In order to obtain comprehensive information, we suggest you read this Policy all the way through. If you are only interested in a certain section, however, you can jump to the given subject area by clicking on the reference below.
This website is owned and operated by Gerard® – a member of Roof Tile Group, a company founded and operating in accordance with Belgium legislation, of which the head office is Belgium, ROOF TILE GROUP Europe NV Michielenweg 3, B-3700 TONGEREN, BELGIUM, e-mail address: firstname.lastname@example.org. hereinafter: Operator), directly or through its empowered services providers.
I/2. The User
A user is any person who visits the website, makes use of its services as such may be made available by the Operator from time to time, irrespective of whether such User registers for an account or not. Certain services may be used only by registered users.
I/3. Scope and modification of the Policy
The scope of the present Usage and data management policy (hereinafter: Policy) extends to the services provided and the data management in connection with the Operator’s present website (hereinafter: Website).
In the absence of a contrary provision, the scope of the Policy does not extend to services and data management which are connected with the promotions, prize draws or services of third persons advertising on the Website or otherwise appearing there, with their other campaigns or published content. In the absence of a contrary provision, the scope of the Policy does not extend to the services and data management of websites and service providers which links on the present Website may lead to.
The Operator is entitled to modify the Policy at any time. The Operator is not obliged to send users separate notification of the modifications. In order to familiarize yourself with the updated version, we suggest you visit this present link regularly and check out our Policy.
I/4. The Operator’s activity, purpose of the Website
The Operator manufactures and sells Gerard roofing systems.
The main purpose of the present Website is to present Gerard products and systems and the related services offered.
The information published on the Website does not qualify as an offer. The Operator takes no responsibility that the products appearing on the Website will actually be available in the future, in the quantity and quality presented on the Website.
The information published on the Website only serves as orientation for users, it can in no way be regarded as the Operator’s contractual declaration, official prospectus or instructions for use.
The Operator takes no responsibility if the information published on the Website differs from the information published by other dealers with regard to the same products and services.
Familiarity with the information published on the Website does not replace knowledge of official prospectuses related to the use and recourse to the products and services, or recourse to help from experts.
I/5. Authoritative law
The Operator is an economic company registered in Belgium, which primarily performs its activities under the authority of Belgium legislation.
For such case that the application of a particular law may be stipulated, the Operator stipulates the application of Belgium law.
For such case that there is room to stipulate the legal authority, the Operator stipulates the exclusive competence of the Belgium authorities and courts with jurisdiction associated with his head office.
The personal data are processed and managed by the Operator, directly or through its data processors, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation or the GDPR).
The Operator strives to ensure that the following principles of managing the personal data fully prevail:
- personal data are only managed for a specified purpose;
- every stage of the data management conforms to this purpose, including the range of data managed;
- the uptake and management of the personal data is honest and legal;
- the data are accurate, complete and current;
- if it is not necessary to identify the person concerned, the data management is modified in such a way that the person concerned cannot be identified on the basis of the available data;
- the rights of the persons concerned correspondingly prevail.
II/1. Personal data collected by the Operator
With reference to our company, personal data signify information which identifies you or enables us to get in contact with you, for instance your name or e-mail address. Details of personal data collected by us may be listed in the following categories:
A) Information collected automatically
When you visit our website, certain information is collected automatically on the devices you use. In certain countries, including the countries of the European Union and / or European Economic Area (“EU / EEA”), a defined range of this information may be regarded as personal data under the terms of relevant data protection legislation.
For instance the IP address, the type of informatics device you use, the unique device ID number, the type of browser used, your geographical location (e.g. location by country or town) and other technical information are to be regarded as such. We may also collect data on how the device interacted with our website, including the pages you wished to reach and the links you visited.
Collecting these data enables us to be better acquainted with the visitors to our websites, where they come from and which content of our homepages they are most interested in. This information is only used for internal analytical purposes according to the above, so we can satisfy the interests of our visitors and thus improve the quality of our websites.
B) Personal data provided voluntarily by you:
Certain sections of our Website contain services for the use whereof you may need to fill in personal data. Such, for instance, are the features in Roof Calculator, Roof Simulator or Find Your Roofing Expert, in case you send an offer request. In case in Find Your Roofing Expert form you provide solely data concerning the locality, and not your specific and full address, such information shall not be deemed as “personal data”, since it is insufficient for identifying you. Moreover, even if you provide your full address, this information shall only serve for finding a roofing expert nearer to the entered address, and it shall not be used by us for identifying you.
Kindlynote that visiting the Website does not depend on registration, but some of the services are only accessible to registered users, such as the Roofnet Program, Calculator or Gerard for Architects subpages. The range of personal data collected from registered users, as well as all related information concerning the processing of such data are available upon the relevant registration process.
II/2. The purpose and legal basis for personal data processing
We use the personal data collected on you for various reasons, including the following purposes:
- In order for us to be able to respond to possible requests from you or to provide you with the information you ask for.
