Privacy policy

Privacy policy

THE BASICS

Loop BV ("we," "us," "our," and "Loop") is a seller of earplugs. With registered office at Posthofbrug 6/8 Bus 5/148, 2600 Berchem, Belgium, listed with the CBE (Crossroads Bank of Enterprises) under number BE 0665.977.551 and can be reached through our contact page.

This privacy policy (the “Privacy Policy”) outlines the essential information that is used to process your personal data.  By providing your personal data on our website and by entering personal data (“Personal Data) in the email addresses stated on this website, you declare that you have taken due note of this Privacy Policy, and that you also expressly agree with it and with the processing as such.

Loop makes every effort to comply with European Regulation 2016/679 of 27 April 2016 with regard to the Processing of Personal Data (General Data Protection Regulation or better known as GDPR).

Loop is both processor as collector of your personal data. You can contact us at any time to:

Request access to information we have of you
Correct any information we have
Delete information we have of you
If you have questions or would like additional information on your data and the use of it, please contact us at:

LOOP
Posthofbrug 6/8 Bus 5/148, 2600 Berchem, Belgium.

SECTION 1 - YOUR PERSONAL DATA

1.1 What information is being collected?

  • Category 1, if you do not register: your IP-address;
  • Category 2: if you register for the newsletter: your email newsletter preferences;
  • Category 3: via cookies: tracking of how you use the website;
  • Category 4: invoice data, contact details and your shipping address if one of the products or services of Loop is ordered or a contact request is submitted;
  • Category 5: Sweepstakes and competition participation;
  • Category 6: User feedback and user research

1.2 How it is collected?

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When subscribing to our newsletter, back in stock reminders or any other subscriptions, we collect the personal information you give us such as your e-mail address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address.

Text marketing (if applicable): With your permission, we may send text messages about our store, new products, and other updates. Updates include Checkout Reminders. Webhooks will be used to trigger the Checkout Reminders messaging system.

We use your information to verify your eligibility to enter the sweepstake and competition, and to contact you using the contact details you share with us. In case you are the winner of the competition or the sweepstake, we will use your information to send you the prize, and to take care of other administrative and legal requirements as necessary.

We have the option to subscribe to our mailing list during your order as well as on our website. When subscribed, we'll send you updates, promotions and the latest news about Loop. The required opt-in will always be specific, clear and consent must be freely given. You can unsubscribe at any time and free of charge.

We may receive information about you from other sources, such as business partners, marketers, researchers, analysts, social network services and other parties to help us supplement our records.  If you access our Services through a third-party website (such as Facebook), we may receive information about you from that third-party site, application or platform, depending on the third-party’s data practices and your settings.  We will not be responsible for the content or practices of third-party’s websites, applications or platforms.  We urge you to read the privacy and security policies of any third-party websites, applications or platforms you choose to use.

1.3 Who is collecting it?

Loop collects your personal information, in some cases using third party apps like Emarsys,  Shopify, Google Analytics, Amplitude and social media platforms (Meta, Snapchat and TikTok).

 

SECTION 2 - PURPOSE OF THE PROCESSING

2.1 Why it is collected?

Loop shall use the Personal Data collected from you exclusively for the following purposes:

  • Category 1: in order to improve this website and to include Personal Data in anonymous statistics and prevent fraud, which cannot lead to the discovery of the identity of particular persons or companies, the legal grounds for which are Loop’s legitimate interests to make ongoing improvements to its website and service provision;
  • Category 2: to send you direct marketing, newsletters, the legal grounds for which are your explicit, advance consent. This consent can always be withdrawn;
  • Category 3: to improve user experience, the legal grounds for which are your explicit, advance consent;
  • Categories 4: to provide and invoice the services you have requested, the legal grounds for which are the provision of a service that you requested.
  • Category 5: to verify your eligibility to enter the sweepstake and competition, and to contact you using the contact details.
  • Category 6: to collect user feedback and perform user research on existing and new products with consent of the participant.

You are not obliged to disclose your personal data but please understand that it becomes impossible to provide certain services if the processing is refused.

