Privacy Policy

Buissonnière is committed to protecting and respecting your privacy.

This privacy policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

In this privacy policy, “Buissonnière”, “we”, “our” or “us” refers to Buissonnière SA, a limited liability company organized under Belgian law, with statutory seat located at 1300 Wavre, boulevard de l’Europe, 145 and registered with the Crossroads Bank for Enterprises under company number 0439.812.351.


1. Information we collect from you

We may collect and process the following information about you:

Your personal identification data (for example: your name, telephone number, e-mail address, etc.);
In the case your electronic identity card is used as a loyalty card or as a quick identification tool, we will process only the data visible on the card (for example: name, first name, zip code, date of birth, sex, etc.) only in the context of your in-store purchases. Information on the electronic chip that is not visible on the card will not be processed by Buissonnière;
Your banking details (bank card numbers, credit card numbers, etc.);
Your electronic identification data (IP addresses, etc.) when you visit our website or when you make online purchases;
Images in connection with the in-store use of CCTV surveillance cameras, only to the extent permitted by applicable law; and
Your professional identification data, if you are a professional customer or a supplier.
Information we collect from you will be recorded, used and protected by us in accordance with:

The Belgian Act of 8 December 1992 on the protection of privacy in relation to the processing of personal data; and
The Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), and any corresponding or equivalent national laws or regulations in Belgium,

in each case, as in force and applicable, and as may be amended, supplemented or replaced from time to time (hereafter collectively referred to as the “Data Protection Legislation”).


2. Use of your information

We may use your information for the following purposes:

To carry out our obligations arising from an agreement between you and us (for example, the purchase contract of our products) or to provide you with the information and services you request from us (for example, in connection with a request for information);
To provide you with information about other services we offer that are similar to those you have already purchased or requested;
To allow us to contact you for direct marketing purposes (in particular through email marketing);
To inform you of changes made to our services;
To ensure that the content of our website is presented in the most effective manner for you and your computer/device;
To ensure the safety of our premises, buildings and stores;
To provide you with IT support;
To provide you with customer support (in particular through our after-sales service);
To prevent and detect fraud;
For corporate restructuring operations;
For internal and external audits;
For the management of disputes involving you.

3. Legal basis

Your information is being collected and processed on the following legal bases:

If it is necessary for performing the contract we have with you (e.g. we require your address to deliver products that you buy online);
If it is necessary for complying with a legal obligation that applies to us;
If it is necessary for pursuing our legitimate interests, considering these interests are not overridden by your fundamental rights and freedoms (e.g. if we require your information for ensuring security of our stores or to prevent fraud);
When you have given your consent.

4. Disclosure of your information

For the purposes set out above, we may share your information with:

Our business partners;
Public authorities (including judicial and police authorities);
Banks and insurers;
Our professional advisors (e.g. our lawyers or accountants);
Our suppliers of IT related services;
Our suppliers of marketing related services;
Our internal staff related to customer support, marketing and IT.
We will also disclose your information to third parties:

In the event that we sell or buy any business or assets, in which case we may disclose your information to the prospective seller or buyer of such business or assets;
If we are under a duty to disclose or share your information in order to comply with any legal obligation or to protect the rights, property, or safety of Buissonnière, our customers or others. This includes exchanging information with public authorities (including judicial and police authorities) in the event of, for example, a cyber security incident.

5. Transfer of your information

We may transfer certain of your information to recipients located outside of the European Economic Area (“EEA”), including to the United States, if that is appropriate (i) to achieve any of the purposes set out under section 2 and/or (ii) to disclose your information to a third party in accordance with section 4 of this Privacy Policy.

In case your information is transferred outside of the EEA, we will make sure that your information is protected by the following safeguards:

The laws of the country to which your information is transferred ensure an adequate level of data protection (Article 45 GDPR); or
The transfer is subject to data protection clauses as approved by the European Commission (Article 46.2 GDPR) or complies with the EU-US Privacy Shield arrangement in case of a transfer to the United States.
If you wish to receive more information relating to the transfers of your information outside the EEA and/or the safeguards that have been implemented (including on how to receive a copy of these), you may contact us through the contact details set out in section 10 below.


6. Your rights

You have certain rights regarding the information we hold about you. These rights can be exercised by contacting us as set out in section 10 below:

You have the right to access the information we keep about you – this is because we want you to be aware of the information we have about you and to enable you to verify whether we process your information in accordance with the applicable Data Protection Legislation;
You have the right, under certain circumstances, to restrict further use of your information. When the processing is restricted, we can still store your information, but we can no longer use it;
If your information is inaccurate or incomplete, you have the right to request the rectification of your information;
You have the right, under certain circumstances, to request the deletion or removal of your information from our systems;
You have the right to lodge a complaint about the way we handle or process your information with your national data protection authority;
If our processing of your personal information is based specifically on your consent, you have the right to withdraw that consent at any time. This includes your right to withdraw consent to our use of your information for direct marketing purposes;
You have the right to obtain from us, under certain circumstances, your information in a structured, commonly used and machine readable form so you can reuse it for your own purposes across different services.
You also have the right to object to certain types of processing, including processing for direct marketing purposes.

However, please note that we may need to retain certain information, for example for legal or administrative purposes (e.g. keeping of accounting records).

For all requests set out above, please send us an email with “data privacy request” in the subject line. We will respond to your request as soon as practically possible. If we need more than one month (from receipt of your request) to respond to your request, we will come back to you and let you know.


7. Retention of your information

The information we hold about you will be retained in a manner consistent with the applicable Data Protection Legislation. In any event, your information shall not be kept longer than is necessary to achieve the purposes stated in this privacy policy.

Buissonnière uses the following criteria to determine the retention periods of personal data according to the context and purposes of each processing operation:

The time elapsed since the end of your commercial relationship with Buissonnière;
Security reasons (for example, the security of our buildings or our computer systems);
Any current or potential dispute or litigation;
Any legal or regulatory obligation to retain or delete personal data (for example, a retention obligation imposed by an accounting, tax or insurance law).

8. What happens if you do not provide us with the information we request or ask that we stop processing your information?

The ability for us to perform our obligations with regard to:

The contract we have with you; or Legal obligations applicable to us, sometimes depends on us having access to and being able to use certain information about you. Therefore, and depending on the circumstances, if you do not provide us with the information we request or if you ask that we stop processing your information, this may result in us being in breach of one or more applicable legal or contractual obligations.


9. Automated decision-making

We do not perform automated decision-making based on your information.


10. Contact details

Questions, comments and requests regarding this privacy policy (including in respect of your privacy rights above) may be addressed to our Data Protection Correspondent by email at


11. Changes to this privacy policy

Buissonnière reserves the right to update this privacy policy from time to time. If we make changes to this privacy policy, we will notify you so that you are always aware of how we process your personal data.