Privacy StatementCER version - 01/2021
FUP CER GROUPE, further to be named « CER », based rue de la Science 8, 6900 MARCHE-EN-FAMENNE, BELGIUM.
CER attaches importance to the protection of personal data. This privacy statement explains how CER handles information about an identified or identifiable natural person, as referred to in the General Data Protection Regulation (GDPR). If you have the impression that your data is not properly protected or there are indications of abuse, please contact us via firstname.lastname@example.org
Personal data is data that enables direct or indirect identification of individuals. An example of direct identification is a person’s name. Indirect identification means that a person can still be identified without having this person’s name but is identified by-or in combination with other information, for example an IP address. Processing of personal data includes activities relating to personal data, for example collection, destroying, saving or viewing data.
This privacy statement applies to the following categories of natural persons for whom CER might proces personal data:
- (potential) customers (e.g. personal data of contacts and representatives of customers or data about business customers that can be traced back to a natural person (e.g. VAT number);
- (potential) suppliers (e.g. personal data of contacts and representatives of suppliers or data about suppliers that can be traced back to a natural person (e.g. VAT number);
- visitors to the CER office building;
- visitors to CER’s website;
- recipients of newsletters from CER;
- participants of meetings organised by CER;
- job applicants;
- all other persons who contact CER or for whom CER processes personal data, with the exception of its employees and trainees.
3. Processing of personal data
CER processes personal data that:
- have been provided personally by a data subject (during a discussion or meeting), by telephone, or digitally (via e-mail or web-forms), such as contact details and other personal data;
- during a visit by a data subject to CER’s website or while reading digital newsletters, such as the IP address, the browsing behaviour on ourwebsite (such as information about the first visit, previous visit and current visit, the pages viewed and the way in which the website navigates) or the person concerned opens a newsletter or commercial e-mail of which we collect what subjects are clicked and/or opened;
- CER has extracted from other sources, such as business social media platforms (e.g. LinkedIn), the register of the Chamber of Commerce and public business websites.
4. Processing purposes
CER processes personal data for the following purposes:
- CER processes personal data in order to be able to perform its services. For example, personal data is processed in order to be able to process orders to suppliers, to process orders from customers and to be able to ship ordered products to customers or to contact customers or suppliers. CER processes the following personal data: name, address, telephone number, contact names;
- CER processes personal data in order to be able to send invoices to customers and to be able to pay invoices from suppliers. CER processes the following personal data: name, address, bank details, email addresses, telephone numbers, contact names, permissions;
- CER processes personal data for (direct) marketing purposes. CER can contact customers or interested individuals to highlight new products or to submit newsletters or to evaluate a meeting (such as a workshop or seminar). CER may process personal data of persons who have given their consent or to promote the legitimate interest of CER. The consent granted can be revoked at any time and at any time, you may object to the processing of your personal data for direct marketing purposes. The withdrawal or exercise of your right of objection does not affect the legality of processing before the time of withdrawal or exercise of the right of objection. CER processes the following personal data: e-mailing addresses, mailing preferences;
- CER processes personal data for the development and optimization of its service and product offering. Personal data are also processed for market research. CER processes the following personal data: e-mail addresses.
- CER processes personal data to comply with a legal obligation. For this purpose, CER processes the following personal data:name, address, bank details, email addresses, telephone numbers, contact names, permissions, payment obligations, financial and legal documents.
5. Legal basis
CER processes personal data on the basis of the following legal grounds:
- consent by the data subject, which may always be withdrawn, without prejudice to the legality of processing on the basis of the consent before withdrawal;
- execution of or for the purpose of closing an agreement to provide or receive services or products;
- a legal obligation;
- a legitimate interest, such as the use of contact details for inviting you to a meeting (such as a workshop or seminar) or sending the CER newsletter.
CER provides appropriate technical and organizational security measures to protect personal data from, among other things, abuse, loss, unauthorized access, unwanted disclosure and unauthorized changes or any other form of unlawful processing of personal data. CER does this by taking physical and organizational measures for access security and shielding any desktop with username and password. Furthermore, implementing the latest software updates and regularly testing security measures is part of our security measures. The CER website uses a reliable SSL Certificate to ensure that your personal data is secured.
7. Data Processors and third parties
CER can use service providers (data processors) who only process personal data according to the instructions of CER in order to process personal data. CER concludes a processing agreement with data processors governed by the requirements of the General Data Protection Regulation (GDPR). CER only provides your personal data to third parties if this is necessary for the execution of an agreement with you, or to comply with a legal obligation. Our employees and the third parties we have engaged are obliged to respect the confidentiality of your data.
8. Data retention
CER does not keep personal data for longer than necessary for the execution of the purposes mentioned in CER’s privacy statement and no longer than is required or permitted under legal (e.g. tax) provisions.
9. Rights, questions and complaints
A data subject has the right to request CER to view, rectify, delete, transfer, restrict processing and object to the processing of personal data. To prevent abuse, CER ask you to identify yourself. Further, whether you can exercise a certain right in a given situation is also governed by law, hence we cannot always honour your request. A data subject can contact CER sending an e-mail message to email@example.com. If you have any complaints about the processing of your personal data, you can send an e-mail to firstname.lastname@example.org. If you feel that your rights have beenviolated, a complaint may also be filed with the Belgian Data Protection Authority.
10. Privacy Statement Changes
CER can always change this privacy statement. The changes will be published on the CER website. Therefore it is a good idea to check this privacy statement regularly so that you are aware of any changes.