By accessing and using the website, the user declares that he/she has read the information described below, accepts this Policy and expressly consents that the data controller collects and processes, in accordance with the terms and principles described in this Policy, his/her personal data that he/she communicates through the website and/or in connection with the services offered on the website, for the purposes indicated below. The user has the right to withdraw his consent at any time. The withdrawal of consent shall not compromise the lawfulness of the processing operation based on the prior consent given.
Which data do we process?
By visiting and using the website, the user expressly consents to the data controller collecting and processing the following personal data according to the methods and principles described below:
- its domain (automatically detected by the controller’s server), including the dynamic IP address ;
- its e-mail address if the user has previously disclosed it, for example by sending messages or questions on the website, by communicating with the controller by e-mail, by participating in discussion forums, by accessing the restricted part of the website by identification, etc..;
- all the information concerning the pages that the user has consulted on the website;
- any information that the user has voluntarily given, for example in the context of information surveys and/or registrations on the website, or by accessing the restricted part of the website through identification.
The controller may also collect non-personal data. These data are called non-personal data because they do not directly or indirectly identify a particular person. They may then be used for any purpose whatsoever, for example to improve the website, the products and services offered or the data controller’s advertising. In the event that non-personal data are combined with personal data, so that identification of the data subjects is possible, such data will be treated as personal data until such time as it is made impossible to link them to a particular person.
A cookie is a small text file sent to your browser and saved on the hard drive of your device (PC, laptop or smartphone, etc.) when you visit a website, such as your choice of language.As manager of the lysmedical.com website, the Lys Medical uses different types of cookies, which are detailed in a table below.
Functional cookies allow the website to record information that has already been provided and to offer you enhanced, personalised functionality. They make it possible, for example, to remember the language of your choice.
These cookies cannot therefore be deactivated.
The website uses “Google Analytics” for analytical purposes. This analytical tool allows us to quantify the visits (traffic) to the website in order to know how many times a certain page has been read, for example. We only use this information to improve the content of our website and the communication around it.
These cookies will only be placed on your device if you have given your prior consent.
“Script cookies” are external scripts / libraries that the site uses to call up elements such as google fonts or google maps.
These cookies will only be placed on your terminal if you have previously consented to them.
Cookies deposited via video sharing platforms are intended to enable you to view multimedia content directly on the website.
These cookies will only be placed on your device if you have given your prior consent.
List of cookies
The website lysmedical.com uses the following cookies:
Type and origin : Functional cookie
Storage period : 1 year
Content : Visitor’s language
Objective : Save visitor’s language for future visits
Type and origin : Analytical cookie (Google Analytics)
Storage period : 24 hours
Content : Sequence of characters
Objective : Analyze the traffic on the site
Type and origin : Cookie Script (Google Fonts)
Storage period : 24 hours
Content : Externe script
Objective : Font call
Type and origin : Cookie script (youtube)
Storage period : 24 hours
Content : Externe script
Objective : Video
Type and origin : Cookie script (Google Map)
Storage period : 24 hours
Content : Externe script
Objective : Map call
Purposes of the processing
Personal data are collected and processed only for the purposes mentioned below:
- ensuring the management and control of the execution of the proposed services;
- answering the user’s questions;
- performing statistics;
- improving the quality of the website and the products and/or services offered by the controller;
The controller may be required to carry out processing operations not yet provided for in this Policy. In this case, the controller will contact the user before re-using his personal data, in order to inform him of the changes and give him the possibility, if necessary, to refuse such re-use.
Duration of the storage
The controller shall store personal data only for the time reasonably necessary for the purposes pursued and in accordance with legal and regulatory requirements. The personal data of a customer are kept for a maximum of 3 years after the end of the contractual relationship between the customer and the controller. Shorter retention periods apply for certain categories of data, such as traffic data, which are kept for only 12 months. At the end of the storage period, the controller shall make every effort to ensure that the personal data have indeed been made unavailable. Access to the data and copy Upon written, dated and signed request sent to the controller at the address referred to in the “contact details” section of this Policy, the user may, after proving his identity (by attaching a copy of the identity card), obtain free of charge the written communication or a copy of the personal data concerning him that have been collected. The controller may charge a reasonable fee based on administrative costs for any additional copies requested by the user. Where the user makes such a request electronically, the information shall be provided in a commonly used electronic form, unless the user requests otherwise.