2.2 Direct marketing

If you have already been included in our mailing list as one of the recipients of hard-copy and/or soft-copy marketing material, we can use your data to send marketing and other material relating to the various services using electronic messaging or remarketing services.  Such consent can be withdrawn, free of charge and without giving any reason and at any point in time by clicking the unsubscribe link provided, or you can withdraw your consent by contacting us at [email protected]. Said unsubscribe link is included in every email sent for direct marketing purposes.

We will not sell or make your Personal Data available to third parties, unless you give your advance consent.  We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

2.3 Where we process data?

We personally and our external processors will only process your identifiable personal data in the EEA (European Economic Area), countries on the EU safe list or with companies that joined the Data Privacy Framework.

We can transmit your anonymised and/or aggregate data to organizations outside the European Area. If such transmission is made, we will ensure that there are appropriate warranties to guarantee the security and integrity of your personal data, and that all the rights that you could enjoy under the applicable mandatory law relating to personal data are guaranteed.

To process your order, we work together with service provider(s), who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers.

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract. We pass on your payment data to the commissioned credit institute as part of the payment process, provided this is necessary for the payment process. 

In order to fulfill our contractual obligations towards our customers, we work together with external shipping partners. We pass on your name and your delivery address and, if necessary for the delivery, your telephone number, exclusively for the purpose of delivering the goods to a shipping partner selected by us.

The following legal protection mechanism will be implemented if there is a transmission of your personal data and/or anonymized and/or aggregate data:

Which? Google
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

Which? Meta
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

Which? Pinterest
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

Which? Linkedin
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

Which? Gorgias
Country outside EEA? USA
Lawful transmission system? US – Standard Contractual Clauses (“SCC”)

Which? Yotpo
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

Which? Cheq.ai
Country outside EEA? USA
Lawful transmission system? US – Standard Contractual Clauses (“SCC”)

Which? HubSpot
Country outside EEA? USA
Lawful transmission system? US – Data Privacy Framework

 

SECTION 3 - ACCESS BY EMPLOYEES AND THIRD PARTIES

We may grant employees access to your personal data to be able to process such data.  We guarantee a level of protection similar to this Privacy Policy by making contractual obligations enforceable vis-à-vis said employees and persons whom we engage.

We use third parties' apps that have access to your data. All platforms process your data to the extent necessary to allow them to perform the services they provide to us. All third-party apps or tools we use are GDPR compliant.

 

SECTION 4 – Fraud and Credit Check

Before concluding the purchase contract, we carry out a fraud and credit check. This is done to enable us to offer you a choice of different payment methods and at the same time to protect ourselves against the default of payment of the invoice. As part of the credit check, we i.a. can check all previously made orders in your customer account. It is also checked whether the delivery address differs from the billing address, whether the delivery address is new or if the order should be delivered to a pack station. The credit report can list so-called score values, which are calculated based on a scientifically recognised mathematical and statistical procedure and are used to assess the credit risk. The credit rating agency also uses the above data for other enterprises (e.g. other online traders) for the purposes of checking addresses and/or identity checks, and for any scoring applications based on these. Your address data is also included in the probability values.

If you do not agree with the payment method(s) you have been offered, you can contest the decision stating your point of view either by letter or by sending an email to [email protected]. We will then check the decision taken once again, in consideration of your point of view.

In addition to that we will check, based on your device on pre-defined rules, if the order should be categorised as being suspected of fraud. If there is any suspicion of fraud, we will additionally carry out an individual check on the order. The result of this manual fraud check can either be positive, which would lead to the order being approved. If, however, the suspicion of fraud remains, we may decide to cancel the order, depending on the particular case.

This data processing necessary for the purpose of our legitimate interest to avoid default of payment and fraud (Legal basis: Art. 6 (1) sentence 1, lit. f GDPR).

SECTION 5 - THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.  As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

You can find a list of third party services who processes your Personal Data under Responsible Entities’ instructions below. The list is subject to change as necessary.

