PRIVACY POLICY
Who are we?
Community Consulting SRL, a private limited company under Belgian law, with registered office in Belgium, 1332 Genval, Avenue Albert 1er 72, and registered with the Crossroads Bank for Enterprises under number 0784.416.531 (“CC”), is responsible for the processing of the personal data as shown in this privacy policy (the “Privacy Policy”).
As CC values and respects the privacy and security of personal data, your personal data will only be processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, better known as the General Data Protection Regulation (GDPR), as well as any applicable national regulations.
What data do we process?
CC processes personal data as part of its activities. “Personal data” must be understood to mean all information relating to an identified or identifiable person.
“Processing” shall mean any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
CC processes the following categories of your personal data as a natural person :
identification data (e.g., your first name, your surname);
your main residence;
other personal contact information, including any information that CC needs to contact you personally (such as postal and billing information, e-mail address, and telephone number);
data relating to your professional activities (such as your curriculum vitae);
financial details;
data regarding your agreements with CC; and
processing of payments and your payment history.
CC collects and processes your personal data among other things through agreements you enter into with us, your voluntary submission of such data (e.g., via contact forms), your voluntary submissions of such data on websites and social media that CC can access with a monthly fee (e.g., LinkedIn, Norriq, BoondManager, etc.)(the “ERP Systems”) and through the use of our website and social media.
This Privacy Policy does not apply to the processing of anonymous or corporate data.
Why do we process your data?
As controller, CC determines the purpose of and the means for processing your personal data. CC does this in its capacity as a company with which you have a contractual relationship as a customer or as a supplier, as contractor to ERP Systems to which you voluntary submitted personal data or as a visitor to the website or social media.
We will use the information provided by you for the following purposes:
to be able to put you in contact with our clients, consultants or applicants;
to be able to execute the agreements concluded with you;
to fulfil the applicable legal obligations of CC;
as part of its supplier and customer management; and
after explicit consent, for marketing purposes, including sending newsletters and occasional advertising messages.
The provision of your personal data is a prerequisite for the conclusion of an agreement with CC. In the absence of the provision of the required personal data, no agreement can be concluded.
On what basis do we process this data?
We will process the data you provide for the above purposes because:
it is necessary to execute an agreement to which you are a party;
it is part of a legal obligation of CC;
we have a justified, legitimate interest in doing so, and in particular the data processing is part of the normal business operations of CC, whereby it takes strict care to process only those data that are strictly necessary for the purpose for which it processes them;
you gave your consent to an ERP System CC uses; or
we have your consent.
To whom do we pass on your data?
Within CC your personal data are only accessible to those employees and staff who, as part of their duties, need access to your personal data. These employees are bound by strict internal rules regarding the processing of personal data.
CC does not disclose personal data except as described below. We may share your personal data with:
group companies;
external service providers who perform services on our behalf based on our instructions, including (i) insurers and insurance brokers, (ii) social secretariat, (iii) credit institutions (in the context of their compliance), (iv) external accountants, (v) IT suppliers, (vi) marketing companies; and
authorities: If the authorities are conducting an investigation, we may share your personal information with the authorities if required by law. We may also disclose your personal information if it is absolutely necessary for the prevention, detection or prosecution of criminal offences.
If CC uses external parties for the purpose of processing your personal data, it shall only use external parties that offer adequate guarantees to ensure the processing complies with the legal requirements and your rights are guaranteed.
In principle, CC does not transfer your personal data to third parties from countries outside the European Economic Area (“EEA”), unless it is in your interest, and you have given your prior consent to do so. If the protection of personal data in this country outside the EEA is not equivalent to the protection of personal data within the EEA, CC will take the necessary contractual measures to ensure that the personal data is protected in accordance with the higher standard of protection within the EEA. If third parties on which CC relies process personal data outside of the EEA, CC shall ensure that written contractual clauses are agreed to provide equivalent protection in accordance with requirements imposed by the European Commission regarding privacy protection and data exchange with countries outside of the EEA.
