The owner of the website, Delcredere ǀ Ducroire, operating under the name “Credendo – Export Credit Agency”, a Belgian autonomous public body with legal personality according to the provisions of the law of 31st August 1939, having its registered office at Montoyerstraat 3, 1000 Brussels, Belgium and registered with the Crossroads Bank for Enterprises under number 0203.286.759 (hereafter referred to as “Credendo”,“Terms.Tech” or “We”), is responsible for the processing of your Personal Data.
Protecting your Personal Data is a priority for Credendo. In this regard, we undertake to respect the Personal Data of natural persons acting as Users or as contacts, directors or shareholders or Representatives of the Users (hereinafter referred to as “You”), to process them with the greatest care and to provide the best level of protection for them in accordance with Regulation (EU) No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (hereinafter referred to as the “GDPR”) and the Belgian national regulations applicable.
The website may provide third party content or links to third-party web sites or applications. When you leave our website or interact with a third-party feature, You should read the applicable third party’s privacy policies and terms of service to make sure You understand how they might collect and share information about You.
Article 1 – Definitions
The terms and expressions listed below, when written with an initial capital, have the meanings shown for the purposes of interpreting and implementing this document:
Representation of the Representative in the website providing the Representative’s specific content needed to access the Service and interact with the website. The Account is administered by Terms.Tech. A Representative may hold only one Account.
Any personal, contact and other information provided by the User when subscribing to the website.
A third party who offers Products or Services to the User through the website, either with sign-up integration or fully integrated into the website.
Regulation (EU) No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data.
All types of information relating to a natural person, i.e. an individual (You) who can be identified, directly or indirectly, as a person different from other people, e.g. name, address, email address, bank account number, etc.
The software tool through which Terms.Tech provides the Services.
The products offered by either Terms.Tech or a Partner to the User through the website.
The Payment Service Provider (such as Digiteal SA, with registered seat at B-1435 Mont-Saint-Guibert, Rue Emile Francqui 6 and company/VAT number (BE)0630.675.588 providing support to Terms.Tech with respect to the execution of payment transactions for the User through various methods (bank transfer, direct debit, …).
A person linked to the User by a contract, and duly appointed and authorized to use the website in the name of and on behalf of the User.
The services offered by either Terms.Tech or a Partner to the User through the website.
The personal, contact, financial and/or technical information regarding the transactions executed by the User within a Product of Service offered by a Partner through the website.
The company (i.e. professional person or legal entity) making use of the website and contracting with Terms.Tech under the Terms of Service.
Article 2 – Who controls the use of your Personal Data?
The controller responsible for the processing of your Personal Data is Credendo.
Credendo has appointed a data protection officer in the person of Mr. Geert Goossens. He is, in particular, independently responsible for ensuring that the rules for the protection and management of your data are applied internally and for collaborating with the supervisory authorities. The contact details for Mr. Geert Goossens are as follows:
Mr. Geert Goossens
Article 3 – Which Personal Data do we collect, and when?
- The use of the website requires the User to register, designate one or several Representatives, and provide the requested information, including certain personal identification data of the User (in case of a natural person) and/or the Representatives, such as (private and company) name, title, address, date of birth, title, mandate, email address, telephone number, bank account details, financial information, VAT number, company registration number, type of company. We may also require the User to provide personal identification data of the User’s directors and shareholders (name, address, function, date of birth). The collected personal data depends on the services to be used. When you provide such information, we collect and process it.
- If You contact us through the website or an online contact form, by telephone, email, letter, through social media, with enquiries concerning the website or our other products or services, or complete surveys or other requests for information, we collect and process the contact information you provide, such as name, address, email address, telephone number and other information you should provide.
When using the website and/orPartner Products or Services, we may also indirectly collect the above mentioned Personal Data, as well as credit reports and credit scores, information about your credit history and other financial information which is relevant to the provision of our Services and other information which is gathered in order to verify your identity and prevent fraudulent or illegal activity, from third parties including our Partners. For the collection and processing of your Personal Data by these third parties, we refer to their respective privacy policies.
