Cookie policy

Cookie policy of Tintrio - V.16.01.23

The safety and confidentiality of the data we collect, is of utmost importance to us. Moreover, we wish to be completely transparant about what happens when we collect your data, which in our case means placing cookies on your device and processing the data afterwards. Hence this cookie policy.

Cookies are small text files that are placed on your device whenever you visit our website. They help us with several things, such as allowing certain functionalities on our website or measuring how visitors like you use our website.

1. WHAT IF THIS PRIVACY POLICY DOES NOT ANSWER ALL OF YOUR QUESTIONS?

The data protection laws oblige us to provide you with quite a lot of information, so please bear with us. Should you have further questions regarding the processing of your personal data, do not hesitate to contact us via e-mail: info@tintrio.be.

2. WHO ARE "WE"?

Any reference to “we” in this privacy policy refers to Tintrio:

Schilderwerken, binnenhuisinrichting, De Witte bv
Zavelstraat 7, 9190 Stekene (BE)
VAT-number 0428.644.582
Tel.: +32 3 778 29 40

Tintrio is responsible for collecting and using (or – as the law calls it – “processing”) your personal data as explained in this privacy policy.

3. WHICH PERSONAL DATA DO WE PROCESS AND WHY?

Technically required

Cookies required for this shop to function:

Source	Name	Description	Lifetime
First party	session-	Session cookies allow users to be recognised within a website so any page changes or item or data selection you do is remembered from page to page.	Session
First party	csrf[	Protection for Cross-Site Request Forgery attacks.	Session
First party	timezone	Determines the user's timezone.	Session
First party	_GRECAPTCHA	This cookie is used by Google ReCaptcha and provides spam protection.	Session

Functional cookies

Cookies that support extra functionalitities.

Source	Name	Description	Lifetime
First party	wishlist	Persist the wish list for guest users.	Session

Performance cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Source	Name	Description	Lifetime
First party	_gid	Used by Google Analytics to distinguish users.	24 hours
First party	_gac_gb_{container_id}	Contains Google campaign related information.	90 days
First party	_ga_{container_id}	Used by Google Analytics to persist session state.	2 years
First party	_ga	Used by Google Analytics to distinguish users.	2 years
First party	_hjSessionResumed	Set when a session/recording is reconnected to Hotjar servers after a break in connection.	Session
First party	_hjAbsoluteSessionInProgress	Used by Hotjar to detect the first pageview session of a user.	30 minutes
First party	_hjDonePolls	Set when a user completes an on-site Hotjar Survey. Ensures the same Survey does not reappear if it has already been filled in.	365 days
First party	_hjid	Set when a user first lands on a page. Persists the Hotjar User ID which is unique to that site. Ensures data from subsequent visits to the same site are attributed to the same user ID.	365 days
First party	_hjSessionUser_{site_id}	Set when a user first lands on a page. Persists the Hotjar User ID which is unique to that site. Ensures data from subsequent visits to the same site are attributed to the same user ID.	365 days
First party	_hjRecordingEnabled	Set when a Recording starts. Read when the Hotjar Recording module is initialized to see if the user is already in a recording in a particular session.	Session
First party	_hjIncludedInSessionSample	Used by Hotjar. Set to determine if a user is included in the data sampling defined by the site's daily session limit.	30 minutes
First party	_hjRecordingLastActivity	Set in Session storage as opposed to cookies. Updated when a user recording starts and when data is sent through the WebSocket (the user performs an action that Hotjar records).	Session
First party	_hjViewportId	Used by Hotjar. Stores user viewport details such as size and dimensions.	Session
First party	_hjCachedUserAttributes	Stores User Attributes sent through the Hotjar Identify API, whenever the user is not in the sample. Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool. Cookie used regardless of whether a Feedback tool is present.	Session
First party	_hjClosedSurveyInvites	Set when a user interacts with an external link Hotjar Survey invitation modal. Ensures the same invite does not reappear if it has already been shown.	365 days
First party	_hjIncludedInPageviewSample	Used by Hotjar. Set to determine if a user is included in the data sampling defined by the site's pageview limit.	30 minutes
First party	_hjSessionRejected	If present, set to '1' for the duration of a user's session, when Hotjar has rejected the session from connecting to our WebSocket due to server overload. Applied in extremely rare situations to prevent severe performance issues.	Session
First party	_hjUserAttributesHash	User Attributes sent through the Hotjar Identify API are cached for the duration of the session. Enables Hotjar to know when an attribute has changed and needs to be updated.	Session
First party	_hjFirstSeen	Identifies a new user’s first session. Used by Hotjar Recording filters to identify new user sessions.	Session
First party	_hjTLDTest	Hotjar tries to store the _hjTLDTest cookie for different URL substring alternatives until it fails. Enables Hotjar to try to determine the most generic cookie path to use, instead of page hostname. It means that cookies can be shared across subdomains (where applicable). After this check, the cookie is removed.	Session
First party	_hjLocalStorageTest	Checks if the Hotjar Tracking Code can use local storage. If it can, a value of 1 is set. Data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.	Under 100ms
First party	_hjShownFeedbackMessage	Set when a user minimizes or completes a Hotjar Feedback widget. Ensures the Feedback widget will load as minimized if the user navigates to another page where it is set to show.	365 days
First party	_hjSessionTooLarge	Causes Hotjar to stop collecting data if a session becomes too large. Determined automatically by a signal from the WebSocket server if the session size exceeds the limit.	Session
Third party	_BEAMER_FIRST_VISIT_{product_id}	This cookie is used by Hotjar to identify the point at which the user first visits the site.	300 days
First party	_hjSession_{site_id}	Holds current Hotjar session data. Ensures subsequent requests in the session window are attributed to the same session.	30 minutes
Third party	_BEAMER_LAST_UPDATE_{product_id}	This cookie is used together with the date to help Hotjar identify the time elapsed between the current and previous actions.	300 days
Third party	_BEAMER_USER_ID_{product_id}	This cookie is used by Hotjar to distinguish unique users by assigning a randomly generated number as a client identifier.	300 days
First party	_hjMinimizedPolls	Set when a user minimizes an on-site Hotjar Survey. Ensures that the Survey stays minimized when the user navigates through the site.	365 days

Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Source	Name	Description	Lifetime
Third party	__Secure-3PSID	Used by Google to build a profile of website visitor interests to show relevant and personalized ads through retargeting.	2 years
First party	_gcl_au	Persists Google Ads information in a first party cookie when the user lands on the site from an ad.	4 months
Third party	1P_JAR	Used by Google to collect website statistics and track conversion rates.	30 days
Third party	__Secure-3PAPISID	Used by Google to build a profile of website visitor interests to show relevant and personalized ads through retargeting.	2 years
Third party	NID	Used to show Google ads in Google services for signed-out users.	6 months after last use
Third party	IDE	Used by Google to build a profile of the website, visitor's interests and show relevant ads on other sites.	13 months in the European Economic Area (EEA), Switzerland, and the United Kingdom (UK) and 24 months everywhere else
Third party	__Secure-3PSIDCC	Used to create a user profile and display relevant and personalised Google Ads to the user.	2 years

4. WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

By standard, we will not share your personal data with anyone but the people working for Tintrio, and our suppliers who help us process your personal data. By the latter, we mean companies hired by us for the following: administration, communication, hosting, website maintenance, data analysis, uses authentication, marketing, etc.

Anyone who has access to your personal data will always be bound by strict legal or contractual obligations to keep your personal data safe and confidential. This means that only the following recipients will receive your personal data:

you;
staff and suppliers of Tintrio;
governmental or judicial authorities insofar we are required to send them your personal data (e.g. tax authority, police or law enforcement);

Your personal data are not sent outside the European Economic Area by us (the European Economic Area consists of the EU, Liechtenstein, Norway and Iceland). We will only transfer your personal data outside the EEA when you or your employer, as client or supplier, has establishments outside the EEA with which we are required to interact. If a transfer would take place, we will take adequate safeguards to protect your personal when transferred (e.g. by putting in place standard contractual clauses as drafted by the European Commission).

5. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

Your personal data are only processed for as long as needed to achieve the purposes which are described above or, when we asked for your consent, up until such time where you withdraw your consent. In this article we provide you with the information you need to assess how long we will keep your personal data identifiable.

As a general rule, we will de-identify your personal data when they are no longer necessary for the purposes outlined above or when the retention period as explained in this article has expired. However, we cannot de-identify your personal data if there is a legal or regulatory obligation or a judicial or administrative order that prevents Tintrio from de-identifying them.

All personal data we collect through our interactions with you via cookies will be kept for as long as required to communicate with you, but also to keep an historical archive of our communications. This allows us to revert back to earlier communications if you return to us with new questions, request, remarks or other input.

All personal data we collect to send you our newsletter we will keep for as long as you remain subscribed to our mailing list or for as long as you remain our customer.

