Privacy Statement

BRU TEXTILES and her subsidiaries respect your privacy. In this privacy statement, we set out the manner in which your personal data is collected and processed by BRU TEXTILES / subsidiaries, depending on your relationship with BRU TEXTILES / subsidiaries.

​This privacy statement was last updated on 2022-11-02 in connection with the General Data Protection Regulation (GDPR) which came into force on 25 May 2018. This new legal framework gives EU citizens more control over their personal data and provides for better data protection throughout Europe. This new regulation applies worldwide for all companies and organizations that record and process personal data of European citizens (irrespective whether services or products are paid for or not) and all companies and organizations that are located within the European Economic Area.

​We may revise our privacy statement following new or changed processing. Therefore, we recommend that you check the privacy statement regularly. We will make use of a pop-up on the website in the event of significant changes to our privacy statement.

​This privacy statement is issued by BRU TEXTILES and her subsidiaries, which hold offices at Satenrozen 2a, 2550 Kontich (Belgium). BRU TEXTILES’ company number: 0453.835.284.

Contact information

BRU TEXTILES / subsidiaries

Satenrozen 2a, 2550 Kontich

E: privacy@brutex.com

T: +32 3 451 8000

Data Protection Officer

E: privacy@brutex.com

Data protection authority

Drukpersstraat 35, 1000 Brussel

T: +32 (0)2 274 48 00

E: contact@apd-gba.be

Web: www.dataprotectionauthority.be/citizen

Preliminary:

All information stored on our systems is the exclusive property of Bru Textiles or its respective subsidiary. Even if it should become available in any way, this does not detract from the fact that only Bru Textiles or its subsidiaries can access or use this information. You are absolutely prohibited from accessing, learning about, using or appropriating this information except with the express consent of Bru Textiles or its subsidiary and after you have committed yourself pursuant to the NDA available at Bru Textiles or its subsidiaries for this purpose. Understand that, unless otherwise stipulated in this statement, you shall have unlimited liability for any possible direct or indirect consequences caused by a possible breach of these principles.

Responsible disclosure

At BRU TEXTILES / subsidiaries, the security of our systems is very important to us. Despite our care for the security of our systems, it is possible that there is a weak spot.

If you have found a weak spot in one of our systems, we would like to hear from you so that we can take measures as soon as possible. We would like to work with you to better protect our customers and our systems.

We ask you:

  • Email your findings to privacy@brutex.com. Encrypt your findings with our PGP key to prevent the information from falling into the wrong hands,
  • Not to abuse the problem by, for example, downloading more data than necessary to prove the leak or viewing, deleting or modifying data from third parties,
  • Not to share the problem with others until it is resolved and to erase all confidential data obtained through the leak immediately after closing the leak,
  • Not to use attacks on physical security, social engineering, distributed denial of service, spam or third-party applications, and
  • Provide sufficient information to reproduce the problem so that we can solve it as quickly as possible. Usually, the IP address or URL of the affected system and a description of the vulnerability is sufficient, but more complex vulnerabilities may require more.

What we promise:

  • We will respond to your report within 3 days with our review of the report and an expected date for a resolution,
  • If you have complied with the above conditions, we will not take any legal action against you regarding the report,
  • We will treat your report confidentially and will not share your personal data with third parties without your consent unless this is necessary to comply with a legal obligation. Reporting under a pseudonym is possible,
  • We will keep you informed of the progress of solving the problem,
  • In reporting on the reported problem, we will, if you wish, mention your name as the discoverer, and
  • As a thank you for your help, we offer a reward for every report of a security issue that is still unknown to us. We determine the size of the reward on the basis of the severity of the leak and the quality of the report with a minimum of a voucher of € 50,-.

We strive to solve all problems as quickly as possible and we would like to be involved in any publication about the problem after it has been solved.

Personal data

Types of personal data we process

BRU TEXTILES / subsidiaries processes various personal data depending on your relationship or collaboration with BRU TEXTILES / subsidiaries.