- For the purpose of using, supporting, personalizing, maintaining and improving our services.
- In order to comply with and enforce legal requirements, agreements and guidelines which must be applied.
- In order to avert, detect, identify, investigate and respond to any possible or actual demands, obligations, forbidden conduct or crimes, and to defend against these.
- For implementing additional activities in conformity with the present Policy.
The legal basis of the data processing is:
- art. 6 paragraph 1, letter f) of the GDPR: the Operator’s legitimate interest - in case of using functionality cookies
- art. 6 paragraph 1, letter b) of the GDPR: taking the necessary steps for the conclusion of a contract – in case you send us an offer request after using the features in Roof Calculator, Roof Simulator or Find Your Roofing Expert
- art. 6 paragraph 1, letter a) of the GDPR: your assent to the data processing – in particular cases as disclosed in the specific data processing policies
In case of registered user accounts (such as on https://architects.gerardroofs.eu/, http://calculator.gerardroofs.eu/ or Roofnet Program), the purposes of the data processing, as well as the legal basis for such processing are listed in the corresponding data processing policies.
II/3. Access to managed data, forwarding and usage of the data
Personal data eventually collected through the Website might become accessible to data processors such as web services providers or marketing companies. The data processors are only authorized to implement the Operator’s decisions, in accordance with the Operator’s instructions.
We may also forward your personal data to the following addressees:
To linked companies:
We may share personal data with companies in ownership or management relationship with us (for instance, with firms which monitor or manage our company, or have joint management with us, or which our company monitors or manages) – hereinafter: subsidiary.
Included here are those data which come to our attention in connection with websites operated by us or by our subsidiaries.
To specified service providers:
We may share your personal data with companies which provide services for us so that we can fulfil our obligations and keep you informed, for instance fulfilling orders, delivering parcels, sending postal deliveries and e-mails, analyzing customer data, offering help with marketing, investigating possible fraud activities, conducting customer surveys and running customer services.
To behavioral advertisers:
From time to time, we may permit firms qualifying as third parties which use behavioral advertising to use their technology to collect information available in connection with visiting and using our website in order to pursue promotional activity related to products and services considered to be of interest to you. These personalized adverts may appear on our websites and also on other websites.
In order to observe the legal obligations of any other party:
Your personal data may be shared with any other third party in order to fulfil legal obligations (or involvement in legal proceedings), so that we can defend our company, our employees, agents, clients, visitors and subsidiaries against any fraud or the possibility of such; or inasmuch as you consent to this.
The recipients or categories of recipients of personal data collected through registered user accounts are disclosed in the corresponding data privacy policies.
II/4. Data management for promotion and research purposes
Subject to the User’s prior consent, the Operator may use the contact details entered by the relevant User (e-mail address, postal address, telephone number, other IDs used for keeping in contact) for the purpose of sending an electronic letter to the user in relation to the Operator, the Operator’s activity, as well as the Website for promotion purposes, a newsletter concerning the service, or a letter including advertising, and for information for this purpose to reach him.
II/5. Retention of personal data
Unless otherwise specified herein or by the applicable law, we retain for 5 years the personal data we have collected.
If a civil law relationship is established between the user and the Operator, civil law rules are also authoritative for management of the data. In this case, the personal data are to be managed in the interest of implementing the demands of civil law, or on this legal basis. If an official or court procedure is launched due to an illegal act by the user, in order to conclude this successfully, the Operator may manage the data in consideration of this legal basis.
If we no longer have need for processing any of your personal data in order to carry out our business activities, then we will either delete or anonymize them, or if this is not possible (for instance, because your personal data have been stored in the saved archives), then we will store these personal data securely and in seclusion from other data processing activities until their deletion becomes possible.
In any case, we delete the entered data, if:
- managing them is unlawful, or deletion is ordered by legislation;
- the person concerned requests it;
- the data are incomplete or inaccurate, and this makes their usage impossible;
- this is ordered by an authority or court.
II/6. Associated data protection entitlements and options
You may access your personal data collected by us online and kept current using generally accepted updating methods. In order to update, correct or delete this information, get in touch with us at the address first above written or on the email@example.com e-mail address.
Besides the above, you may exercise the following data protection rights:
- to access, correct, update or, as the case may be, delete your personal data
- to raise an objection in connection with the processing of your personal data, ask for the limitation of processing of your personal data or by special request the implementation of portability
- to cancel receiving the marketing communication messages we send at any time without giving a reason. You can exercise this right by clicking on “unsubscribe” in the marketing e-mails we send or on the “opt-out” link. If you wish to cancel other forms of marketing too (e.g. postal marketing or telemarketing), then please get in contact with us.
- to withdraw your consent at any time and without giving a reason with respect to future processing of your personal data collected and processed by us based on your consent. The withdrawal of consent does not influence the legality of processing we carried out earlier while your consent was in force, nor does it influence the processing of personal data if this is done in consideration of another legal basis apart from personal consent.