Data access and copying
The copy of his data will be communicated to the user at the latest within one month after receipt of the request.
Right of rectification
By means of a dated and signed written request sent to the data controller at the address referred to in the “contact detail” section of this Policy, the user may, after proving his identity (by attaching a copy of the identity card), obtain free of charge, as soon as possible and at the latest within one month, the rectification of his personal data which are inaccurate, incomplete or irrelevant, as well as completing them if they prove to be incomplete.
Right to object to processing
By means of a dated and signed written request sent to the data controller at the address referred to in the “contact details” section of this Policy, the user may at any time, for reasons relating to his particular situation and after having provided proof of his identity (attaching a copy of the identity card), object free of charge to the processing of his personal data, unless:
- the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- processing is necessary for the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require protection of personal data prevail (in particular where the data subject is a child).
The controller may refuse to exercise the user’s right of opposition where he establishes the existence of compelling and legitimate reasons justifying the processing, which take precedence over the interests or rights and freedoms of the user, or for the establishment, exercise or defense of a legal claim. In case of dispute, the user may lodge an appeal in accordance with the point “claims and complaints” of this Policy. By means of a dated and signed written request sent to the data controller at the address referred to in the “contact details” section of this Policy, the user may, at any time and after having provided proof of his identity (by attaching a copy of the identity card), oppose, without justification and free of charge, the processing of personal data concerning him when his data are collected for direct marketing purposes (including profiling). Where personal data are processed for scientific or historical research purposes or for statistical purposes in accordance with the general data protection regulation, the user has the right to object, for reasons relating to his particular situation, to the processing of personal data concerning him, unless the processing is necessary for the performance of a task in the public interest. The controller is obliged to reply to the user’s request as soon as possible and at the latest within one month and to give reasons for his reply if he intends not to comply with such a request.
Right of limitation of the processing
By means of a dated and signed written request sent to the data controller at the address referred to in the “contact details” section of this Policy, the user may, after proving his identity (by attaching a copy of the identity card), obtain the limitation of the processing of his personal data in the cases listed hereunder:
- when the user disputes the accuracy of a data and only the time that the controller can control it;
- where the processing is unlawful and the user prefers the processing to be limited to deletion;
- when, although no longer necessary for the pursuit of the purposes of the processing, the user needs it for the establishment, exercise or defence of his rights in court;
- for the time necessary to examine the validity of an opposition request submitted by the user, in other words, for the controller to check the balance of interests between the legitimate interests of the controller and those of the user.
The controller will inform the user when the limitation of the processing is lifted.
Right to erasure (right to forget)
By means of a dated and signed written request sent to the data controller at the address referred to in the “contact details” section of this Policy, the user may, after proving his identity (by attaching a copy of the identity card), obtain the deletion of the personal data concerning him, where one of the following grounds applies:
- the data are no longer necessary for the purposes of the processing operation;
- the user has withdrawn his consent for his data to be processed and there is no other legal basis for the processing;
- the user objects to the processing and there is no compelling legitimate reason for the processing and/or the user exercises his specific right of opposition in direct marketing (including profiling);
- the personal data have been unlawfully processed;
- personal data must be erased in order to comply with a legal obligation (under Union law or Member State law) to which the controller is subject ;
- personal data have been collected in the context of the provision of information society services to children.
The deletion of data is however not applicable in the following 5 cases :
- where processing is necessary for the exercise of the right to freedom of expression and information;
- where processing is necessary for compliance with a legal obligation requiring processing under Union law or under the law of the Member State to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- where the processing is necessary for public health reasons;
- where processing is necessary for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes and where the right to erasure is likely to render impossible or to seriously jeopardise the attainment of the purposes of the processing in question;
- where processing is necessary for the establishment, exercise or defense of legal claims.