As a customer

We collect the following personal data in connection with or pursuant to our relationship with (potential) customers:

  • Identification and contact details (name, e-mail address, telephone number, title);
  • Professional details (position, company number, company address, land code, language);
  • Financial and economic data (payments);

As a supplier

We collect the following personal data in connection with the collaboration with our suppliers:

  • Identification and contact details (name, e-mail address, telephone number, address.);
  • Professional details (position, company number);
  • Company financial and economic data (payments);

As a job applicant

In connection with job applicants, BRU TEXTILES / subsidiaries limits the collection of personal data to the following:

  • Identification and contact details (name, e-mail address, telephone number);
  • Professional details (CV, motivation letter, evaluations).

As a visitor of our websites

When you visit our websites, we will automatically collect a number of personal details by means of cookies. For this, we refer you to the cookie statement on the websites. The websites that are owned by BRU TEXTILES / subsidiaries are:

  • brutex.com
  • fibreguard.com
  • fr-one.com
  • brugle.com
  • twinbru.com
  • portal.twinbru.com
  • uv-pro.com
  • brumed.com

As a visitor of our workplace

We collect the following personal data in connection with visitors of our workplace:

  • Identification (name)
  • Professional details (company name)

Why do we process personal data?

BRU TEXTILES / subsidiaries processes personal data for various purposes, depending on your relationship or collaboration with BRU TEXTILES / subsidiaries.

As a customer

We collect and process personal data of customers for the following purposes:

  • To provide the services, information, support, etc. that you request;
  • To process orders;
  • To maintain customer relationships;
  • In order to help us to serve you and to offer you personalized functionalities;
  • To comply with our legal obligations - including, but not necessarily limited thereto - all administrative, tax-related and social-legal obligations.
  • To comply with the conditions and security regulations that are imposed on us in connection with our status as “Authorized Economic Operator”, “Entry in the Declarant's Records (EiDR), ...
  • To grant you your access rights to our websites, mobile sites and/or applications;
  • To direct our efforts for the improvement of our products;
  • To contact you as a possible survey respondent;
  • Provided with explicit permission, to send promotion material (newsletters...) to you.

As a supplier

We collect and process personal data of suppliers for the following purposes:

  • The optimal collaboration and maintaining the suppliers relationship;
  • To place and pay for orders.

As a job applicant

We collect and process your personal data for the following purposes:

  • To carry out an effective and efficient recruitment and selection procedure;
  • Later communication for a (different) job vacancy within a period of one year, after explicit consent from the job applicant.

As a visitor of our websites

To provide a better user experience on our websites.

As a visitor of our workplace

To maintain our security and safety within our workplace.

How have we obtained your personal data?

As a customer

We obtain your personal data that you share directly with us. This is possible through various channels such as through an employee or a sub-contractor. In some case, it is possible that we obtain your personal data via public databases or acquaintances. If this is the case, then we will inform you about this during our first contact as required by law.

As a supplier

We obtain your personal data that you share directly with us. In some case, it is possible that we obtain your personal data via public databases or acquaintances. If this is the case, then we will inform you about this during our first contact as required by law.

As a job applicant

We obtain the personal data that you share with us via your job application. In addition, we could possibly request references from a third party (former employers).

As a visitor of our websites

We obtain the personal data by visiting our website and accepting non-essential & non- functional cookies or by filling in our contact form.

As a visitor of our workplace

We obtain the personal data via our visitor registration in our offices.

With whom do we share your personal data?

