our services (hereafter: the "Client") will in most cases disclose a certain amount of personal data. The personal data is information which allows Colorlab to identify you as a natural person, regardless of whether we actually do this. You are identifiable as soon as it is possible to create a direct or indirect link between one or more data and you as a natural person. The Visitor and the Client are hereinafter also jointly referred to as the "Data Subject".

We only use and process your personal data in accordance with the GDPR and any replacement legislation, or any similar regulation under any applicable law, and any regulatory requirements or codes of practice governing the use, storage or transmission of personal data. Every reference in this Privacy Policy to the 'GDPR' is a reference to the Regulation of 27 April 2016 on the Protection of Natural Persons with regard to the Processing of Personal Data and on the Free Movement of such Data (General Data Protection Regulation).

Through this Privacy Policy, every Data Subject is informed of the processing activities Colorlab may carry out with his or her personal data. Colorlab reserves the right to modify this Privacy Policy at all times. Every substantial change will be clearly communicated towards the Data Subject. We advise you to consult this document regularly.

2. Who is responsible for the processing of personal data?

2.1 - Controller

Colorlab is responsible for the processing and decides alone or in cooperation with others which personal data are being collected as well as the purposes and the technical and organisational means with regard to the processing of those personal data.

Colorlab has taken appropriate technical and organizational measures to protect the personal data of its Visitors and Clients. Colorlab uses various adequate security technologies and procedures to protect your personal data against unauthorized access, use or disclosure. Colorlab ensures that your personal data is stored safely in a controlled environment. However, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

2.2 - Processor(s)

Colorlab is free to rely on data processors. A processor is the natural or legal person who processes your personal data upon request and on behalf of the data controller. The processor is required to ensure the security and confidentiality of the data. The processor shall always act on the instructions of the data controller.

Colorlab relies on the following categories of "processors":

  • Companies we have engaged for marketing purposes;
  • Companies we have engaged for communication purposes (e.g. live chat on the website);
  • Companies we have engaged for hosting purposes;
  • Companies we have engaged for error-logging services.

With a view to the optimal protection of the personal data of our customers, we have made the necessary contractual arrangements with the aforementioned data processors to ensure that they apply the highest privacy standards. In any event, data processors shall be required to ensure the security and confidentiality of the personal data.

As a resident of the European Economic Area, a transfer of your personal data outside the European Economic Area (EEA) can only take place to countries that the Data Protection Authority in Belgium has found to provide the same adequate level of protection or, if this is not the case, to the extent that Colorlab has made the necessary contractual arrangements, taking into account the standard provisions as imposed by the Data Protection Authority in Belgium, to ensure that your personal information receives an adequate level of protection. Some of the processors we rely on may be located outside the EEA. Colorlab ensures that these processors comply with the EU-US Privacy Shield when these are located in the US. When we rely on other processors outside the EEA, adequate safeguards are put in place to ensure the safe processing of personal data.

3. On what legal grounds is your personal data processed?

In accordance with the GDPR we process personal data on the following legal grounds:

  • On the basis of the execution of the contract agreed upon with the Client or the execution of pre-contractual steps taken at the request of the Data Subject (e.g. when a demo is requested); or
  • On the basis of compliance with legal or regulatory provisions with regard to the management of the contractual relationship with the Client, invoicing in particular;
  • On the basis of our legitimate interest in responding to information requests from Visitors and Clients;
  • On the basis of our legitimate interest in sending promotional offers (direct marketing) to our Clients;
  • On the basis of our legitimate interest when we contact our Clients to ask for their feedback or testimonials;
  • On the basis of your consent when we publish your testimonial;
  • On the basis of the explicit consent to send newsletters to Visitors who signed up for our newsletters.

4. Which personal data is processed?

Colorlab commits to only collect and process your personal data in a way that is adequate, relevant and limited to what is necessary for the purposes for which they are processed.

How much and what personal information Colorlab collects about you depends on your use of the Website and our services. The collection of personal data will be further expanded as more intensive use is made of our Website and our online services. The following categories of personal data are processed by Colorlab:

Clients
  • Personal identification data (name, first name, address, login details);
  • Work-related personal data (company, position, VAT-number);
  • Contact details (e-mail address and telephone number);
  • Electronic identification data (IP-address, system and browser information);
  • Other personal data (sex, language, date of birth);
  • Content (the content of your communication E.g.: Questions sent through our contact form or live chat).

This personal data is collected when the Client places an order via our Website. Other personal data may be collected at a later date, for example in the context of our after-sales service.

Visitors
  • Electronic identification data (IP address, cookies);
  • Personal identification data (name, first name);
  • Contact details (telephone number and e-mail address);
  • Content (the content of your communication. E.g.: Questions sent through our contact form or live chat).

This personal data is collected when you visit our Website and, in particular, when you fill out and submit our contact form.

