Get in touch

Privacy policy

1. Introduction

Who are we?

Reneos ecv (hereinafter: Reneos), located at Walstraat 5, 3300 Tienen, with VAT number 0741.996.649, is a European Cooperative Society and forms a network among Europe’s top 5 management organisations for the collection of batteries. Through this organisation, tailored solutions are offered for discarded batteries across Europe via a single point of contact.

In the context of these activities, Reneos processes personal data and acts as a data controller in accordance with the General Data Protection Regulation (GDPR). Reneos highly values the protection of privacy and the correct processing of personal data covered by the GDPR.

This statement provides an overview of these processing activities, the safeguards Reneos implements to protect personal data, and the rights you can exercise with respect to Reneos when we process your personal data.

 

2. Contact

RENEOS ECV

Walstraat 5, 3300 Tienen

VAT: 0741.996.649

Email address: info@reneos.eu

 

Why do we process your personal data?

Collection, transport, dismantling, reuse, second life, and recycling of batteries

 

What do we do with your data?

Reneos provides a management platform designed to coordinate the collection, transport, dismantling, reuse, second life, and recycling of batteries. This coordination requires communication and administration involving the processing of personal data.

The legal basis for processing personal data is the necessity for the performance of the agreement. In cases where no contract has been concluded with the individual concerned, Reneos relies on its legitimate interest to carry out its activity.

 

What data do we process?

As part of this coordination, we process:

  • Identification data, such as your name;
  • Contact details, such as your (professional) email address and phone number;
  • Professional data, such as your role or the company you work for.

 

How have we obtained your data?

Reneos obtains data for this service from:

  • Yourself;
  • Clients;
  • Management organisations.

How long do we retain your data?

Reneos retains your data related to the coordination of the collection, transport, dismantling, reuse, second life, and recycling of batteries for up to 10 years after the termination of the collaboration or agreement.

 

3. User profile

What do we do with your data?

To use this management platform, users must create a profile, which involves the processing of their personal data.

The legal basis for this processing is the necessity for the performance of the agreement.

 

What data do we process?

For managing this user profile, we process:

  • Identification data, such as your name and IP address;
  • Contact details, such as your email address;
  • Electronic data, such as your connection times and browser and device details;
  • Professional data, such as your role.

 

How have we obtained your data?

Reneos obtains data for managing user profiles from:

  • Yourself;
  • Clients;
  • Management organisations.

How long do we retain your data?

Reneos retains data related to managing user profiles for up to 10 years after the account is deactivated.

 

4. The organisation of Reneos as a company

What do we do with your data?

To carry out its activities, Reneos is required to process certain personal data. This includes administrative and fiscal obligations Reneos must fulfil. Without these processes, Reneos cannot efficiently perform its tasks.

Some of these processing activities must be carried out because of legal obligations. Where Reneos is not legally required to perform necessary processing for its organisation, it relies on its legitimate interest to operate as a company.

 

What data do we process?

As part of its organisation as a company, Reneos processes:

  • Identification data, such as your name;
  • Contact details, such as your email address and phone number;
  • Professional data, such as your role;
  • Financial data, such as your bank account number.

 

How have we obtained your data?

Reneos obtains data for its organisation from:

  • Yourself;
  • Financial institutions;
  • Governments and authorities.

How long do we retain your data?

Reneos retains your personal data for its organisation in accordance with the legal retention periods applicable. When data processing is based on Reneos’ legitimate interest, these data are retained for up to 2 years after the last meaningful contact.

 

5. Financial policy

What do we do with your data?

To implement a financial policy, Reneos processes personal data. This includes managing income and expenses and maintaining a structured accounting system.

The legal basis for processing personal data within Reneos’ financial policy is the necessity for the performance of an agreement.

 

What data do we process?

As part of this financial policy, Reneos processes:

  • Identification data, such as the name;
  • Contact details, such as the address and phone number;
  • Financial data, such as payments and bank account details.

 

How have we obtained your data?

Reneos obtains data as part of its financial policy from:

  • The individual concerned;
  • Financial institutions.

How long do we retain your data?

Reneos retains the processed data in compliance with the legal retention period for accounting documents.

 

6. To whom do we disclose your data?

Recipients of your personal data

Reneos does not sell personal data to third parties. Nor does Reneos transfer personal data to third parties, except to:

  • The individual concerned, their relatives, their employer, and their representatives;
  • Potential successors and affiliated companies (such as subsidiaries and sister companies) for the same purposes as mentioned in this privacy statement;
  • Third parties or subcontractors for the same purposes as mentioned in this privacy statement and in accordance with our data processing instructions;
  • External service providers in and outside the country, in accordance with our data processing instructions;
  • Governments, lawyers (for the collection of unpaid debt claims), judicial institutions, and regulators;
  • Mandatory publications as a company (KBO, State Gazette) for directors.

 

Data transfer outside the European Economic Area

For certain processing activities, we are required to transfer your personal data to a partner or another organisation outside the European Economic Area (hereinafter: EEA), where the GDPR does not apply.

Some countries outside the EEA have been deemed adequate by the European Commission: they offer the same level of protection as under the GDPR.

However, there may also be cases where we transfer your personal data to countries with no comparable regulations and where no exceptions for specific situations apply under Article 49 GDPR. In such cases, we implement additional measures, the so-called appropriate safeguards, to ensure that your personal data are processed securely in these countries. These measures include:

  • Contractual agreements between Reneos and the recipient in the third country, based on the standard contractual clauses for the transfer of personal data outside the EEA, as established by the European Commission, which provide additional protection comparable to the GDPR;
  • Another mechanism that allows the transfer of personal data outside the EEA in accordance with the relevant data protection legislation.