We do not collect or process sensitive Personal Data.
Article 4 – Why do we collect your Personal Data, and on what grounds?
We collect Personal Data about You for different reasons. We can only collect and use your Personal Data if this use is based on one of the legal grounds determined by the GDPR.
- We require your Personal Data in light of the management of your Account, responding to your enquiries and in general the performance of the contractual agreements between you and Credendo regarding the use of the website and the provision of Products or Services including the assessment of your eligibility for such Products or Services.
The website may perform profiling of the User on the basis of automated decision-making to evaluate certain financial aspects of the User and to provide financial information and credit scoring automatically generated by Terms.Tech’s systems, which may happen on the basis of certain Personal Data mentioned above. However, this shall only apply to incorporated businesses. Users-natural persons as such shall not be subject to profiling or automated decision-making of any kind.
- Furthermore, we require your Personal Data in light of our legitimate interest, such as to ensure the effective functioning and further development of the website and to provide you with the best experience with our services, to manage our suppliers, to inform you of updates or changes to the website and of similar products and services, and to provide you with information about our activities (marketing emails).
You can opt-out of receiving marketing emails at any time by clicking on the unsubscribe link included in our marketing email communications. Please note that you may continue to receive certain transactional or Account-related emails from us.
We may also use your Personal Data on an anonymous basis for research, profiling and analytical purposes.
- Lastly, certain regulatory and legal obligations require us to process your Personal Data, such as Know Your Customer regulations, supervisory regulations, anti-fraud and anti-money laundering regulations and international sanctions.
Article 5 – With whom do we share your Personal Data?
We may share your Personal Data as part of our activities. Of course, we always do so in a way that will ensure optimal protection of your Personal Data. We may share your data:
- With other entities within the Credendo group of companies to allow them to support the activities of the website, as well as to offer your company their similar products and services and to provide you with information about their activities.
- With certain third parties such as our suppliers of certain IT applications, financial services or marketing or communication services, to allow our business relationships to be managed in the best possible way.
- With our Partners, in order to facilitate the provision of (sign-up or integrated) Products and Services of our Partners through the website.
- With public authorities, in response to legal requests, including to meet national security requirements or for the application of the law (such as, for example, the NSSO [National Social Security Office], the tax authorities, the supervisory authorities, etc.).
- As part of a transaction, such as a merger, acquisition, consolidation or sale of assets, we may be required to share your Personal Data with the buyers or sellers.
We do not share your Personal Data with third parties (outside of the Credendo group) for their advertising or marketing lists without your consent.
Article 6 – Sharing of Transaction Information and Account Information
The User hereby grants Terms.Tech access to all Transaction Information – which may contain Personal Data – as necessary for the development and provision of the features and Services of the website. The User hereby authorises the Partners to provide to Terms.Tech such Transaction Information upon request of Terms.Tech.
Article 7 – Is your Personal Data transferred outside of the EEA?
Your Personal Data will not be transferred outside of the European Economic Area (EEA).
Article 8 – How long will your Personal Data be stored?
In case there is a contractual relationship, your Personal Data will be stored by Credendo for 10 years from the end of the contractual relationship, i.e. the end of the use of the website and/or the Products or Services, unless specific regulatory or legal obligations should imply the need for longer storage.
In other cases, your Personal Data will be stored by Credendo for 5 years from the collection thereof.
Article 9 – Security and confidentiality
We undertake to respect your Personal Data and to process them with the greatest care and to provide the best level of protection to keep it confidential and secured. To this end, we have put into place appropriate technical and organizational measures in order to prevent any loss, alteration or unlawful access to your Personal Data.
Article 10 – What are your rights?
We would like to inform you as clearly as possibly of your rights with regard to your Personal Data. We would also like you to be able to exercise them easily. You will find below a summary of your rights with a description of how to exercise them.
