SIGN IN
sign in

Privacy Policy

Finrack takes the protection of your personal data very seriously.

 

This Privacy Policy explains how we collect, process, and use your personal data, as well as your rights and how to exercise them. We comply with the General Data Protection Regulation (GDPR, Regulation 2016/679) and relevant national laws, including Belgium’s privacy legislation.

 

Finrack is the Controller, within the meaning of the GDPR.

 

Our full contact details are as follows:

 

Finrack SA

BCE ID : BE-1008.242.942

Avenue Arnaud Fraiteur 15-23

1050 Ixelles

[email protected]

 

For any questions concerning the processing of your personal data or to exercise your rights under the GDPR and Belgian law, please contact our Data Protection Officer (DPO) at [email protected].

1.     Scope of This Privacy Policy

This policy is addressed to our prospects, clients, website visitors, suppliers, business partners, and any other stakeholders or parties in contact with us. It explains:

 

  • What personal data we collect,
  • How we process and use this data,
  • With whom we share your data, and
  • Your rights in relation to your personal data.

2.    What means personal data?

Personal data refers to any information relating to a person who can be identified directly or indirectly. This may include surnames and first names, postal or e-mail addresses, telephone numbers, IP addresses and location data (this list is not exhaustive).

3.    Collection and Processing of Personal Data

We process personal data provided by you or collected automatically when you interact with our website, as well as data obtained from external sources. The types of data we collect include:

 

·       Personal Identification and Communication Data

Information you provide when entering into an agreement with us or contacting us (e.g., name, email, phone number, and other contact details).

 

·       Professional Identification Data

e.g. company, job title, professional e-mail address.

 

·       Telephone Communications

We may record calls with our customer service or call center agents to ensure service quality.

 

·       Website Usage Data

Automatically collected information when you visit our website (e.g., IP address, browser type, operating system, referring URLs, pages viewed, and timestamps) via cookies and similar technologies. This data is used to optimize your experience, improve our website, and protect our IT systems from attacks and other illegal activities. Analytics tools may also process this information for online marketing purposes. The information collected via cookies is collected in accordance with the Cookie Policy.

 

·       Data from External Sources

In some cases, we may receive personal data from external sources (such as public databases or commercial partners) for prospecting or service-related purposes.

 

We process your personal data for the following purposes, on the following legal grounds, in accordance with the applicable legislation:

 

·      With your consent (Article 6 (1)(a) GDPR), in particular for the following purposes:

1) processing your request when you send a request for information via our website;

2) to send you newsletters to which you have subscribed;

3) to send you direct marketing communications where you have consented to receive them by e-mail (or by any other channel for which applicable law requires your prior consent and to which you have consented);

4) to send you direct marketing communications by e-mail on the basis of your implied consent if you are an existing customer and have provided us with your e-mail address. You may object to this use of your e-mail address at any time and free of charge;

5) transfer your e-mail address (or any other personal data for which the applicable legislation requires your prior consent and for which you have given your consent) to a specific third party.

You have the right to withdraw your consent to the processing of your personal data at any time, where your consent is the lawful basis for the processing of your personal data.

 

·      For the preparation or performance of the contract we have entered into with you (Article 6 (1)(b) GDPR), in particular for the following purposes:

1) to make a contract proposal, to conclude and perform the contract;

2) to prevent and combat bad payments, and to determine, exercise and protect our rights in general, including debt recovery, dispute management and any legal proceedings.

 

·      For the fulfilment of our legitimate interests, where the processing of your personal data is necessary for us to carry out our business activities (Article 6 (1)(f) GDPR), in particular for the following purposes (except where your explicit consent is required):

 

1) to inform you about our upcoming products or services;

2) to establish customer or prospect segments or marketing profiles, for example for targeted marketing;

3) to centralise, combine and enrich your personal data with useful information obtained from third parties;

4) to optimise our services and adapt them to the preferences and wishes of our users;

5) to optimise the management and quality of our marketing and digital sales activities and services;

6) to measure our performance;

7) to use your personal data in aggregated or anonymised models in order to establish market analyses, for financial management, marketing or reporting purposes or to carry out analyses of large masses of data or any other type of analysis;

8) to monitor the quality of our customer service;

9) to prevent and combat fraud and any offences.

In the aforementioned cases, we always strive to maintain a fair balance between the need to process your personal data and the preservation of your rights and freedoms, including respect for your privacy.

 

·      To comply with the legal or regulatory provisions to which we are subject (article 6 (1)(c) RGPD).

 

4.    Data Retention and Deletion

We retain your personal data only as long as necessary for the purposes for which it was collected, or as required by applicable law.

 

We therefore delete your personal data as soon as the purpose for which it was collected and processed ceases to exist, and on expiry of the following deadlines:

 

  • Data processed as part of the performance of a contract:

 

       actively stored for as long as is necessary for the performance of the contract or the monitoring of our contractual relationship;

       at the end of the contract, this data will be kept for a further period of 10 years corresponding to the limitation period for contractual actions, it being understood that this retention period will be suspended in the event of administrative or legal proceedings relating to the contract, until the proceedings are concluded. The data will then be permanently deleted on expiry of the 10-year limitation period or at the end of any proceedings if the 10-year period has expired in the meantime.