COMPANY - SERVICE

Loop BV

Webshop operations & Marketing

Shopify Inc

Canada – e-commerce platform

Mollie

the Netherlands - Payment Processes

Klarna

Sweden - Payment Processes

DHL

Germany - Product Delivery

Paypal

USA - Payment Service

Apple Pay, Google pay

USA - Payment Service
Emarsys
 Austria - Marketing automation

Meta Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2

Ireland - Social Media Interaction

Twitter

USA - Social Media Interaction

Google

USA - Ads platform

Amplitude

USA – Analytics

Bing (Microsoft Corporation)

US – Ads platform

Pinterest Inc.

US – Social Media Interaction

TikTok

Ireland – Social Media Interaction

Linkedin (Microsoft Corporation)

US – Social Media Interaction

Cheq.ai

US – Anti-fraud protection

Gorgias Inc

US – multi-channel helpdesk

Yotpo

US – e-commerce marketing platform

HubSpot

US – B2B CRM

 

                                                                                         

Where your personal data may be used by third party services via our platforms, applications or elsewhere for their own purposes, please consult the privacy notice of their Data Controller for more information about how they handle your personal data. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

SECTION 6 - SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.  Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Policy here.

SECTION 7 – DURATION OF THE PROCESSING

We store and process the personal data for a period necessary for the purposes of the processing and for the purposes of the contractual relationship between you and Loop.

As soon as the data for the purposes named in Section 2 is no longer required, we keep your personal data for the length of time, during which you can assert claims against us or we can assert claims against you (the statutory period of limitations is generally three years, starting with the end of the year in which the claim arises, e.g. the end of the year of purchase). 

In addition to this, we store your personal data for as long and to the extent we are obliged to do so by law. The retention periods may accordingly last up to ten years. 

SECTION 8 – YOUR RIGHTS

The following rights relating to own personal data can always be exercised merely by request.

8.1 Right of admission and perusal:

You have the right at any point in time to take due note of your personal data, free of charge.

 

8.2 Right of correction, removal and restriction:

You are free to disclose or not to disclose your personal data to us. In addition, you also have the right to request us to correct, supplement or erase your personal data.

 

8.3 Right of objection:

You always have the right to object to the processing of your personal data for serious and legitimate reasons or for direct marketing purposes.

 

8.4 Right of portability:

You have the right to obtain your personal data in a structured format and/or to transfer them to other controllers.

 

8.5 Right to withdraw consent:

Where the processing is based on your advance consent, you do, of course, have the right to withdraw it.

 

8.6 Exercise of your rights:

You can exercise your rights by contacting us for such purpose, either through our contact page, or by post sent to Posthofbrug 6/8 bus 5/148, 2600 Berchem, Belgium. Additional identification may be requested for legitimacy purposes.

 

8.7 Automatic decisions and profiling:

No profiling methods having detrimental automatic impact on the services received are used while your personal data are being processed.

 

8.8 Right to submit complaints:

If you have a complaint regarding our processing of your personal data, you are at liberty to file a complaint with our legal department ([email protected]) or with the Belgian Data Protection Authority. For more information, go to www.dataprotectionauthority.be.

 

 

SECTION 9 – SECURITY

We have developed technically and organizationally adapted security measures to prevent personal data collected from being destroyed, lost, forged, changed, accessed without permission or disclosed to third persons by mistake and to prevent any other unauthorised processing of such data.

Under no circumstances can we be regarded liable for any direct or indirect damage arising from incorrect or unlawful use of the personal data by a third party.

You must comply with the safety prescriptions at all times. You are therefore the sole person responsible for the use made of the website on your computer, your IP address and your identity data, as well as for the confidentiality thereof.

 

SECTION 10 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

 

SECTION 11 – LINKS TO OTHER WEBSITES

We are not responsible for the content of websites referring to links which the administrator or visitors mention on our website. Visitors must be aware of the fact that the privacy of other websites may differ from that of Loop.

A link to a website cannot be regarded as express approval of the content of this website, neither can the correctness be permanently guaranteed.

SECTION 12 - COOKIES

We refer to the cookie policy of this website regarding the use of Cookies.

 

This Privacy Policy was last updated on February 20th, 2024