The controller is obliged to reply to the user’s request as soon as possible and at the latest within one month and to give reasons for his reply if he intends not to comply with such a request. The user also has the right, in the same manner, to obtain, free of charge, the deletion or prohibition of the use of any personal data concerning him which, taking into account the purpose of the processing, is incomplete or irrelevant or whose recording, communication or storage would be prohibited or which has been kept beyond the necessary and authorised period.
Right to “data portability”
Upon written, dated and signed request sent to the controller at the address referred to in the “contact details” section of this Policy and after proving his identity (by attaching a legible copy of the identity card), the user may at any time request to receive his personal data free of charge in a structured, commonly used and machine-readable format, with a view in particular to transmitting them to another controller, when:
- the data processing is carried out using automated processes; and where
- the processing is based on the consent of the user or on a contract concluded between the user and the controller.
Under the same conditions and in the same manner, the user has the right to obtain from the controller that the personal data concerning him will be transmitted directly to another controller of the processing of personal data, insofar as this is technically possible. The right to data portability shall not apply to processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Recipients of data and disclosure to third parties
The recipients of the data collected and processed are, in addition to the controller himself, his employees or other subcontractors, his carefully selected business partners, located in Belgium or in the European Union, and who collaborate with the controller in the context of the marketing of products or the provision of services. In the event that the data are disclosed to third parties for direct marketing or prospecting purposes, the user will be informed in advance so that he can choose whether or not to accept this processing of his data by third parties. By means of a dated and signed written request sent to the data controller at the address referred to in the “contact details” section of this Policy, the user may, at any time and after having provided proof of his identity (by attaching a copy of the identity card), object free of charge to the transmission of his data to third parties. The data controller respects the legal and regulatory provisions in force and will in all cases ensure that his partners, employees, subcontractors or other third parties having access to these personal data comply with this Policy. The controller reserves the right to disclose the user’s personal data in the event that a law, judicial procedure or an order from a public authority makes such disclosure necessary. No personal data shall be transferred outside the European Union.
Use and management of “cookies”
Definition of cookies
A “cookie” is a data or text file that a web site server temporarily or permanently stores on the user’s computer equipment (hard disk, tablet, smartphone, or similar device) through its browser. Cookies may also be installed by third parties with whom the controller collaborates. Cookies retain a certain amount of information, such as visitors’ language preferences or the content of their shopping cart. Other cookies collect statistics about the users of a website or ensure that graphics appear correctly and that applications work well on the website. Others make it possible to adapt the content and/or advertising of a website according to the user.
The website uses different types of cookies:
- Essential or technical cookies: these are cookies essential for the operation of the website, enabling good communication and they are intended to facilitate the browsing;
- Statistical or analytical cookies: these cookies make it possible to recognize and count the number of visitors and to see their browsing behaviour when they visit the website. This improves the user’s browsing and makes it easier for him to find what he is looking for;
- Functional cookies: These cookies enable specific features on the website to improve user friendliness and experience, including remembering user preference choices (e.g. language);
- Performance cookies: These cookies collect information about how visitors use the website. They make it possible to evaluate and improve the content and performance of the website (for example by counting the number of visitors, identifying the most popular pages or clicks), and to better match commercial proposals to the user’s personal preferences..;
- Advertising or commercial cookies: these are files intended to collect data relating to the profile of visitors and likely to be installed or read by third parties with whom the controller collaborates in order to measure the effectiveness of an advertisement or a web page and to better adapt it to the user’s interests;
- Tracking cookies: the website uses tracking cookies via Google Analytics, in order to help the controller to measure the ways in which users interact with the content of the website, and which generates visit statistics strictly anonymously. These statistics continually improve the website and provide the user with relevant content. The controller uses Google Analytics to get an overview of the traffic on the website, the origin of this traffic and the pages visited. This means that Google acts as a subcontractor. The information collected by Google Analytics is generated as anonymously as possible. For example, it is not possible to identify who visits the website. For further information, the user is invited to consult Google’s data protection policy, available at the following address: http://www.google.nl/intl/en_uk/policies/privacy/
- Use of sharing tools: Our website uses some social media tools in the form of sharing buttons that make it easy for visitors to share information with their friends on certain social networks. Therefore it is possible that, when visiting a page on which such a plug-in is included, you may be confronted with cookies from these websites. These sites are not managed by TKR of you | XY Design et Diffusion SA. By using these links, you agree to the privacy policies of these sites. These sites may also set a cookie if you are connected to their services. In this way, they may also collect data in order to show you advertisements on other sites that they consider relevant to your interests.
