Privacy Statement

CER version - 01/2021

FUP CER GROUPE, further to be named « CER », based rue de la Science 8, 6900 MARCHE-EN-FAMENNE, BELGIUM.

CER attaches importance to the protection of personal data. This privacy statement explains how CER handles information about an identified or identifiable natural person, as referred to in the General Data Protection Regulation (GDPR). If you have the impression that your data is not properly protected or there are indications of abuse, please contact us via info@cergroupe.be

1. Definitions

Personal data is data that enables direct or indirect identification of individuals. An example of direct identification is a person’s name. Indirect identification means that a person can still be identified without having this person’s name but is identified by-or in combination with other information, for example an IP address. Processing of personal data includes activities relating to personal data, for example collection, destroying, saving or viewing data.

2. Application

This privacy statement applies to the following categories of natural persons for whom CER might proces personal data:

  • (potential) customers (e.g. personal data of contacts and representatives of customers or data about business customers that can be traced back to a natural person (e.g. VAT number);
  • (potential) suppliers (e.g. personal data of contacts and representatives of suppliers or data about suppliers that can be traced back to a natural person (e.g. VAT number);
  • visitors to the CER office building;
  • visitors to CER’s website;
  • recipients of newsletters from CER;
  • participants of meetings organised by CER;
  • job applicants;
  • all other persons who contact CER or for whom CER processes personal data, with the exception of its employees and trainees.

3. Processing of personal data

CER processes personal data that:

  • have been provided personally by a data subject (during a discussion or meeting), by telephone, or digitally (via e-mail or web-forms), such as contact details and other personal data;
  • during a visit by a data subject to CER’s website or while reading digital newsletters, such as the IP address, the browsing behaviour on ourwebsite (such as information about the first visit, previous visit and current visit, the pages viewed and the way in which the website navigates) or the person concerned opens a newsletter or commercial e-mail of which we collect what subjects are clicked and/or opened;
  • CER has extracted from other sources, such as business social media platforms (e.g. LinkedIn), the register of the Chamber of Commerce and public business websites.

4. Processing purposes

CER processes personal data for the following purposes:

  • CER processes personal data in order to be able to perform its services. For example, personal data is processed in order to be able to process orders to suppliers, to process orders from customers and to be able to ship ordered products to customers or to contact customers or suppliers. CER processes the following personal data: name, address, telephone number, contact names;
  • CER processes personal data in order to be able to send invoices to customers and to be able to pay invoices from suppliers. CER processes the following personal data: name, address, bank details, email addresses, telephone numbers, contact names, permissions;
  • CER processes personal data for (direct) marketing purposes. CER can contact customers or interested individuals to highlight new products or to submit newsletters or to evaluate a meeting (such as a workshop or seminar). CER may process personal data of persons who have given their consent or to promote the legitimate interest of CER. The consent granted can be revoked at any time and at any time, you may object to the processing of your personal data for direct marketing purposes. The withdrawal or exercise of your right of objection does not affect the legality of processing before the time of withdrawal or exercise of the right of objection. CER processes the following personal data: e-mailing addresses, mailing preferences;
  • CER processes personal data for the development and optimization of its service and product offering. Personal data are also processed for market research. CER processes the following personal data: e-mail addresses.
  • CER processes personal data for the development and optimization of its website. CER’s website uses cookies in order to track user statistics. User statistics provide information about the number and the duration of website visits, which parts of the website are viewed and the website click behaviour. These are generic reports, which cannot be traced back to individual visitors;
  • CER processes personal data to comply with a legal obligation. For this purpose, CER processes the following personal data:name, address, bank details, email addresses, telephone numbers, contact names, permissions, payment obligations, financial and legal documents.

5. Legal basis

CER processes personal data on the basis of the following legal grounds:

  • consent by the data subject, which may always be withdrawn, without prejudice to the legality of processing on the basis of the consent before withdrawal;
  • execution of or for the purpose of closing an agreement to provide or receive services or products;
  • a legal obligation;
  • a legitimate interest, such as the use of contact details for inviting you to a meeting (such as a workshop or seminar) or sending the CER newsletter.

6. Security

CER provides appropriate technical and organizational security measures to protect personal data from, among other things, abuse, loss, unauthorized access, unwanted disclosure and unauthorized changes or any other form of unlawful processing of personal data. CER does this by taking physical and organizational measures for access security and shielding any desktop with username and password. Furthermore, implementing the latest software updates and regularly testing security measures is part of our security measures. The CER website uses a reliable SSL Certificate to ensure that your personal data is secured.

7. Data Processors and third parties

CER can use service providers (data processors) who only process personal data according to the instructions of CER in order to process personal data. CER concludes a processing agreement with data processors governed by the requirements of the General Data Protection Regulation (GDPR). CER only provides your personal data to third parties if this is necessary for the execution of an agreement with you, or to comply with a legal obligation. Our employees and the third parties we have engaged are obliged to respect the confidentiality of your data.

8. Data retention

CER does not keep personal data for longer than necessary for the execution of the purposes mentioned in CER’s privacy statement and no longer than is required or permitted under legal (e.g. tax) provisions.

9. Rights, questions and complaints

A data subject has the right to request CER to view, rectify, delete, transfer, restrict processing and object to the processing of personal data. To prevent abuse, CER ask you to identify yourself. Further, whether you can exercise a certain right in a given situation is also governed by law, hence we cannot always honour your request. A data subject can contact CER sending an e-mail message to info@cergroupe.be. If you have any complaints about the processing of your personal data, you can send an e-mail to info@cergroupe.be. If you feel that your rights have beenviolated, a complaint may also be filed with the Belgian Data Protection Authority.

10. Privacy Statement Changes

CER can always change this privacy statement. The changes will be published on the CER website. Therefore it is a good idea to check this privacy statement regularly so that you are aware of any changes.

11.Consent to the use of cookies.

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

  • Your consent status or the withdrawal of consent
  • Your anonymised IP address
  • Information about your Browser
  • Information about your Device
  • The date and time you have visited our website
  • The webpage url where you saved or updated your consent preferences
  • The approximate location of the user that saved their consent preference
  • A universally unique identifier (UUID) of the website visitor that clicked the cookie banner