 

7. What safeguards do we implement to protect your personal data?

To secure the personal data we process, we apply the following measures:

  • All personal data are encrypted during transfer via security protocols provided by leading cloud providers who comply with international standards such as ISO 27001 and SOC 2 to prevent unauthorised access;
  • Our security measures are regularly subjected to audits by auditors as well as a vulnerability assessment to identify and resolve security weaknesses;
  • Our platform software is developed by selected external parties who comply with ISO 27001 and follow a strict SDLC process with security controls to ensure the highest security standards.

8. Which rights do you have?

In accordance with the General Data Protection Regulation, individuals have certain rights regarding the processing of their personal data, which they can exercise with respect to Reneos. If you wish to exercise your rights, you can send a request to Reneos via the following email address: privacy@bebat.be. This request should be formulated clearly and as specifically as possible, to enable Reneos to respond in the most targeted manner.

If there is any doubt about the identity of the person making the request, Reneos may require verification of identity to prevent unauthorised individuals from exercising these rights. In such cases, Reneos will contact the data subject to determine the most appropriate method for verifying their identity.

Reneos aims to respond to requests within one month. If this is not possible, Reneos will inform the data subject as soon as possible about the possibility of extending this period by two months. Should Reneos be unable to comply with the request, the data subject will be informed of this, with justification, within a reasonable time frame.

More specifically, the following rights apply:

Right to information

As a data controller, Reneos is obliged to inform the natural persons whose personal data are processed about this processing. This information must be provided in a precise, transparent, comprehensible and easily accessible way, using clear and simple language. In practice, this right can be exercised by consulting this privacy statement. For more information, you can contact Reneos via the previously mentioned details.

Right of access

When Reneos processes personal data, the data subject has the right to request access to these data, as well as to additional information such as the purposes of processing, the retention period, and the origin of the data. The data subject can also request a copy of these data from Reneos, provided the request is not manifestly unfounded or excessive. The first copy will be provided free of charge, but for repeated requests Reneos reserves the right to charge a reasonable fee.

Right to restriction of processing

The data subject has the right to request Reneos to restrict the processing of their data. In such cases, Reneos will store the data and only use them for certain, limited purposes. This right can be exercised in the following situations:

  • The data subject contests the accuracy of their data, in which case processing will be restricted during the period Reneos needs to verify accuracy.
  • The processing is unlawful, but the data subject opposes erasure and instead requests restriction of use.
  • Reneos no longer needs the data for processing purposes, but the data subject needs them for the establishment, exercise, or defence of legal claims.
  • The data subject has objected to processing pending verification of whether Reneos’s legitimate grounds override the interests of the data subject.

In the event of restriction, Reneos may only process the data with the data subject’s consent, for the establishment, exercise or defence of legal claims, to protect the rights of another natural or legal person, or for reasons of important public interest.

Right to erasure

The data subject has the right to request Reneos to erase their data in the following cases:

  • The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  • The data subject withdraws their consent, where processing is based on consent and there is no other legal ground for processing.
  • The data subject objects to the processing and their personal interests outweigh the legitimate interests of Reneos.
  • The personal data have been unlawfully processed.
  • Erasure is necessary to comply with a legal obligation under European or Belgian law.

Reneos will comply with your request for erasure, unless one of the following situations applies:

  • The processing is necessary for exercising the right of freedom of expression and information.
  • For reasons of public interest in the area of public health.
  • For archiving purposes in the public interest or for statistical purposes.
  • To comply with a legal obligation to retain the data.
  • For the establishment, exercise, or defence of legal claims.

Right to data portability

When processing is based on the data subject's consent or on necessity for performance of a contract, and is carried out by automated means, the data subject has the right to receive the personal data they have provided to Reneos in a structured, commonly used and machine-readable format. The data subject also has the right to request that Reneos transfer these data to another controller, provided that this does not adversely affect the rights and freedoms of others.

Right to rectification

If the personal data processed by Reneos are incomplete or incorrect, Reneos will take appropriate steps to supplement and/or correct them. If Reneos suspects that certain data are incorrect, it will contact the data subject to rectify the matter. The data subject can also contact Reneos directly via the appropriate channels if they identify any inaccuracy or incompleteness.

Right to object

Where Reneos relies on public interest or legitimate interest for processing personal data, the data subject has the right to object. In such cases, Reneos will no longer process the data unless compelling legitimate grounds for processing can be demonstrated that override the interests, rights and freedoms of the data subject.

If Reneos processes personal data for direct marketing purposes, the data subject can always object free of charge. This also applies to profiling related to direct marketing. In such cases, Reneos will always cease the data processing.

Right to withdraw consent

If the processing of data is based on the data subject’s consent, they have the right to withdraw this consent at any time. Withdrawal of consent only affects future processing and does not affect processing that took place before withdrawal. Reneos strives to make withdrawal of consent as simple as granting it.

Right to object to automated individual decision-making

The data subject whose personal data are processed by Reneos has the right to object to automated individual decision-making, including profiling, when such decisions have legal effects or otherwise significantly affect them.

The data subject cannot object to such a decision when:

  • it is necessary for the performance of the contract;
  • it is permitted by Union or Belgian law;
  • it is based on the explicit consent of the data subject.

If, for the aforementioned reasons, the data subject cannot object, Reneos ensures human intervention, the possibility for the data subject to express their point of view, and to contest the decision.

Currently, Reneos does not use automated individual decision-making.

Right to lodge a complaint

The data subject has the right to lodge a complaint with the competent supervisory authority. In Belgium, this is the Data Protection Authority. A complaint can be submitted easily via the complaint form on the website of the Data Protection Authority.

If you are dissatisfied with the way Reneos processes personal data or intend to lodge a complaint, Reneos encourages you to first contact Reneos using the details provided above, so as to find a swift solution together.