This Policy is drawn up by Avolta SA located at 50 Place Pierre Delannoy, 7850 Enghien, under the registration number 0753.762.254 (hereinafter referred to as “the controller”).
following address: www.ogongo.com (hereinafter referred to as the “website”) of the manner in
which data is collected and processed by the controller.
This Policy is in line with the wish of the controller to act transparently, in compliance with its
national provisions and with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”).
The controller pays particular attention to the protection of the privacy of its users and therefore
undertakes to take reasonable precautions to protect the personal data collected against loss, theft, disclosure or unauthorized use. “Personal data” means the personal data of the user of the website, so any information relating to an identified or identifiable user.
If the user wishes to react to one of the practices described below, he may contact the controller at the postal address or email address specified in the “contact details” section of this Policy.
Which data do we process?
The data controller collects and processes the following personal data according to the methods and principles described below:
The controller may also collect non-personal data. These data are called non-personal data because they do not directly or indirectly identify a particular person. They may then be used for any purpose whatsoever, for example to improve the website, the products and services offered or the data controller’s advertising.
In the event that non-personal data are combined with personal data, so that identification of the
data subjects is possible, such data will be treated as personal data until such time as it is made
impossible to link them to a particular person.
The controller shall collect personal data in the following manner:
Purposes of the processing
Personal data are collected and processed only for the purposes mentioned below:
The controller may be required to carry out processing operations not yet provided for in this Policy.
In this case, the controller will contact the user before re-using his personal data, in order to inform him of the changes and give him the possibility, if necessary, to refuse such re-use.
Some data processing activities are based on the legitimate interest of the controller. The legitimate interest is proportionate with regard to the rights of the users. For further details regarding the purpose of the processing based on the legitimate interest of the controller, users can contact the controller directly (see contact details in this Policy).
Duration of the storage
In general, the controller shall store personal data only for the time reasonably necessary for the
purposes pursued and in accordance with legal and regulatory requirements.
The personal data of a customer are kept for a maximum of 10 years after the end of the contractual relationship between the customer and the controller.
Shorter retention periods apply for certain categories of data, such as traffic data, which are kept for only 12 months.
At the end of the storage period, the controller shall make every effort to ensure that the personal
data have indeed been made unavailable and inaccessible.
Exercise of rights
For all rights mentioned hereafter, the controller can check the user’s identity before granting the
right.The request for additional information by the controller must be done within 1 month after the request made by the user.
Access to the data and copy
The user may obtain free of charge the written communication or a copy of the personal data
concerning him that have been collected by the data controller.
The controller may charge a reasonable fee based on administrative costs for any additional copies requested by the user.
Where the user makes such a request electronically, the information shall be provided in a commonly used electronic form, unless the user requests otherwise.
The copy of his data will be communicated to the user at the latest within one month after receipt of the request, except in case of a contrary provision in the GDPR.
Right of rectification
The user may obtain free of charge, as soon as possible and at the latest within one month, the
rectification of his personal data which are inaccurate, incomplete or irrelevant, as well as
completing them if they prove to be incomplete.
Except in case of a contrary provision in the GDPR, this request will be handled within one month after the request was made.
Right to object to processing
The user may at any time, for reasons relating to his particular situation, object free of charge to the processing of his personal data, when:
The controller may refuse to exercise the user’s right of opposition where he establishes the
existence of compelling and legitimate reasons justifying the processing, which take precedence
over the interests or rights and freedoms of the user, or for the establishment, exercise or defense of a legal claim. In case of dispute, the user may lodge an appeal in accordance with the point “claims and complaints” of this Policy.
The user may, at any time, oppose, without justification and free of charge, the processing of
personal data concerning him when his data are collected for purposes of commercial prospection (including profiling).
Where personal data are processed for scientific or historical research purposes or for statistical
purposes in accordance with the general data protection regulation, the user has the right to object, for reasons relating to his particular situation, to the processing of personal data concerning him, unless the processing is necessary for the performance of a task in the public interest.
The controller is obliged to reply to the user’s request as soon as possible and at the latest within
one month and to give reasons for his reply if he intends not to comply with such a request, except in case of a contrary provision in the GDPR.
Right of limitation of the processing
The user may obtain the limitation of the processing of his personal data in the cases listed
The controller will inform the user when the limitation of the processing is lifted.
Right to erasure (right to be forgotten)
The user may obtain the deletion of the personal data concerning him, where one of the following
The deletion of data is however not applicable in the following 5 cases :
Right to “data portability”
The user may at any time request to receive his personal data free of charge in a structured,
commonly used and machine-readable format, with a view in particular to transmitting them to
another controller, when:
Under the same conditions and in the same manner, the user has the right to obtain from the
controller that the personal data concerning him will be transmitted directly to another controller of the processing of personal data, insofar as this is technically possible.
The right to data portability shall not apply to processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Recipients of data and disclosure to third parties
The recipients of the data collected and processed are, in addition to the controller himself, his
employees or other subcontractors, his carefully selected business partners, located in Belgium or in the European Union, and who collaborate with the controller in the context of the marketing of products or the provision of services.
In the event that the data are disclosed to third parties for commercial prospecting purposes, the
user will be informed in advance so that he can choose whether or not to accept this data transfer to third parties.
Since the transfer is based on the consent of the user, he can retract his consent at any time with
regard to this exact purpose.
The data controller respects the legal and regulatory provisions in force and will in all cases ensure that his partners, employees, subcontractors or other third parties having access to these personal data comply with this Policy.
The controller reserves the right to disclose the user’s personal data in the event that a law, judicial procedure or an order from a public authority makes such disclosure necessary.
No personal data shall be transferred outside the European Union.
The controller shall implement appropriate technical and organizational measures to guarantee a
level of security of the processing and the data collected with regard to the risks presented by the
processing and the nature of the data to be protected appropriate to the risk. It takes into account
the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks to users’ rights and freedoms.
The controller has put in place appropriate security measures to protect and avoid the loss, misuse or alteration of information received on the website.
In case a breach of personal data occurs, the controller will undertake quick action to identify the
cause and take appropriate measures to remedy the situation.
The controller informs the user of this breach when he is obliged to do so by law.
Claims and complaints
If the user has a complaint, it is adviseable to contact the controller directly.
The user can also lodge a complaint with his national control authority, whose details are listed on the official website of the European Commission:
In addition, action can be undertaken before the competent national courts.
For any question and/or complaint, in particular as to the clear and accessible nature of the present Policy, the user may contact the data controller:
By email: firstname.lastname@example.org
By mail: 50 Place Pierre Delannoy – 7850 Enghien
Applicable law and competent jurisdiction
This Policy shall be governed by the national law of the main place of establishment of the controller.
Any dispute concerning the interpretation or execution of this Policy shall be submitted to the courts of that national law.
The controller reserves the right to modify the provisions of this Policy at any time. Changes will be published with a warning as to their coming into force.
This version of the Policy dates from 23/12/2021.