 

  • Data of persons who have contacted us as part of pre-contractual measures that do not lead to the conclusion of a contract or to obtain additional information

Deleted after 2 years if no further action has been taken by these persons within this period.

 

  • Telephone Recordings
    Call recordings are stored for up to 3 years.

  • Website Usage Data
    Information collected via cookies and similar technologies is managed according to our cookie policy.

Once the purpose for processing has been fulfilled, your data will be securely deleted or anonymized, unless a longer retention period is required by law.

5.    Transfer of Personal Data

As a general rule, the personal data we collect is for our exclusive use. However, there may be circumstances in which we wish or are required to disclose your data to third parties. This will only take place in accordance with applicable legislation and for the purposes listed in the above-mentioned Article 3. These scenarios include disclosure:

 

1) to our service providers, suppliers or subcontractors who offer every guarantee of reliability and security. These companies may use your personal data only within the strict limits of the instructions we give them and in accordance with this Policy. They are subject to important obligations of confidentiality and security with regard to personal data;

2) to our advertising and media partners, unless you have objected to such transfer, for the purpose of sending you direct marketing communications;

3) to any other third party where you have given your consent;

4) to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution or similar event. In the event of a merger or sale, your personal data will be permanently transferred to the successor company;

5) to public authorities or other third parties where we are required to do so by law or in connection with legal proceedings.

 

In some cases, we may transfer your personal data to recipients or processors (including cloud solution providers) outside the European Economic Area. The processing of your personal data remains protected in accordance with the requirements of the applicable legislation on the processing of personal data and this Policy. When transferring your data to countries outside the European Economic Area, we ensure that appropriate precautions and security measures are put in place to guarantee the security and confidentiality of your personal data.

6.    Security Measures

We have implemented appropriate technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. These measures include:

 

  • Regular updates to our IT systems (firewalls, encryption, backups, etc.),
  • Staff training on data security and privacy practices, and
  • Strict access controls ensuring that only authorized personnel have access to your personal data.

7.    Your Rights

Under the GDPR and Belgian data protection law, you have the following rights:

 

  • Right to information
    You have the right to obtain clear, transparent and comprehensible information on how we process your personal data and on how to exercise your rights. This information is contained in this Policy. If this information is not sufficiently clear, we invite you to contact us (via our contact details listed in the Policy).

 

  • Right of Access
    You may request confirmation as to whether we process your personal data and receive a copy of the data.

 

  • Right to Rectification
    You may ask us to correct or complete any inaccurate or incomplete personal data.

 

  • Right to Erasure
    Also known as the “right to be forgotten,” you may request the deletion of your personal data. However, the right to erasure is not absolute and is subject to specific conditions. We may retain some of your personal data to the extent permitted by applicable law, in particular where processing remains necessary for compliance with a legal obligation to which the company is subject or for the establishment, exercise or defense of legal claims.

 

  • Right to Restriction of Processing
    Under certain conditions, you may request that we restrict the processing of your data (e.g., pending a dispute over accuracy).

 

  • Right to Data Portability
    If technically feasible, you may request that we transfer your personal data to another controller.

 

  • Right to Object
    You have the right to object, without giving any reason and free of charge, to the use of your personal data for direct marketing purposes. You also have the right to object, without giving any reason and free of charge, to the transfer of your personal data to third parties, including in particular our advertising/media partners and commercial partners.

 

  • Right to withdraw your consent

As permitted by applicable law, you may withdraw your consent to the processing of your personal data at any time. Withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of your prior consent.

 

·       Right to Lodge a Complaint
Should you believe that our data processing practices infringe your rights, you have the right to file a complaint with the Belgian Data Protection Authority. For more details, please visit www.dataprotectionauthority.be.

 

To exercise these rights, please contact our DPO at [email protected].

 

You may exercise your rights with regard to the company only insofar as we process your personal data in our capacity as data controller. Otherwise, if your request relates to processing for which we act only as processor, we will forward your request to the controller concerned.

 

If your identity is in doubt, we may ask you for proof of identity in order to prevent unauthorized access to your personal data.

8.    Cookies

The Cookie Policy can be consulted on our website: www.finrack.com

9.    Children

Please note that this website is not intended for children under the age of 16.

10. Linked Websites

Our website may contain links to other websites provided by third parties.

 

We are not, however, responsible for the content or the privacy policies and practices of such other websites, even if you have accessed a third-party website using links from our website.

 

We recommend that you check the policy of each website you visit and contact the owner or operator of that website if you have any concerns or questions.

11.   Amendments to the Privacy Policy 

We reserve the right to update this Policy. If we do, we will post the changes on this page. It is your responsibility to check the Policy each time you visit our website: www.finrack.com.

This document reflects our commitment at Finrack to transparency, data protection, and adherence to the highest privacy standards as expected under Belgian and European law.

Version 1.1 – May 26, 2025