For further information, please contact the local data protection authority.
III/1. The user’s obligations and responsibility
The user is obliged to take appropriate care when entering his data. The Operator cannot be held responsible for damage resulting from the user not taking proper care concerning the protection of his data.
The user may only use the site on his own responsibility. The Operator does not accept responsibility for damage or inconvenience suffered by the user while using the site, if these arise from the user not proceeding with due caution when using the site. The user only may make his data public and accessible to others at his own responsibility.
When using the site, the user is obliged to proceed honorably, bearing others’ rights and interests in mind.
The user is obliged to respect operative legislation, and during usage is obliged to refrain from all activity which is unlawful, or which damages the interests of others. Included in this, the user is obliged to respect others’ private spheres, personal rights and intellectual property rights, especially the regulations concerning the protection of literary, scientific and artistic creations, inventions, design patterns, utility models, trademarks and brand names subject to copyright protection. The user is obliged to refrain from committing crimes and misdemeanors, and furthermore is obliged to refrain from using all obscene, indecent expressions and utterances, or any other which are likely to result in indignation in others;
All users are obliged to refrain from all activity which would impede proper usage of the site. All users are obliged to refrain from all activity which damages the Operator’s interests. Included in this, the user is obliged in particular:
- To refrain from upsetting or obstructing the operation of the site;
- To refrain from activities which are aimed at obtaining or using the Operator’s business secrets or information which he keeps secret;
- To refrain from all communication which bears false information with regard to the service;
- To refrain from all activity which threatens the informatics security of the site;
- To refrain from all activity which is aimed at advertising his own product or service, or those of another, third person.
Besides the above, the Operator may set further restrictions, of which he will inform the users.
While using the site, users may only make other persons’ data public, or make them available to others, if the person concerned has expressly consented to this. The consent of the person concerned is not necessary in the case of open public appearance, or with regard to data he has previously made public without restriction.
When registering, users may only enter their own personal data. Entering other persons’ data qualifies as unlawful data management, which could have consequences defined by legislation. In case of the abuse of others’ personal data, the Operator will provide the competent authority with help in order to detect the infringement and identify the person committing the infringement.
The restrictions described in the present point apply to all visitors to the site.
III/2. Procedure against offending users
If a user contravenes the stipulations of the present Policy, or the specifications of legislation, the Operator may delete the user’s registration. In this case the user’s registration is terminated, he may not make use of the site services in the future.
If there is room for an official, court procedure based on the user’s conduct, the Operator may store the data needed for identifying the user irrespective of the deletion, as well as the data applicable to the offense, and may pass these on to the competent body.
If the user infringes the rights of a third party, and this third party is entitled to initiate a procedure, the Operator may pass on the data to the third party, if the third party can verify his legal interest in this connection.
We use appropriate and widespread security methods in order to prevent unauthorized access, to preserve the accuracy of the data and to ensure proper utilization of the personal data.
If you create a user account through our website, the account data and full profile enjoy the secured protection of a password. We suggest that you do not give your password to anyone. Our staff will never ask you for your password, either in an unwanted telephone call or an unwanted e-mail. Do not forget to log out of your account and close the browser window when you have finished a session. This helps to prevent others accessing your personal data and correspondence, if you share your computer with someone else or you use a computer in a public place which others have access to.
When you voluntarily make certain personal data public on the internet, for instance on message boards, in e-mail or on chat interfaces, there is a risk that others could collect or use this information. The security of data transfer via the internet or any wireless network is not absolutely perfect. As a result of this, in such case, despite the fact that we take all reasonable and expected measures in order to protect your personal data, we cannot guarantee the security of the data you forward to us, so you may do this only on your own responsibility.
Our Homepage has been produced for private persons over the age of 18. As we cannot determine the age of persons accessing our Website for lack of personal data and verifiability in this regard, we use this data protection declaration for every age group. In such case that a private person younger than 18 years old has provided us with his personal data without the consent of his parents or guardians, we request that a parent or guardian get in touch with us so that we can take the necessary measures to delete the data in question.
The data protection guidelines of advertisers linked with the use of our homepage and of payment or other services may differ from that of the present Data Protection Policy. We suggest that you familiarize yourself with the data protection regulations of the service provider in question before asking for a quotation from or concluding an agreement with these service providers.
As our company is a member of a multinational company group, in certain cases your personal data may be forwarded to or shared with countries outside the EEA, for reasons including but not limited to achieving the goals referred to in the present Data Protection Policy, taking the appropriate legal bases into consideration. Such transfers are currently performed to our subsidiary in New Zealand, jurisdiction formally recognized by the European Commission in 2012 as ensuring an adequate level of protection for personal data transferred from the European Union (Commission Implementing Decision of 19 December 2012 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by New Zealand).
In the above case our company or the members of our company group will take all reasonable and necessary measures in order to ensure that personal data forwarded to a country outside the EEA are processed in a secure manner. If you would like to know more about these appropriate measures, please contact us.