Privacy policy
This Privacy Policy governs the processing of your personal data by the data controller: Nivello, with its registered office in Aartselaar.
Last updated: 16 December 2025
PRIVACY POLICY
Bislevel BV trading as Nivello (“we”, “us”, “our” and “Bislevel”) is a retailer of tools for tile installers. With registered office at Antwerpsesteenweg 124/95, 2630 Aartselaar, Belgium, registered with the Crossroads Bank for Enterprises (KBO) under number BE 0801.711.829, and reachable via info@nivello.eu.
This Privacy Policy (the “Privacy Policy”) describes the essential information used for the processing of your personal data. By providing your personal data on our website and by submitting personal data (“Personal Data”) via the email addresses listed on this website, you acknowledge that you have read this Privacy Policy and explicitly agree to it, including the processing of your data.
Nivello makes every effort to comply with Regulation (EU) 2016/679 of 27 April 2016 on the protection of personal data (General Data Protection Regulation, better known as GDPR).
Nivello acts both as data controller and data processor of your personal data. You may contact us at any time to:
- request access to the data we hold about you;
- request correction of incorrect data;
- request deletion of your data.
For questions or additional information about your data and its use, you can contact:
BISLEVEL BV - Nivello
Antwerpsesteenweg 124/95
2630 Aartselaar, Belgium
info@nivello.eu
SECTION 1 – YOUR PERSONAL DATA
1.1 What information is collected?
Category 1: if you do not register: your IP address;
Category 2: if you register for the newsletter or a webinar: your email address and newsletter preferences;
Category 3: via cookies: tracking of your website usage;
Category 4: billing and contact details when you order a product or service from Nivello: your first and last name, address, email address, and phone number;
Category 5: participation in contests and sweepstakes.
1.2 How is this information collected?
When you make a purchase in our webshop, we collect the personal data you provide during the purchasing process, such as your name, address, and email address.
When you visit our webshop, we automatically receive your computer’s IP address.
Text marketing (if applicable): with your consent, we may send you SMS messages about our webshop, new products, and other updates, including reminders to complete your order. This is done using webhooks.
During the checkout process and via our website, you may subscribe to our mailing list. After subscribing, you will receive updates, promotions, and news about Nivello. Consent is always clear, voluntary, and can be withdrawn at any time free of charge.
We may also receive information about you from other sources, such as business partners, marketers, researchers, analysts, and social networks. If you use our services via a third-party platform (such as Facebook), we may receive information in accordance with that party’s privacy policy and your settings. We are not responsible for the content or practices of third-party websites or platforms and recommend reviewing their privacy and security policies.
1.3 Who collects this data?
Bislevel BV trading as Nivello collects your personal data, in some cases using third-party applications such as Klaviyo, Hotjar, Shopify, Google Analytics, and social media platforms.
1.4 Privacy protection
Nivello respects the privacy of website visitors, in particular the rights of data subjects regarding the automated processing of personal data. To inform users about how Nivello processes personal data and to comply with legal information obligations, this privacy statement has been prepared.
For more information about personal data protection, data subjects can consult the website of the Belgian Data Protection Authority: www.gegevensbeschermingsautoriteit.be.
SECTION 2 – GENERAL TERMS AND CONDITIONS
2.1 Why are data collected?
The legal basis for processing personal data is the conclusion and performance of the agreement or, at the request of the data subject, the taking of pre-contractual measures.
Nivello uses your personal data exclusively for the following purposes:
Category 1: improvement of the website and inclusion in anonymous statistics (legitimate interest);
Category 2: sending direct marketing and newsletters (based on your explicit consent);
Category 3: improving user experience (based on your consent);
Category 4: delivery and invoicing of products and services requested by you;
Category 5: verification of contest participation and follow-up contact;
Category 6: responding to questions and/or comments from the data subject.
Providing personal data is not mandatory, but without it certain services cannot be delivered.
If the customer is a consumer, providing name, address, telephone number, and email address is a contractual requirement. Without these details, no agreement can be concluded. If the customer is a business, providing the contact person’s name is a contractual requirement; without it, no agreement can be concluded.
2.2 Direct marketing
If you are subscribed to our mailing list, we may send you marketing communications. You may withdraw your consent at any time free of charge via the unsubscribe link in each email or by contacting info@nivello.eu.
We do not sell your personal data to third parties. Data may only be shared if legally required or in the event of a breach of our Terms and Conditions.
2.3 Where do we process data?
Your personal data is processed exclusively within the EEA or in countries recognized by the EU as providing an adequate level of protection. Anonymized or aggregated data may be transferred outside the EEA subject to appropriate safeguards.
Your data may be shared with logistics partners, payment service providers, and other service providers necessary for the execution of our agreement.
Personal data collected by us is shared with the transport company responsible for delivery. In addition, we share your payment details with the designated financial institution as part of the payment process, insofar as this is necessary to process the payment.
To fulfill our contractual obligations towards customers, we work with external shipping partners. We only provide these partners with your name and delivery address and, if necessary for delivery, your telephone number, solely for the purpose of delivering goods via a selected shipping partner.
