Privacy policy
Thank you for taking the time to read our privacy policy before deciding whether or not to share your personal data with us. Personal data is any data that can identify you directly or indirectly. This document explains who we are, how we collect and use your personal data, and your individual rights under the GDPR (General Data Protection Regulation) and the legislation implementing it.
The people concerned by this privacy policy are: our current and former clients, our prospects, the users of our websites (including kernweb.be), our partners, our suppliers and our job applicants.
Section I. Who are we and how to contact us?
kernweb.be is the website of KernWeb, the web division of KERN-IT. The controller of the personal data concerning you is:
KERN-IT SRL
Rue Belliard 2A, 1040 Brussels, Belgium
Registration number: BE0845906217
If you have any questions about this privacy policy and the way we use your personal data, you can contact us by email at privacy@kern-it.be or by post at the address above.
This policy may be updated regularly. In the event of significant changes, we will keep you informed through our usual communication channels; otherwise, please check this page regularly. It came into force on 26 July 2023 and was adapted for kernweb.be on 2 July 2026.
Section II. What data do we collect and how?
The categories of personal data we collect and process are the following: data relating to cookies and similar technologies, identity data, contact details, data relating to professional background, data relating to personal life, data relating to the management of the commercial relationship, data processed for commercial solicitation, data relating to people's opinions and reviews, and location data.
We collect this data directly from you: when you become a client, fill in an (online) form, contact us through one of our channels, visit our website or apply for a job.
Cookies are text files placed on your device when you use our website or other services. To find out more, see our cookie policy: during normal browsing, kernweb.be sets no cookies at all.
Section III. Why do we need your data?
On the basis of your consent: managing reviews of products, services or content; running satisfaction surveys and client studies; producing statistics on the use of our services.
For the performance of the contract or pre-contractual measures between you and us: managing the client file, the pre-contractual relationship, complaints and after-sales service, client communication, support, orders, deliveries, invoices and payments; selecting, managing and monitoring our suppliers and partners; managing pre-litigation and litigation; managing recruitment and applications.
To comply with our legal obligations: keeping our accounts and complying with accounting, tax and other obligations.
In the context of our legitimate interests, subject to your fundamental rights and freedoms: commercial prospecting and marketing actions; security of IT networks, information and data; proper functioning of our website and display of the version suited to your device; fraud prevention. Where processing is based on our legitimate interest, you can obtain further information on how your rights are balanced against it by contacting us.
What happens if you do not provide the necessary data? Where data is necessary for the contract, we would be unable to provide you with the services. Where data is necessary to comply with a legal obligation, we would be unable to comply with that obligation and therefore to provide you with the goods and/or services.
Section IV. What do we do with your data?
Recipients. In addition to our internal departments, we may share your data with: our processors and suppliers (IT and website hosting, IT and maintenance providers, audience measurement and online service optimisation, client support, database management, accounting and financial solutions, document management, email and newsletter sending, marketing services, satisfaction surveys, statistical analyses); professional advisers, including regulated professions; public authorities where the law requires it. This sharing only takes place within the limits allowed by law.
Retention periods. We only keep your data for as long as necessary for the purposes described above:
- 7 years (duration of the contractual relationship and legal limitation periods): client file, complaints and warranties, client communication, orders, deliveries, invoices and payments, supplier and partner management, accounting and tax obligations, pre-litigation and litigation.
- 3 years: satisfaction surveys and client studies (from the withdrawal of consent or the last interaction).
- 2 years: commercial prospecting and marketing (from the exercise of the right to object or after collection), network security and fraud prevention, proper functioning of the website, recruitment and applications.
- 1 year: pre-contractual relationship with potential clients, people's reviews, supplier and partner selection, service usage statistics.
- 6 months: client support and IT support (after the last interaction).
For more details on retention by purpose, contact us through the channels listed in Section I.
Transfers outside the European Economic Area. Your data may be transferred outside the EEA. In that case, we implement protective measures: transfers based on the standard contractual clauses (SCC) adopted by the European Commission (art. 46-2(c) GDPR) or by the supervisory authorities (art. 46-2(d) GDPR). You can obtain further information by contacting us.
Section V. What are your rights?
You have rights over the use of your personal data. They vary depending on the legal basis of the processing and certain purposes. When you exercise a right, we may ask you for a document proving your identity in case of reasonable doubt, for example to prevent identity theft. Exercising your rights is free of charge, except for repetitive or excessive requests.
- Right to be informed about the use of your data and the exercise of your rights.
- Right to access and receive a copy of your data: which data we process, for which purposes, with which recipients and for how long. This right is exercised subject to the rights and freedoms of third parties.
- Right to rectification if your data is incomplete, inaccurate or out of date.
- Right to erasure where the data is no longer necessary for the purposes. We may refuse where processing remains necessary, in particular for our legal obligations or for evidentiary purposes.
- Right to restriction of processing in certain specific cases: we then refrain from any further processing for as long as needed to handle your request.
- Right to object where processing is based on our legitimate interest, and in all cases for direct marketing and profiling related to direct marketing.
- Right to withdraw your consent at any time, for processing based on it.
- Right to portability: to retrieve, free of charge and in a structured, machine-readable format, the data you provided to us on the basis of your consent or a contract, and where applicable to transmit it to another controller.
- Right to lodge a complaint with the supervisory authority of your country of residence or work. In Belgium: the Data Protection Authority (APD/GBA), Rue de la Presse 35, 1000 Brussels, dataprotectionauthority.be. The list of European authorities is available on the EDPB website.
You can exercise these rights through the communication channels listed in Section I.