- Who is responsible for the processing of personal data?
- What do a number of important terms in this policy mean?
- When do we collect which personal data from you, what do we do with it and why are we allowed to do this and for how long do we keep it?
- How do we protect your personal data?
- Who has access to your personal data?
- What are your rights as a data subject?
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA
The data controller for the processing of your personal data is ACA IT-Solutions, with registered office Herkenrodesingel 8B 2.01, 3500 Hasselt.
These are our contact details: by phone +3220.127.116.11 or by email at: firstname.lastname@example.org.
For questions regarding the processing of your personal data, it is best to contact our DPO who can be reached at the following email address: email@example.com.
WHAT DO SOME IMPORTANT TERMS IN THIS POLICY MEAN
- GDPR: The General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data entered into force on 25 May 2018. Also known as GDPR - General Data Protection Regulation.
- Personal data: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Processing of personal data: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Data Subject: Any natural person, such as a website visitor.
- Data Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of ACA IT-Solutions.
- Data Processing Agreement (DPA): A binding written agreement, which states that the processor shall only act on the controller's instructions; and that it provides sufficient guarantees to protect the personal data that it processes.
- Standard Contractual Clauses (SCC): The Standard Contractual Clauses are standard sets of contractual terms and conditions which the sender and the receiver of personal data both sign up to, aimed at protecting personal data leaving the European Economic Area (EEA) through contractual obligations in compliance with the GDPR’s requirements in territories which are not considered to offer adequate protection to the rights and freedoms of data subjects.
- Data Retention: The policies within ACA IT-Solutions to the time period for storing/processing personal data.
- Cookies: Cookies are small files which are stored on a user's computer when visiting a website.
WHEN DO WE COLLECT WHICH PERSONAL DATA OF YOU, WHAT WE DO WITH IT, WHY MAY WE KEEP THIS AND HOW LONG DO WE STORE IT?
Who and which personal data
Purpose and legal basis
Your Identification and contact data when you contact us by telephone, the contact form on the website or through email.
|We need your identification data and contact data for the performance of the agreement to know who we communicate with and to answer your questions.||1 month after the request has been received, we will remove your personal data unless your request results in a collaboration or similar agreement. In that case your data will be removed one year after the collaboration has been ended.|
|Your Identification and contact data||Only with your consent, we sent you our newsletters. You can always unsubscribe through the link in each email.||We keep your personal data until 1 year after you have unsubscribed from our newsletter and other direct marketing updates.|
|Your Identification and contact data||We have a Legitimate Interest to contact people with whom there has already been earlier contacts with regard to business purposes.||The data of these contact people will be kept until an opt-out has taken place or until they have asked to be removed from the databases.|
|Identification and contact data||We have a Legitimate Interest to contact people with whom we would like to discuss a business opportunity and that we haven’t contacted yet. These are people that we would like to contact by phone, email, video call, LinkedIn, …||These people will be kept in our database for a maximum of 60 days and will be deleted if there hasn’t been any business contact or direct marketing consent during those 60 days.|
|Job applicants : CV, notes during the job interview, motivational letters, …||These data are processed for the purpose of the application procedure and are necessary for a possible agreement to be concluded when you send us your application for a published job offering or when you send us your candidacy spontaneously.||Name, email address, job area of interest and the reason for termination of the application will be kept for 3 years to keep you up-to-date on other interesting vacancies at ACA IT-Solutions NV that fall within your area of expertise. Resumes will be kept for 3 months after the application process.|
|All personal data that can be included in case of a complaint||In case you would contact us to file a complaint we have a legitimate interest to use all personal data involved for handling these complaints. In addition to identification data, other personal data can also be processed, depending on the complaint.||12 months after the request has been closed, we will remove your personal data unless we are required by law to keep the data for a longer period.|
ACA IT-Solutions has no further processing with the personal data of website visitors, applicants, partners, … All the processing activities are described in the table above.