If your personal data and/or anonymized and/or aggregated data is transferred, the following legal safeguards apply:
- Google – United States – Standard Contractual Clauses (SCC)
- Facebook – United States – Standard Contractual Clauses (SCC)
- Sufio – United States – Standard Contractual Clauses (SCC)
- Hotjar – United States – Standard Contractual Clauses (SCC)
SECTION 3 – ACCESS BY EMPLOYEES AND THIRD PARTIES
We may grant our employees access to your personal data in order to process it. We ensure a level of protection equivalent to this Privacy Policy by making contractual obligations enforceable towards these employees and any persons or parties we engage.
We use third-party applications that may have access to your data, in particular Shopify (an e-commerce platform), Hotjar, and Klaviyo (an email platform). These platforms process your data only to the extent necessary to provide the services they perform on our behalf. All third-party applications and tools used by us comply with the GDPR.
SECTION 4 – FRAUD AND CREDIT CONTROL
Before concluding the purchase agreement, we carry out fraud and credit checks. This is done on the one hand to offer you different payment methods and on the other hand to protect ourselves against the risk of non-payment.
As part of this credit check, we may review all previously placed orders within your customer account. In addition, we assess whether the delivery address differs from the billing address, whether the delivery address is new, and whether the order is to be delivered to a pickup point or parcel locker.
The credit report may contain so-called scoring values, which are calculated using a scientifically recognized mathematical and statistical method and are used to assess credit risk. The credit rating agency also uses this data for other companies (such as other online retailers) for address and/or identity verification and scoring purposes. Your address data is also included in probability values.
If you do not agree with the payment method(s) offered to you, you may challenge this decision by expressing your position via letter or email to info@nivello.eu. We will then reassess the decision, taking your position into account.
In addition, we check—based on predefined rules and device data—whether an order may be considered fraudulent. If there is a suspicion of fraud, we perform an additional manual review of the order. The outcome of this manual fraud check may be positive, resulting in approval of the order. However, if the suspicion of fraud persists, we may decide, depending on the specific case, to cancel the order.
This data processing is necessary for the purposes of our legitimate interest in preventing non-payment and fraud (legal basis: Article 6(1)(f) of the GDPR).
SECTION 5 – THIRD-PARTY SERVICES
In general, third-party service providers we use will only collect, use, and disclose your data to the extent necessary to perform the services they provide on our behalf.
However, certain third-party providers, such as payment gateways and other payment processors, have their own privacy policies regarding the information we are required to provide to them for purchase-related transactions.
For these providers, we recommend that you carefully review their privacy policies so that you understand how your personal data is processed by these parties.
Please note in particular that some providers may be located in, or have facilities in, a jurisdiction different from yours or ours. If you choose to proceed with a transaction involving a third-party service provider, your information may become subject to the laws of the jurisdiction in which that provider or its facilities are located. For example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, your personal data used in that transaction may be subject to disclosure under US legislation, including the Patriot Act.
If your personal data is used by third-party services through our platforms, applications, or otherwise for their own purposes, please refer to the privacy policy of the respective data controller for more information on how they handle your personal data.
Once you leave our webshop or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or by the Terms and Conditions of our website.
SECTION 6 – SHOPIFY
Our webshop is hosted by Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases, and general application. Shopify stores your data on a secure server behind a firewall.
Payment
If you choose a direct payment gateway to complete your purchase, your credit card data is stored by Shopify. This data is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your transaction data is stored only for as long as necessary to complete the payment. Once the transaction is completed, this data is deleted.
All direct payment gateways comply with PCI-DSS standards managed by the PCI Security Standards Council, a joint initiative of brands such as Visa, MasterCard, American Express, and Discover.
The PCI-DSS requirements help ensure the secure handling of credit card information by our webshop and its service providers.
For more information, you may also consult Shopify’s Terms and Conditions or Shopify’s Privacy Policy.
SECTION 7 – DURATION OF PROCESSING
7.1 Retention of personal data
We retain and process your personal data for the period necessary to fulfil the purposes of processing and to execute the contractual relationship between you and Nivello.
Once the data is no longer required for the purposes described in Section 2, we will retain your personal data for the period during which legal claims may still be brought by or against us. The statutory limitation period is generally three years, starting from the end of the year in which the claim arises, for example the end of the year in which the purchase took place.
In addition, we retain your personal data for as long and insofar as we are legally required to do so. In such cases, retention periods may extend up to ten years.
7.2 Deletion of personal data
Nivello will delete personal data from its systems without undue delay, including when:
- the personal data is no longer necessary for the purposes for which it was processed;
- the data subject objects to the processing of their personal data and this objection is justified;
- the personal data is incorrect or outdated.
Nivello is not obliged to delete personal data if one of the legally defined exceptions to the “right to be forgotten” applies.
SECTION 8 – YOUR RIGHTS
The rights listed below regarding your personal data can be exercised at any time by simply submitting a request.