Most browsers are configured to automatically accept cookies, but all allow settings to be customized according to user preferences. If the user does not want the website to place cookies on his computer/mobile device, he can easily manage or delete them by changing his browser settings. Users can also set their browser to notify them when they receive a cookie and decide whether or not to accept it. If the user wishes to block and/or manage certain cookies, he can do so by following the link linked to his browser:
The controller shall implement appropriate technical and organizational measures to guarantee a level of security of the processing and the data collected with regard to the risks presented by the processing and the nature of the data to be protected appropriate to the risk. It takes into account the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks to users’ rights and freedoms. The controller always uses encryption technologies that are recognized as industry standards within the IT sector when transferring or receiving data on the website. The controller has put in place appropriate security measures to protect and avoid the loss, misuse or alteration of information received on the website.
Communications by mail, e-mail or telephone
Communication by mail.
If the user communicates his postal address to the controller via the website, his data are recorded in the controller’s address file to respond to his request and to keep him informed of the products and services offered by the controller. Unless the user objects, the controller may also disclose the user’s data to third parties (such as corporate groups and business partners) for direct marketing purposes. If the user does not wish his data to be used for direct marketing purposes, he can indicate this when registering on the website. The user may at any time consult, correct or delete his data in the file of the controller. To do so, he should contact the controller at the address referred to in the “contact details” section of this Policy, not forgetting to specify his exact name and address (spelled correctly). The controller undertakes to delete his data from the list he shares with other companies or organizations.
Communication by telephone.
If the user informs the controller of his telephone number via the website, he may receive a telephone call:
- from a controller in order to communicate information on its products, services or upcoming events;
- from groups of companies and business partners with whom the controller has a contractual relationship.
If the user does not/no longer wish to receive such telephone calls, he/she may contact the controller at the address referred to in the “contact details” section of this Policy, not forgetting to specify his/her exact name and address (spelled correctly). The controller undertakes to delete his data from the list he shares with other companies or organisations. If the user communicates his mobile phone number to the controller via the website, he will only receive messages (SMS/MMS) from the controller that are necessary to answer his questions or inform him about his orders placed online.
Communication via e-mail.
If the user communicates his e-mail address to the controller via the website, he may receive:
- e-mails from the controller in order to communicate information about its future products, services or events (for direct marketing purposes), provided that the user has expressly consented or is already a customer of the controller and has communicated his e-mail address to the controller;
- e-mails from groups of companies and companies/organizations to which the controller is contractually bound for direct marketing purposes, provided the user has given his explicit consent.
If the user does not/no longer wish to receive such e-mails, he/she may contact the controller at the address referred to in the “contact details” section of this Policy, not forgetting to specify his/her exact name and address (spelled correctly). The controller undertakes to remove his data from the list he shares with other companies or organizations.
Claims and complaints
The user can lodge a complaint with his national control authority, whose details are listed on the official website of the European Commission:
- Commission pour la Protection de la Vie Privée, Rue de la Presse, 35, 1000 Bruxelles
- Phone +32 2 274 48 00 – Fax. +32 2 274 48 35
The user may also file a complaint with the court of first instance of his residence. For more information on complaints and possible remedies, the user is invited to consult the following address of the Belgian Commission for the Protection of Privacy: https://www.privacycommission.be/fr/plainte-et-recours
Data Protection Officer
The Data Protection Officer of the controller is: Lys Medical.
For any question and/or complaint, in particular as to the clear and accessible nature of the present Policy, the user may contact the data controller:
Applicable law and competent jurisdiction
This Policy shall be governed by the national law of the main place of establishment of the controller. Any dispute concerning the interpretation or execution of this Policy shall be submitted to the courts of that national law.
The controller reserves the right to modify the provisions of this Policy at any time. Changes will be published with a warning as to their coming into force.
This version of the Policy dates from 11/01/2022.