We reserve the right to transfer any personal data we hold about you in the event that we sell or transfer part or all of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to ensure that the transferee processes the personal data you have provided to us in a manner consistent with our Privacy Policy.
Protection of your personal data
CC recognises the importance of protecting your personal data and takes sufficient technical and organisational precautions to protect this data as comprehensively as possible against loss, theft, misuse and unauthorised access.
How long do we keep your data?
CC will retain your personal data no longer than necessary for the stated purposes, taking into account our need to answer questions and resolve problems, to improve services and offer new services, and to comply with legal requirements.
This means that we may keep your personal data for a maximum period of ten (10) years after your last cooperation with CC. When the personal data we collect is no longer required, we will securely destroy or delete it.
What rights do you have?
Right to withdraw consent: You have the right at any time to withdraw your consent to data processing or to object to processing of your personal data by CC on the basis of a legitimate interest. This does not affect the lawfulness of the processing before this withdrawal.
Right of inspection: You have the right to receive information from CC as to whether or not your personal data are being processed, as well as the right to inspect them.
Right of rectification: You have the right to obtain from CC without delay the rectification of inaccurate personal data.
Right to erasure: You have the right to obtain from CC the erasure of personal data without unreasonable delay, in the following cases: (i) the personal data are no longer necessary for the purposes for which they were collected, (ii) the consent on which the processing is based is withdrawn, (iii) you object to the processing that is justified by general or legitimate interest, or that is done for the purpose of direct marketing, (iv) the personal data have been processed unlawfully, (v) the personal data must be deleted to comply with a legal obligation, (vi) the data have been obtained in connection with an offer of information society services to a child.
Right to restriction of processing: You also have the right to restrict the processing of your personal data in a number of limited situations, in particular: if (i) you dispute the accuracy of the personal data, (ii) the processing is unlawful and you oppose the erasure of the personal data, (iii) we no longer need your data for the processing purposes, but you still require them for the establishment, exercise or substantiation of a legal claim, (iv) you have objected to the processing on the grounds of the legitimate interests of CC.
Right to data portability: You have the right, under certain circumstances, to obtain your personal data in a structured, commonly used and machine-readable form, and to transfer it to another data controller. This means that you can request us to send the personal data we hold about you in a computer file to you or another organisation named by you.
Right to object to marketing purposes: You have the right to object at any time to any processing of your personal data for direct marketing purposes.
You can send a request for access, correction, deletion, data modification or restriction of your personal data or request to withdraw your consent or objection to the processing of your personal data to CC.
To ensure that the request for inspection is made by you, please enclose a copy of your identity document with the request. In this copy, please obscure your passport photo, MRZ (“machine readable zone”), the strip with numbers at the bottom of the identity document), the document number (card number or passport number) and the national register number. This is to protect your privacy.
CC undertakes to respond to your request as soon as possible, but no later than thirty (30) days.
You have the option of submitting a complaint to the national supervisory authority, the Data Protection Authority. You can do this via the following contact details:
Data protection authority
Rue de la Presse 35, 1000 Brussels
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
E-mail: contact@apd-gba.be
Links to other websites
This website may contain links to other websites. This Privacy Policy does not extend to your use of those websites. CC is not responsible for the privacy practices of other websites or how they collect, store, use or distribute information.
Cookies
CC may receive information about your use of our website or (website) application through cookie files (“cookies”).
Visitors of our website or (website) application can consult our Cookie Policy here.
Changes to this Privacy Policy
CC reserves the right to make changes to this Privacy Policy. Each change will be posted on the website and as soon as these are posted on the website, you will be deemed to have taken note of this change and to have accepted it during your first use of the website that followed the change. You are therefore advised to consult our Privacy Policy regularly via our website or (website) application.
Contact us
If there are any questions regarding this Privacy Policy, please do not hesitate to contact us using the information below:
Address: Avenue Albert 1er 72, 1332 Genval, Belgium
E-mail address: info@communityconsulting.be
Telephone: 0474/93.96.47