You can ask Credendo to access all of the following information regarding:
- The categories of Personal Data that we collect about You;– The reasons why we use these data;
- The categories of persons to whom your Personal Data have been or will be communicated and in particular persons based outside Europe;
- The duration for which your Personal Data will be kept in our systems;
- Your right to ask us to correct or delete your Personal Data or to limit the use that we make of your Personal Data, and your right to oppose such use;
- Your right to make a complaint to the competent data protection authority;
- Information concerning their source when we have not collected your Personal Data directly from You;
- The way in which your Personal Data are protected when they are transferred to countries outside Europe (if relevant).
You can ask Credendo to correct and/or update your Personal Data.
You can ask Credendo at any time to erase the Personal Data that we are processing about you, if one of the following situations applies to you:
- Your Personal Data are no longer necessary as the reasons for which they were collected or processed are no longer valid;
- You have withdrawn your consent, which is the basis for Credendo to process your Personal Data;
- For your own reasons, you believe that one of the instances of processing your data is infringing on your privacy and causing you excessive damage;
- You no longer wish to receive commercial proposals from us;
- Your Personal Data are not being processed in accordance with the GDPR and the applicable national regulations;
- Your Personal Data must be erased to comply with a legal obligation provided for by European Union law or by Belgian national law to which Credendo is subject.
However, we may not be able to accede to your request for the right to be forgotten. Indeed, it must be borne in mind that this right is not absolute. We must balance it with other rights or important values such as freedom of speech, fulfillment of a legal obligation to which we are subject or important reasons of public interest.
You have the right to object, at any time for a reason particular to you, to the processing of your Personal Data. Indeed, if you believe that such processing is infringing on your privacy and/or causing you excessive damage, you may use this right.
You can, in particular, object to the use of your Personal Data for marketing purposes (cf. above) and, in particular, email advertising.
However, under no circumstances may you prevent us from processing your data:
- if such processing is necessary for the entering into or performance of your contract;
- if such processing is required by law or by a regulation;
- if such processing is required to record, exercise or defend the rights in court.
You have the right to data portability, by which you will have the chance to control your Personal Data yourself more easily and, more precisely, to:
- recover your Personal Data, which are being processed by us, for your personal use and to store them on a device or in private cloud storage, for example.
- transfer your Personal Data from us to another company, either by you or directly by us, provided that a direct transfer is ‘technically possible’.
- This right concerns your data that have been actively and knowingly declared, such as the data provided to create your Account (e.g. email address, user name, age), and the information collected by Credendo. Conversely, the Personal Data that are derived, calculated or inferred from the data that you have provided, are excluded from the right to data portability if they were created by Credendo.
You may ask us to restrict the processing, which involves the tagging (for example, temporarily moving your data to another processing system or locking your data, making them inaccessible) of your Personal Data, in order to restrict their further processing.
You may exercise this right when:
- The accuracy of the Personal Data is contested;
- The processing is unlawful, meaning it is not processed according to the GDPR and Belgian law;
- The Personal Data is no longer needed for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- The decision regarding your objection to the processing is pending.
Where processing has been restricted, such Personal Data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State
In case of restriction of processing of some of your Personal Data, we will keep you informed before the restriction of processing is lifted.
How can you exercise your rights?
To do so, simply contact us by email at firstname.lastname@example.org, with the subject ‘right of […] regarding Personal Data’, along with a brief description of the invoked right and the information it concerns, and attach a copy of the front of your ID card. The copy will be destroyed after carrying out the request. If you do not manage to access your information by email, you can send us your request by post to the address below: Credendo, FAO: M. Geert GOOSSENS, Rue Montoyerstraat, 3, 1000 Brussels, Belgium.
A response will then be sent to you within one (1) month following receipt of the request or two (2) more months if the request necessitates further research or if Credendo receives a very high number of requests.
Article 11 – Contact information
- by email: email@example.com
- by letter: Credendo ECA, FAO Mr. Geert Goossens, Montoyerstraat 3, 1000 Brussels, Belgium.
Should you have a complaint, you have the right to file a complaint with the Belgian Data Protection Authority:
- by email: firstname.lastname@example.org
- by letter: Belgian Data Protection Authority, Drukpersstraat 35, 1000 Brussels, Belgium.
If You would like to learn more about Credendo’s GDPR business charter, see