
Privacy
Policy
This Contour Lab privacy policy governs the collection, storage and use of your personal data as users of the Contour Lab solution (the “Solution“). It provides you with details about the personal data Contour Lab collects from you, how we use it and your rights to control personal data we hold about you.
Any future updates will be posted on https://app.contourlab.io/privacy-policy.
1
Who we are
Contour Lab is a provider of a Solution that suggests and facilitates clothing and apparel style selection of end-customers during their shopping journey through data driven insights, having its registered offices at Sint-Pietersvliet 7, 2000 Antwerpen, Belgium (“Contour Lab” or “we“).
2
Contour Lab as the data controller or as the data processor
Under the EU General Data Protection Regulation (the “GDPR“), “data controller” and “data processor” are important concepts in understanding Contour Lab’s responsibilities under the GDPR. Depending on the scenario, Contour Lab may be a data controller, data processor or both and has specific responsibilities as a result.
While Contour Lab operates mainly as a data processor, i.e. to provide the Solution and ancillary services, there are some instances in which we operate as a data controller.
Examples where we operate as a data controller include the processing of personal data (i) to optimize and improve our Solution and services and (ii) where the data subject provides information to us directly.
3
The personal data we collect about you and the purposes for which we collect it:
Below you will find an overview of:
a) the categories of personal data that we (or third party data processors acting on our behalf may collect – for further information on data processors acting on our behalf, see below under point 3), use and store about you;
b) the purposes for which this data would be collected;
c) the legal basis for processing.​​​​

4
How we share your personal data and who we share it with
4.1 Principle
We will not sell, rent or otherwise disclose your personal data to any third party, except as described in this policy.
4.2 Third parties
Your data may be communicated to third parties in the following cases:
– our subcontractors in the context of services we ask them to perform on our behalf (e.g. IT subcontractors);
– the stores concerned on whose website you have used the Solution;
– the companies called in to improve our Solution, services and our marketing activities;
4.3 Compliance with laws and legal proceedings
We may disclose your personal data where:
– we are required to do so by applicable law, by a governmental body or by a law enforcement agency;
– to establish or exercise our legal rights or defend against legal claims;
– to investigate, prevent or take actions against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, or as otherwise required by law.
5
How long do we keep your personal data?
We keep your personal data for no longer than necessary for the purposes for which the personal data is processed. The length of time for which we retain personal data depends on the purposes for which we collect and use it and/or as required to comply with applicable laws (including bookkeeping, social and tax obligations) and to establish, exercise or defend our legal rights.

6
International transfers
In connection with the abovementioned purposes, we try to avoid as much as possible the transfer of personal data that we collect from you to third party data processors located outside the European Economic Area.
7
Security
We take appropriate technical and organisational measures to safeguard the personal data that you provide to us against unauthorized or unlawful processing and against accidental destruction, loss or damage.
?Also mention that we make your data anonymous so that they cannot be traced back to you and the data exchanges only take place via secure channels?
8
Your rights
You have the following rights as a data subject:
a) the right to access to personal data that we hold about you;
b) the right to ask us to update or correct any out-of-date or incorrect personal data that we hold about you;
c) where the processing is based on your consent, the right to withdraw consent at any given time, without affecting the lawfulness of processing based on consent before its withdrawal;
d) the right to erasure where the conditions of article 17 of the GDPR have been met;
e) the right to restriction of processing where the conditions of article 18 of the GDPR have been met;
f) the right to data portability insofar the conditions of article 20 GDPR apply to you;
g) the right to object to processing of personal data concerning you, insofar the conditions under article 21 GDPR have been met; and
h) the right to opt out of any direct marketing communications that we (with your consent) may send you.
You can exercise these rights at any given time by emailing us at contact@contourlab.com.
You also have the right to lodge a complaint with the competent supervisory authority.

Any question?
If you have any question about this privacy policy and/or how we collect, store and use your personal data, you can email us at hello@contourlab.io.