HOW DO WE PROTECT YOUR PERSONAL DATA
Your privacy is our top priority, which is why we do everything we can to protect your personal data. We have taken all appropriate technical and organizational measures to protect your data against a possible data breach.
WHO HAS ACCESS TO YOUR PERSONAL DATA
Within our organization, only authorized staff members and the persons we designate have access to your personal data. These are only those persons who require access for the correct performance of their function or for the needs of the service.
Personal data will never be passed on by us to third parties / processors, unless:
- There are legal obligations
- Each of these parties offers the necessary guarantees that your personal data will be processed in accordance with the requirements of Belgian privacy legislation and the European General Data Protection Regulation and all implementing decrees.
- For certain processing within the implementation of our agreement, such as IT support, we call on other parties. We have concluded a processor agreement with these parties to ensure that your personal data is also processed by them in a safe and confidential manner. The processor agreement guarantees appropriate technological and organizational protective measures. Your personal data is therefore in good hands with them.
ACA IT-Solutions uses Google Workspace, an application from Google, as email tool and for (some) data storage. We also work with Mailchimp for our newsletters and Hubspot. With all of these companies Standard Contractual Clauses (SCC) were signed as required by GDPR. Except in the situations described above, your personal data will not be transferred to third countries without your prior consent. Under no circumstances will they be sold, rented or made available to third parties without your prior consent.
Marketing and analytical cookies will only be used with your consent. Functional and technical required cookies are always activated. For more information you can read the text in the tool.
As a visitor you can easily change your preferences by accessing the tool which can be done on the following page: https://www.acagroup.be/en/cookie-policy.
WHICH ARE YOUR RIGHTS AS A DATA SUBJECT
As a data subject, you have a number of rights with regard to your personal data. These are described below.
|Right of access||You can always send a request to ACA IT-Solutions to get an overview of all we process about you or to obtain an expression of this in a readable format. When you request this information, ACA IT-Solutions will provide it with all necessary information such as: the processing, the retention period, the legal basis for processing and the recipients. This information will be sent to you within one month.|
|Right of rectification||You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning yourself.|
|Right to erasure||
If you no longer wish ACA IT-Solutions to process your personal data, you can request (by email) to remove this data from our files / databases.
However, this is not an absolute right and you should be aware that other legislation may limit this right. E.g. you cannot request deletion of data on which a legally defined retention period has been set and this retention period has not yet been reached.
You can have all personal data that we process from you on the basis of "consent" removed immediately when you withdraw your consent. This can be done by simple request by e-mail.
However, if disputes are ongoing, for example a lawsuit or other discussion that may have legal consequences, our interest in retaining this data is more important than your right to erasure. We cannot delete data while such activities are in progress.
|Right of restriction of processing||
If you do not agree with one or more of the processing activities that ACA IT-Solutions does with your data, you can invoke a restriction on that specific processing activity. This can be done with a simple question by e-mail.
|Right to object||
You have the right to object to any processing of your personal data for which we believe we have a legitimate interest. The processing of relevant personal data is stopped, unless we put forward compelling legitimate grounds for this processing that outweigh your interests, rights and freedoms or if these personal data are related to the establishment, exercise or defence of legal claims.
|Right of dataportability||
If you want to move to another similar service, you can ask ACA IT-Solutions (by e-mail) to supply the data you have provided in a digital format so that you can communicate it to a similar organization. [This only applies for personal data processed using consent or on the basis of a contract]
|Right to lodge a complaint||
If you consider that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgium Authority: Gegevensbeschermingsautoriteit (GBA), Drukpersstraat 35, 1000 Brussels.
|Right to withdraw consent||
At any time and without having to motivate this you have the right to withdraw your consent for any personal data processing by ACA IT-Solutions based on consent as legal basis.
WHO DO YOU CONTACT IN CASE OF QUESTIONS REGARDING THE POLICY?