top of page

birg.be

Privacy Policy

Controller

Controller norah+birg bv, Weggevoerdenstraat 23, 3500 Hasselt, Belgium.

Email for privacy inquiries and access requests: privacy@birg.be

Introduction

Introduction This Privacy Notice explains how norah+birg bv ("we", "our", "us") collects, uses, stores and discloses personal data when you visit or interact with the website birg.be, and the rights available to you under the EU General Data Protection Regulation (GDPR).

Data we collect:

  • Identity and contact data: name, email address, postal address, phone number (when provided).

  • Account and transaction data: registration details, order history, payment identifiers (we do not store full payment card details).

  • Communications data: messages, inquiries, and correspondence with us.

  • Technical data: IP address, browser type and version, device information, operating system, referral URLs, pages visited, timestamps, and other usage and diagnostics data collected via server logs.

  • Cookies and similar technologies: session and persistent cookies and local storage for site functionality, analytics, personalization and advertising (see Cookies section).

  • Special categories: we do not normally process special-category personal data. If you provide such data voluntarily (e.g., in messages), we will only process it with your explicit consent or another valid legal basis.

Legal bases for processing We will only process personal data where we have a valid legal basis, such as:

  • Consent: where you have expressly consented (e.g., marketing communications).

  • Contract performance: to provide products or services you requested or to manage orders and payments.

  • Legal obligation: compliance with statutory or regulatory obligations.

  • Legitimate interests: for purposes such as network security, fraud prevention, direct marketing (where balanced against your rights), site analytics and improving our services. We will assess and protect your rights when relying on legitimate interests.

Purposes of processing:

  • To provide and administer our website, products and services.

  • To communicate with you about orders, inquiries, updates, and customer support.

  • To process payments and prevent fraud.

  • To personalize and improve our website and offerings, perform analytics, and monitor usage.

  • To send marketing communications where you have consented or where permitted by law (with opt-out).

  • To comply with legal and regulatory obligations.

Cookies and tracking We use cookies and similar technologies to enable site functionality, analyze usage and deliver relevant content. You can control cookie preferences via your browser settings and, where provided, the cookie consent tool on the site. Blocking certain cookies may affect site functionality.

Recipients and data sharing We may share personal data with:

  • Service providers and subprocessors (e.g., hosting, payment processors, email and analytics providers) under written contracts that require appropriate safeguards.

  • Legal and regulatory authorities where required by law or to respond to lawful requests.

  • Buyers or successors in the event of a business sale, merger or reorganization (subject to confidentiality and notice).

International transfers Personal data may be processed in and transferred to countries within the EEA and, if necessary, to countries outside the EEA. Where transfers are to countries that do not provide an adequate level of protection, we will put in place appropriate safeguards (e.g., EU Standard Contractual Clauses) or rely on an approved transfer mechanism.

Data retention We retain personal data only for as long as necessary for the purposes described (e.g., to fulfill contracts, comply with legal obligations, resolve disputes, enforce agreements). Specific retention periods depend on the type of data and legal requirements; after that, data will be deleted or anonymized.

Your rights (under the GDPR) You have the right to:

  • Access the personal data we hold about you.

  • Rectify inaccurate or incomplete data.

  • Erase your data (right to be forgotten), subject to legal and contractual limits.

  • Restrict processing of your data.

  • Object to processing based on legitimate interests or for direct marketing.

  • Data portability — receive a copy of personal data in a structured, commonly used, machine-readable format.

  • Withdraw consent where processing is based on consent (withdrawal does not affect processing before withdrawal). To exercise these rights, contact privacy@birg.be. We may ask for information to verify your identity. We will respond within the timeframes required by the GDPR. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données).

Security

We implement technical and organizational measures to protect personal data against unauthorized access, loss, misuse and alteration. However, no internet transmission or storage can be guaranteed completely secure. If a security breach affecting your personal data occurs, we will comply with applicable breach notification obligations.

Changes to this notice:

We may update this Privacy Notice from time to time. The effective date will be posted on the site. Significant changes will be communicated where appropriate.

Contact For privacy inquiries, access requests, complaints or to exercise your rights: privacy@birg.be Controller: norah+birg bv, 3500 Hasselt, Belgium

Effective: current version published on birg.be

bottom of page