We are responsible for the processing of your personal data. As the controller, we take all appropriate technical and organisational measures so that the processing complies with Regulation (EU) 2016/679 of 27 April 2016 (hereinafter “GDPR”). The appointees or employees of ours who have access to your personal data as well as processors we engage are equally obliged to comply with the GDPR.
We process your personal data for the following purposes:
- Your personal data will not be used for direct marketing.
- What is the legal basis for processing your personal data?
We process your personal data if:
- We need them for: consent, performance of contract, legal obligation, vital interests, public interest, legitimate interests.
We process the personal data necessary for the performance of our services. Additional data provided by you are considered as data that may be used by us.
All parties required to process your personal data. This includes legal provisions or administrative obligations, such as cooperation with an accounting firm.
Data resulting from the use of this website are stored on a secure server, managed by Combell.
We will not retain your personal data any longer than necessary to fulfil the specified purpose. If the purpose has been fulfilled, we will in principle delete your personal data.
Rights and responsibilities
- You have the right to request:
- inspection of your personal data;
- correction or removal of your personal data;
- restriction of the processing that concerns you.
- You have the right to object to the processing of your personal data. You can object, at any time and free of charge, to the processing of your personal data for direct marketing purposes.
- You have the right to transfer your personal data to another controller.
- If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. However, the withdrawal of your consent shall not have retroactive effect and shall not affect the lawfulness of the processing based on your consent before its withdrawal.
- You have the right to complain to the Data Protection Authority (https://www.gegevensbeschermingsautoriteit.be/).
- The exercise of the above rights is subject to the requirements and conditions set out in the GDPR.
- In order to exercise the above rights, you can simply send us a request and provide adequate identification.
- We take all appropriate security measures to protect your personal data. This includes the necessary measures regarding access control, encryption, physical and operational security, in particular in relation to the website and our servers.
- We keep a processing register which also describes the (category of) processing of your personal data.
- We cooperate with the competent data protection authorities (upon their request).
- We will, where necessary and/or required, immediately report to the Data Protection Authority any breaches related to your personal data (including unlawful processing, loss, unavailability, destruction, damage or unauthorised disclosure) and no later than 72 hours after becoming aware of them.
- In the event that such a breach is likely to pose a high risk to your rights, and under the conditions set out in the GDPR, we will also notify you. In case you should become aware in any way of a breach related to your personal data or those of others, you can contact us at our e-mail address which can be found in the first section, at the top of this page.
- If we were to use certain new technologies or applications to process your personal data, which would be likely to pose high data protection risks to you, we will, under the terms of the GDPR, carry out a so-called “Data Protection Impact Assessment” (DPIA) and, if required, consult the Data Protection Authority in advance in this regard.