8.1 Right of access and information
You have the right to obtain access to your personal data at any time, free of charge.
8.2 Right to rectification, deletion and restriction
You are free to provide or withhold your personal data. In addition, you have the right to request that we correct, supplement, or delete your personal data.
8.3 Right to object
You have the right to object at any time to the processing of your personal data for compelling legitimate reasons or for direct marketing purposes.
8.4 Right to data portability
You have the right to receive your personal data in a structured format and/or request that it be transferred to another data controller.
8.5 Right to withdraw consent
Where processing is based on your prior consent, you have the right to withdraw that consent at any time.
8.6 Exercise of your rights
You can exercise your rights by contacting us either by email at info@nivello.eu or by post at Antwerpsesteenweg 124/95, 2630 Aartselaar, Belgium. For identification purposes, we may request additional verification.
8.7 Automated decision-making and profiling
During the processing of your personal data, no profiling methods are used that have a negative automated impact on the services provided to you.
8.8 Right to lodge a complaint
If you have a complaint regarding the processing of your personal data, you have the right to lodge a complaint with the Belgian Data Protection Authority. More information can be found at www.gegevensbeschermingsautoriteit.be.
SECTION 9 – SECURITY
We have implemented appropriate technical and organizational security measures to prevent the destruction, loss, falsification, alteration, unauthorized access to, or accidental disclosure of collected personal data, as well as any other unlawful processing of such data.
Under no circumstances can we be held liable for any direct or indirect damage resulting from improper or unlawful use of personal data by a third party.
You must at all times comply with the applicable security guidelines. You are therefore solely responsible for the use made of the website on your computer, your IP address, and your identification data, as well as for maintaining their confidentiality.
SECTION 10 – CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. We therefore recommend that you review this policy regularly. Changes and clarifications will take effect immediately upon publication on the website.
If we make material changes to this policy, we will inform you that it has been updated so that you are aware of what information we collect, how we use it, and under what circumstances we may use and/or disclose it.
If our webshop is acquired or merged with another company, your data may be transferred to the new owners so that we can continue to sell products to you.
SECTION 11 – LINKS TO OTHER WEBSITES
We are not responsible for the content of websites that are linked to or mentioned on our website by the operator or visitors. Visitors should be aware that the privacy policies of other websites may differ from that of Nivello (Bislevel).
A link to a website should not be considered an explicit endorsement of its content, nor can its accuracy be permanently guaranteed.
SECTION 12 – COOKIES
12.1 What are cookies?
A cookie is a small text file that is placed on the hard drive of the device of the data subject when visiting the website. A cookie contains data so that the data subject can be recognized as a visitor on each visit to the website. This makes it possible to customize the website for the user and simplify the login process.
When the data subject visits the website, a banner appears informing them about the use of cookies and requesting consent for the use of tracking cookies. This consent is valid for a period of thirteen months.
12.2 Use of cookies
The website uses the following cookies:
- Google Analytics (analytical cookie)
- Facebook (tracking cookie)
- Google Ads (tracking cookie)
- Hotjar (tracking cookie)
- Bing Ads (tracking cookie)
- Functional cookies
12.3 Functional cookies
Functional cookies, such as session and login cookies, are used to store session and login information. These cookies ensure that the website functions properly and allow the user to place products in their shopping cart.
12.4 Analytical cookies
Analytical cookies are used to gain insights into website usage based on information such as visitor numbers, popular pages, and topics. This allows Nivello to better tailor communication and information to the needs of website visitors.
Nivello cannot see who visits the website or from which computer the visit originates. Analytical cookies are not shared with third parties, are not used by third parties, and are not linked to the name or email address of the user. Visitors remain anonymous.
12.5 Tracking cookies
Tracking cookies, such as advertising cookies, are used to display relevant advertisements. Based on information about visited websites, personal interests can be inferred. This allows organizations to show targeted advertisements to website visitors. Tracking cookies make it possible to build user profiles and treat users differently. Tracking cookies typically involve the processing of personal data.
12.6 Opting out
The data subject can opt out of cookies by configuring their internet browser so that one or more types of cookies are no longer placed. In addition, the data subject can also delete all previously stored information via their browser settings.
More information on enabling, disabling, and deleting cookies can be found in the instructions and/or help function of the browser.
Functional cookies are necessary for the proper functioning of the website. If the user disables functional cookies, this may affect the proper functioning of the website and it may be impossible to place orders through the website.
SECTION 13 – NEWSLETTERS
4.1 Sending newsletters
Newsletters are sent by email to the data subject only if the data subject has given explicit and unambiguous consent to Nivello. The data subject may unsubscribe from newsletters at any time.
Nivello will not contact the data subject for direct marketing purposes if no consent has been given.
4.2 Unsubscribing from newsletters
The data subject may unsubscribe from newsletters in the following ways:
- by clicking the unsubscribe link included in each newsletter email;
- by contacting Nivello directly.
Each newsletter sent to the data subject contains a link that allows them to unsubscribe from future newsletters.