We share your personal data with third parties that provide communication and IT services to us insofar as necessary for running our business processes. However, we assure you that all our third parties have taken the necessary measures to guarantee your privacy. ​We will not share your personal data with any other parties than the above- mentioned third parties without having obtained explicit permission to do so. Furthermore, we may have to share your personal data in connection with an investigation into unlawful or illegal activities via our website, possible cases of fraud, possible actions that form a potential threat to safety in general or the safety of a person, possible violations of the service conditions or to prevent these activities or actions or to take the necessary action to stop these activities or actions or to defend ourselves against legal claims. Finally, personal data may also be shared in special circumstances such as pursuant to summons, court orders, requests, notifications of legal bodies or law enforcement bodies that require such disclosure.

How long do we retain your personal data?

BRU TEXTILES / subsidiaries undertakes nothing to retain your personal data longer than for the purpose for which we have collected these personal data.

As a customer

We will retain the personal data of customers for a maximum period of 10 years after the last purchase.

As a supplier

We will retain the personal data of suppliers for a maximum period of 10 years after the last order.

As a job applicant

We will retain the personal data of job applicants for a maximum period of 4 weeks after filling in the vacancy.

Should we wish to retain your personal data up to maximum 1 year after filling in the vacancy, we will request your explicit permission to do so.

As a visitor of our websites

We will retain the personal data as stated in our cookie policy on the website.

As a visitor of our workplace

We will retain the personal data of visitors for a maximum period of 30 days after the visit.

How is your personal data protected against loss, misuse or undesired manipulation?

In order to protect the information that we have under our control against loss, misuse or undesired manipulation, we have appropriate physical, electronic and managerial procedures in place to promote the availability, confidentiality and integrity of your personal data. For example, our servers are only accessible for authorized personnel, your personal data are only shared with personnel on a need-to-know basis only for the purpose of the realization of the transaction and providing the requested services to you. Moreover, an extensive analysis is performed for new projects that could possibly have an impact on your privacy to secure your rights, and to promote the security and protection of your personal data. Should an incident occur nevertheless involving your personal data, you will be notified personally in the circumstances provided for in the law.

​Bru Textiles and its subsidiaries do their best to secure your information. This does not eliminate all possible leaks. Under no circumstances can Bru Textiles or its subsidiaries be held liable if your information is misused, lost or subject of undesired manipulation.

Which possibilities do you have with regards to your rights?

You can change your interests and or subscribe or unsubscribe to any marketing or promotional newsletter or mailing at any time. BRU TEXTILES / subsidiaries retains the right to send service-related communication to you as part of your BRU TEXTILES / subsidiaries account, without you having the possibility to unsubscribe for this. You can change or update your account settings at any time.

When you share your personal data with BRU TEXTILES / subsidiaries, you have a number of rights with regard to your personal data. BRU TEXTILES / subsidiaries respects these rights and aims for transparencyand accuracy of your personal data. Therefore, as an individual you have the right to:

  • ​Inspect and transferability of your personal data;
  • ​Revise (correct) your personal data if the data are incorrect or incomplete;
  • ​Temporary (or permanent) limitation of the processing of your personal data*;
  • ​Delete your personal data**;
  • ​To oppose the use of your personal data for direct marketing purposes.

* With these rights, you must take into account that BRU TEXTILES / subsidiaries may no longer be able to offer some services. For instance, you will no longer be able to purchase products at BRU TEXTILES / subsidiaries or we will no longer be able to contact you for possible job vacancies.

​** BRU TEXTILES / subsidiaries retains the right to determine whether your request is justified. Moreover, in some cases, we have to comply with a number of statutory retention periods and therefore we cannot fully accommodate your request to delete your personal data. In that case, we will evaluate which personal data we can already delete and we will inform you accordingly. Moreover, the right to deletion is limited to the legal right.

​If you have any further complaints regarding compliance with the privacy statement, you must contact us first. If you still have any unresolved issues after that which you believe that we have not dealt with properly, you can contact the Personal Data Protection Authority.

​If you wish to exercise your rights or submit complaints, we do request you to first identify yourself in order to avoid anyone doing this in your name. In addition, we request you to always be as specific as possible so that we can respond to your request optimally. We will always respond within the statutory specified term of 30 days.