All personal data we collect in the context of a contractual relationship with you or the organization you represent, we will keep for the duration of the contractual relationship and at least until 7 years thereafter.

6. WHAT DO WE DO TO KEEP YOUR PERSONAL DATA SAFE?

As explained earlier, the security and confidentiality of all data we process is very important to us. Hence, we have taken steps to ensure that all personal data processed are kept safe. These steps include processing only the personal data required for achieving the purposes we have communicated to you. We have also taken technical and organisational measures to secure our infrastructure, systems, applications, premises and processes.

7. WHICH RIGHTS DO YOU HAVE WITH REGARD TO YOUR PERSONAL DATA?

When we collect and use your personal data, you enjoy a number of rights which you can exercise in the manner described below.

You have the right to access your personal data, which means that you can ask us to provide you information regarding the personal data we have about you. You can even ask for a copy of your personal data. However, note that you must specify for which processing activities you would like to have access to your personal data. If you make the same request repeatedly, clearly causing us nuisance, we are allowed to refuse granting you these subsequent requests or charge an administrative fee covering the expenses. We can also refuse granting you a right to access your personal data, or only grant it partially, if such access would risk disproportional detriment to the rights and freedoms of others, including Tintrio's.
You have the right to ask that we correct your personal data if you can show that the personal data we process about you are incorrect, incomplete or outdated. Please specify the context in which we use your personal data (e.g. to send you newsletters or to respond to a request), so that we may assess your request swiftly and accurately.
If we asked for your consent to collect and use your personal data, e.g. to send you newsletters, you have the right to withdraw that earlier given consent.
You can ask that we delete your personal data, if these personal data are no longer needed for the purposes for which we collected them in the first place, if our collection of them was illegitimate or if you have successfully exercised your right to withdraw your consent or your right to object to the processing of your personal data. When one of these circumstances applies, we will immediately delete your personal data unless the law, regulatory obligations or administrative or judicial orders prohibit us to delete your personal data.
You can ask that we restrict the processing of your personal data:
- during the time we are assessing your request for correction of your personal data;
- we no longer need your personal data, but you require them for the establishment, exercise or defence of a legal claim;
- when such processing was unlawful but you prefer restriction to erasure;
- during the time we are assessing your objection to the processing of your personal data.
When we process your personal data on the basis of our own interests, i.e. you have not given us your consent and we do not need them for the execution or performance of an agreement nor to comply with legal obligations, you have the right to oppose our processing of your personal data. When our interest relates to direct marketing, we will grant you your request immediately. For other interests, e.g. our security interests, we will ask you to describe your specific circumstances giving rise to request. We then need to balance your circumstances against our interests. If this balancing exercise results in your circumstances outweighing our interests, we will cease processing your personal data.
When we have collected your personal data on the basis of your consent or because they were necessary for the execution or the performance of an agreement with you, you have the right to obtain a copy from us in a structured, commonly used and machine-readable format. However, this right only applies to personal data you have provided to us.
If you would like to exercise any of these rights, we ask that you send us an e-mail. You can reach us at info@tintrio.be. Rest assured that we will not interpret an e-mail from you requesting to exercise a right as your consent with any processing of your personal data beyond what is required for handling your request. A request should clearly state and specify which right you wish to exercise. Always indicate the context in which we have obtained your personal data so that we may handle your request swiftly and diligently. Your request should also be dated and signed. We will promptly inform you of having received this request. If the request proves valid, we will notify you as soon as reasonably possible and at the latest thirty (30) days after having received the request.

8. WHAT IF YOU HAVE ANY COMPLAINTS?

Should you have a complaint about the processing of your personal data by Tintrio, you can always contact us via the e-mail address mentioned above.

If you are not satisfied with our answer, you can submit a complaint to the competent data protection authority, i.e. the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) at the following address:

Gegevensbeschermingsautoriteit
Drukpersstraat 35
1000 Brussels
+32 (0)2 274 48 00
+32 (0)2 274 48 35
contact@apd-gba.be

(cfr. https://www.dataprotectionauthority.be/citizen).

This is without prejudice to a provision before a civil court. If you suffer damage as a result of the processing of your personal data, you can file a claim for compensation.

If we still can't work it out together, you can contact Safeshops.be. They will mediate between us both when your complaint is deemed valid by Safeshops. Only complaints submitted via the Safehops.be complaint form will be handled. In this way, this label organization immediately has all the correct information to further handle the complaint.