We make every effort to comply with European Regulation 2016/679 of 27 April 2016 on the protection of personal data (General Data Protection Regulation, better known as GDPR).  

2.1. Personal data you provide to us:
• Category 1: without registration: your IP address
• Category 2: via cookies: tracking the use of the website
• Category 3: contact details submitted through a contact request or by signing the charter.  

2.2.

We may collect your personal data in various ways: through the use of cookies, during a contact request, through use of the website, or by signing the CRYOX form.  

2.3.

The website also uses cookies that collect certain personal data. For provisions regarding the use of cookies, see Article 9.

3.1. General purposes

The personal data collected on this website are used exclusively for the following purposes:
• Category 1: maintaining and improving this website and including personal data in anonymous statistics from which the identity of specific persons or companies cannot be derived, based on our legitimate interests to continuously improve this website and our services;
• Category 2: improving the user experience, based on your explicit prior consent;
• Category 3: processing your signing of the petition and, where applicable, publishing relevant data. You are not obliged to provide your personal data, but you understand that certain services cannot be provided if processing is refused.  

3.2. Direct marketing

If you are already included in our mailing list for receiving marketing materials in paper and/or electronic form, we may use your data to send marketing and other material relating to our various services, or for remarketing purposes. This consent may be withdrawn at any time, free of charge and without justification, by clicking the unsubscribe link provided.

This unsubscribe link is included in every email sent for direct marketing purposes. We do not sell, rent, or otherwise commercially make your personal data available to third parties, unless with your prior consent.  

3.3. Where we process data
1. We and our external processors will only process your identifiable personal data within the EEA (European Economic Area).
2. We may transfer your anonymized and/or aggregated data to organizations outside the EEA. If such a transfer takes place, we will ensure that appropriate safeguards are in place to guarantee the security and integrity of your personal data and that all rights relating to personal data are protected as required under applicable mandatory law.
3. If your personal data and/or anonymized and/or aggregated data are transferred, the following legal protection mechanism applies:
• Google — Country outside the EEA: USA — Legal transfer mechanism: Standard Contractual Clauses (SCC)
• Mailchimp — Country outside the EEA: USA — Legal transfer mechanism: Standard Contractual Clauses (SCC)

4.1.

In order to process your personal data, we may grant access to your personal data to our employees where necessary.  

4.2.

We guarantee a similar level of protection by making contractual obligations enforceable against these employees and appointees, comparable to those set out in this Privacy Policy.

Personal data are stored and processed by us for a period necessary in relation to the purposes of the processing and in relation to any contractual relationship between us and you.  

The following rights regarding your personal data may always be exercised upon simple request.  

6.1. Right of access and inspection

You have the right to access your personal data free of charge at any time.  

6.2. Right to rectification, erasure, and restriction

You are free to communicate your personal data to us or not. In addition, you always have the right to request that we correct, supplement, or delete your personal data.  

6.3. Right to object

You always have the right to object to the processing of your personal data for serious and legitimate reasons or for direct marketing purposes.  

6.4. Right to data portability

You have the right to obtain your personal data in a structured format and/or transfer them to another controller.  

6.5. Right to withdraw consent

Where processing is based on your prior consent, you naturally have the right to withdraw that consent.  

6.6. Exercising your rights

You may exercise your rights by contacting us by email at info@cryox.be or by post at our registered address. Additional identification may be requested for verification purposes.  

6.7. Automated decisions and profiling

No profiling methods are used during the processing of your personal data that would have adverse automatic effects on the services received.  

6.8. Right to lodge a complaint

You have the right to lodge a complaint with the Belgian DPA:
Data Protection Authority
Drukpersstraat 35, 1000 Brussels
Tel. +32 (0)2 274 48 00
Website: gegevensbeschermingsautoriteit.be  

7.1. We have implemented technical and organizational security measures to prevent the destruction, loss, falsification, alteration, unauthorized access to, or accidental disclosure to third parties of personal data collected, as well as any other unauthorized processing of such data.  
‍
7.2.Under no circumstances can we be held liable for any direct or indirect damage resulting from incorrect or unlawful use of personal data by a third party.  
‍
7.3.You must comply with security regulations at all times. You are therefore solely responsible for the use made of the website from your computer, IP address, and identification data, as well as for keeping them confidential.  

8.1. We are not responsible for the content of websites linked to from this website by the administrator or visitors. The visitor understands that the privacy practices of other websites may differ from those of this website.  

8.2. A link to a website cannot be considered an explicit endorsement of the content of that website, nor can its accuracy be permanently guaranteed.  

9.1. With regard to the use of cookies, we refer to the cookie statement on this website.