Sometimes we receive personal data from the companies that use our service. You can check the privacy statements of those companies to find out how they process your information. The personal data that is provided by you through these companies will remain under the responsibility of these companies as they can be qualified as data controllers under the GDPR. Colorlab only processes this kind of personal data on behalf of those companies.

Colorlab reserves the right to suspend or cancel certain operations if the required personal data is missing, incorrect or incomplete.

5. For which purposes is your personal data used?

The processing of your personal data is essential for the proper functioning of the Website and the provision of associated services. The collection of personal data becomes more extensive as the Data Subject makes more intensive use of our Website and our online services.

Colorlab commits to solely process your personal data for the following purposes:

Client
  • Client management: customer administration, order management, deliveries, invoicing, checking creditworthiness, support and complaint monitoring.
  • Personalized marketing and advertising. In that case, the Client is always entitled to unsubscribe.
Visitors
  • Answering requests for information submitted via any contact form on the Website;
  • Personalized marketing and advertising if the Visitor has expressly agreed to this. In this case, the Visitor is free to withdraw his consent at any time.

We also use cookies in order to recognise the (IP address of) Visitors and to offer them a personalised user experience, to remember technical choices, and to detect and correct any errors which might be present on the Website. For more information concerning the use of cookies, we kindly refer you to our Cookie Policy.

When visiting the Website, some data is being collected for statistical purposes. Such data is necessary to optimise your user experience. It concerns the following data: browser, operating system, probable location of consultation, hour and day of the consultation and the pages which are being consulted, etc. In order to protect your privacy in the best possible way, this data is always anonymized.

The User provides the personal data to Colorlab himself and therefore retains a certain degree of control. Colorlab reserves the right to suspend or cancel certain operations if personal data is missing, incorrect or incomplete.

6. Who receives your personal data?

Your personal data will only be processed for internal use within Colorlab. Your personal data will not be sold, passed on or communicated to third parties, unless you have given us your explicit consent beforehand, or if the transmission is necessary for the execution of the agreement or is legally required.

7. How long do we store your personal data?

Your personal data is stored as long as necessary to achieve the purposes pursued. Your personal data will be erased from our database as soon as it is no longer necessary for the purposes pursued or if you validly exercise your right to erasure.

8. What are your rights?

8.1 - Guarantee of a legitimate and secure process of your personal data

Your personal data is always processed for the legitimate purposes explained in point 5. Your personal is collected and processed in an appropriate, relevant and non-excessive manner, and is not kept longer than necessary to achieve the intended purposes.

8.2 - Right to access

If you can prove your identity, you have the right to obtain information about the processing of your personal data. Thus, you have the right to know the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data is transmitted, the criteria used to determine the data retention period, and the rights that you can exercise on your personal data.

8.3 - Right to rectification of your personal data

Inaccurate or incomplete personal data may be corrected. You can request us in writing to rectify your information.

8.4 - Right to erasure (or "right to be forgotten")

You also have the right to obtain the erasure of your personal data under the following assumptions:

  • Your personal data are no longer necessary for the intended purposes;
  • You withdraw your consent to the processing and there is no other legal ground for processing;
  • You have validly exercised your right of opposition;
  • Your data has been illegally processed;
  • Your data must be deleted to comply with a legal obligation.

The deletion of data is mainly related to visibility; it is possible that the deleted data are still temporarily stored.

8.5 - Right to limitation of processing

In certain cases, you have the right to request the limitation of the processing of your personal data, especially in case of dispute as to the accuracy of the data, if the data are necessary in the context of legal proceedings or the time required to Colorlab to verify that you can validly exercise your right to erasure.

8.6 - Right to object

You have the right to object at any time to the processing of your personal data for direct marketing purposes. Colorlab will stop processing your personal data unless it can demonstrate that there are compelling legitimate reasons for the processing which prevail over your right to object.

8.7 - Right to data portability

You have the right to obtain any personal data which you have provided us in a structured, commonly used and machine readable format. At your request, this data may be transferred to another provider unless it is technically impossible.

8.8 - Right to withdraw your consent

You may withdraw your consent to the processing of your personal data at any time, for example for direct marketing purposes.

9. How to exercise my rights?

If you wish to exercise your rights, you must send a written request and proof of identity by email to privacy - at - colorlab.io. We will respond as soon as possible, and no later than one (1) month after receipt of the request.

10. Possibility to lodge a complaint

If you have any comments or complaints about the way in which we handle your personal data, we ask you to report them to us first. In this way, we can reach an amicable solution by mutual agreement.

If, after this notification, you are still not satisfied with the processing of your personal data by Colorlab, you have the right to lodge a complaint with the competent Data Protection Authority (for Belgium: www.dataprotectionauthority.be).

11. Entire Agreement

This agreement forms part of the Terms and Conditions, together with the End User License Agreement, Data Processing Addendum and any other written or verbal agreement between Parties.