In this policy, M82 (further herein referred to as the ‘owner’) describes how information is collected, stored and processed for any Solution (website, service, product or software) owned and operated by M82, which include, but are not limited to: www.m82.lu.

The owner is the personal data controller of the personal data provided by you. By continuing to use the website you confirm that you have read and understood this privacy policy. If you do not agree with anything that is mentioned in this policy, please stop using the website.

Collected Information

The following personal information may be collected, stored and processed:

• Information submitted and provided by the customer with an Order Form, such as name, e-mail address, postal address, phone number, company name and VAT number.
• Information about the visitor’s computer and his visit to the owner’s websites, like IP address, browser type and version, access date and time.
• Information provided when contacting the owner for any information or for any other reason.

Usage of the collected information

Any information collected by the owner may be used in one of the following ways:

• To fulfill the provision of the services and solutions to which the customer has agreed;
• To identify technical problems;
• To improve the owner’s customer service and detect fraud;
• To deal with complaints made by or against the customer;
• To be able to answer and address any queries or communications received from the customer when the customer contacts the owner for any reason and in any manner.

Information Disclosure

The owner does not sell, trade or otherwise transfer to outside parties the customer’s personally identifiable information. This does not include trusted third parties who assist the owner in operating its website, conducting its business or servicing the customer; and with whom we have agreements for confidentiality and protection of personal data that are in line with the provisions of applicable data protection laws. We do not allow our third-party service owners to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. The owner may also disclose information which it is necessary to comply with the law or regulation or judicial or other order which legally requires the owner to disclosure the information and to enforce the owner’s site policies or protect its or others’ rights, property or safety.

Protection of information

We use a variety of security technologies and procedures to try to protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer servers with limited access that are located in controlled facilities.

Retention period

The owner will retain the personal data it processes for you for as long as necessary for the respective purpose of processing:

• For the personal data collect through the contact form – for the time necessary to prepare and send a reply to your inquiry and within 12 months of our last correspondence with you unless you become our customer in which case the relevant provisions of the terms of service or/ and the respective agreement signed between us shall apply regarding the processing of your personal data;
• For all other personal data, the owner will retain such personal data for as long as needed for the purposes it was originally collected as per applicable laws, resolve disputes and enforce its agreements.

Rights of Data Subjects

In connection with the processing of your personal data by the owner you have the following rights:

(a) right to access – you have the right to confirmation as to whether or not the owner processes your personal data and, where the owner does, access to the personal data, together with certain additional information. Provided that the rights and freedoms of others are not affected, the owner will provide you with a copy of its personal data as permitted by applicable data protection laws;

(b) right to rectification – you have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed;

(c) right to erasure – you have the right to the erasure of your personal data without undue delay in the following circumstances:
1) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2) you withdraw your consent to consent-based processing;
3) you object to the processing under certain rules of applicable data protection law;
4) the processing is for direct marketing purposes; and
5) the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: i) for exercising the right of freedom of expression and information; ii) for compliance with a legal obligation; or iii) for the establishment, exercise or defence of legal claims;

(d) right to restriction of the processing – Where the owner is relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate legitimate grounds for the processing which override your interests, rights and freedoms.

(e) right to objection to the processing – you have the right to object to the owner’s processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for one of the following:
1) the performance of a task carried out in the public interest or in the exercise of any official authority vested in the owner; or
2) the purposes of the legitimate interests pursued by the owner or by a third party.
If you make such an objection, the owner will cease to process your personal data unless the owner can demonstrate compelling legitimate grounds for the processing which have priority over your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims;

(f) right to data portability – you have the right to receive your personal data from the owner in a structured, commonly used and machine-readable format;

(g) right to lodge a complaint with a supervisory authority – you have a legal right to lodge a complaint with the supervisory authority of one of the EU Member States, responsible for data protection. You may do so in the EU Member State of your habitual residence, your place of work or the place of the alleged infringement. You may find the contact details of the relevant Member States’ supervisory authorities here: http://ec.europa.eu/justice/article29/structure/data-protection-authorities/index_en.htm ; and

(h) right to withdraw the given consent – to the extent that the legal basis for the owner’s processing of your personal data is consent, you have the right to withdraw that consent at any time. Such withdrawal will not affect the lawfulness of any processing performed before it. You may withdraw your consent or exercise any of your rights hereunder in relation to the processing of your personal data by written notice to the owner. Check m82.lu/legal for more details. We shall do our best to reply to you without undue delay.

Third Party Websites

The owner’s websites may contain links to other websites. These websites have their own privacy policies and therefore please refer to those privacy policies on such websites as to what data is collected and the manner by which they are processed.

Policy Changes

The owner reserves the right to change its policy at any time to meet the needs of our customers, changing laws and new technology. Please, refer to the date at the end of this policy regarding the date of its last update.

Contacting the owner

If there are any questions regarding this policy, you may contact the owner. Check m82.lu/legal for more details.

This Policy was last modified on: 1st April 2023.