1. We process personal data related to :
1. We undertake to use our best efforts to ensure that our personal data processing activities comply with applicable data protection legislation, including (EU) Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or ‘GDPR’) and the Act of 30 July 2018 on the protection of natural persons with regard to the processing of personal data, as amended, supplemented or replaced from time to time (the ‘applicable data protection legislation’).
1. If you are the representative of one of our clients, we process:
2. If you are a client, we process:
3. If you are the representative of one of our suppliers, we process your personal identification data, professional identification data and contact data for the management of our business relationship with our suppliers.
4. If you applied for a job with us, we process your personal identification data, professional identification data, contact data, data relating to your professional life (skills, qualifications, experience etc.) and personal data contained in your curriculum vitae to assess your profile in relation to our recruitment needs.
5. If you visit our Website, we may process electronic identification data about you in an aggregated manner to measure the visits to our Website, improve the browsing experience, and to detect and prevent fraud and computer security breaches.
6. If our workplaces are equipped with surveillance cameras, we can only request access to images about you when such access is necessary for the pursuit of our legitimate interests and to detect offences or incivility to the extent permitted by applicable law.
7. We may also process some of your personal data for the following purposes:
8. We do not subject involved parties to decisions based exclusively on automated data processing and that have a legal impact on them or similarly significantly affect them.
1. We process your personal data as a controller. In this context, we determine the purposes and means for processing your personal data.
1. The provision of your personal data may be necessary:
2. We ask for your free, prior and informed consent before proceeding to process your personal data (e.g. whenever the data processing involves a transfer of your image rights).
3. The provision of some of your personal data (e.g. your personal identification data etc.) determines our ability to provide you with our service or perform our activities.
4. Possible consequences of not providing your personal data could be failure to provide our service or business to you or a possible breach of one or more obligations under applicable laws (e.g. accounting and tax laws).
1. The personal data we process comes from the following sources:
1. The following recipients may receive or have access to some of your personal data (only if this is necessary for the performance of their tasks):
2. We entrust the processing of some personal data to processors only to the extent necessary to perform their tasks and in accordance with our written instructions and applicable data protection legislation.
3. In the case of a restructuration (e.g. financing), we may disclose certain personal data relating to a limited number of involved parties to a third party involved in the transaction (e.g. a bank) in accordance with applicable data protection legislation.
1. We take adequate measures to ensure that our subcontractors process your personal data in accordance with applicable data protection legislation.
2. We ensure that our subcontractors process personal data only according to our instructions, not to engage other processors without our prior consent, to take appropriate technical and organisational measures to guarantee the security of personal data, to ensure that persons authorised to access personal data are subject to adequate confidentiality obligations, to return and/or destroy the personal data they process at the end of their services, to comply with audits and to provide us with assistance in following up on requests from involved parties to exercise their rights in relation to their personal data.
Some recipients of personal data may be organisations headquartered in a country outside the European Economic Area (EEA) or process certain personal data in a country outside the EEA.
If your personal data is transferred to countries outside the EEA, we will ensure that we take the following safeguards:
We ensure that your personal data is only stored for a period needed for the purposes for which they are processed.
We retain invoices and other accounting documents (that may include some of your personal data) for a period of seven (7) years from the date of their issuance, in accordance with accounting law. These accounting documents may contain certain personal identification data, certain professional identification data and certain contact data.
We also use the following criteria to determine the retention period of personal data depending on the context and purposes of each processing:
Subject to applicable data protection legislation, you have a right to information, a right to access, rectify and erase your personal data, the right to object to or restrict the processing of your personal data, a right to portability of personal data and the right to withdraw your consent.
Below is a table describing each of your rights in more detail:
|Right||The right to information|
|The right to information||You have the right to obtain clear, transparent and understandable information about how we process your personal data and how you can exercise your rights. This information is contained in this Policy. If the information is not sufficiently clear, we invite you to contact us (via the contact details in this Policy).|
|The right to access||You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and, in case it is, to access your personal data. You have the right to obtain a copy of your personal data, unless exercising this right would adversely affect the rights and freedoms of others.|
|The right to rectification||You have the right to obtain the rectification of personal data concerning you if it is found to be inaccurate. You also have the right to have your personal data completed if it proves to be incomplete.|
|The right to erasure (the ‘right to be forgotten’)||You have the right to obtain the erasure of your personal data. However, the right to erasure (or the ‘right to be forgotten’) is not absolute and is subject to special conditions. We may retain some of your personal data to the extent permitted by applicable law, and in particular when its processing remains necessary for compliance with legal obligations to which we are subject or for the establishment, execution or defence of legal claims.|
|Right to object to processing||You have the right to object to certain types of processing (where the processing is based on our legitimate interests and, taking into account your particular situation, your interests or fundamental rights and freedoms prevail).|
|Right to object to processing for direct marketing purposes||You have the right to object at any time to the processing of your personal data when we process this data for direct marketing purposes.|
|The right to restriction |
|You have the right to obtain the restriction of processing in certain circumstances (e.g. when we no longer need your personal data but it is still necessary for the establishment, execution or defence of legal claims).|
|The right to portability |
of personal data
|You have the right, under certain circumstances, to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller.|
|The right to withdraw |
|If you have given us your consent to process your personal data, you have the right to withdraw it at any time.|
Please address any request regarding your rights in relation to your personal data that we process (in our capacity as data controller) to our contact person for data protection questions. You find the contact details in this Policy. We undertake to respond to your request as soon as practicable and always within the deadlines provided for by the applicable data protection legislation. Please note that we may retain your personal data for certain purposes where required or permitted by law. Finally, please note that we may, in case of doubt as to your identity, ask you for proof of identity to prevent unauthorised access to your personal data
We take appropriate technical and organisationnal measures to ensure a level of security appropriate to the risks associated with the processing of your personal data.
We follow industry best practices to ensure that personal data is not accidentally or unlawfully destroyed, lost, altered, disclosed or accessed in an unauthorised manner.
If you have any questions or complaints about how we process your personal data, please direct them to our contact person for data protection questions. You can find the contact details in this Policy.
You have the right to lodge a complaint with the competent supervisory authority. The competent authority for Belgium is: Data Protection Authority, Drukpersstraat 35 , 1000 Brussel, +32 (0)2 274 48 00, firstname.lastname@example.org.
We reserve the right to update this Policy from time to time. We will inform you of any changes we may make to this Policy.
In the event of any conflict or inconsistency between any provision of this Policy and a provision of another policy or document relating to the processing of personal data, the provision of this Policy shall prevail.