PRIVACY POLICY
LAST REVISED ON [25th of May 2018]
Scope of this Policy
This privacy policy (the “Policy” or the “Privacy Policy”) describes how btci.be collects, uses, consults or otherwise processes an individual’s Personal Data. For the purposes of this policy, “btci.be”, “we” or “us” refers to BTCI s.p.r.l., a company incorporated under Belgian law, registered at Parc Industriel de Tyberchamps 18, 7180 Seneffe Belgium having its registered seat and its offices at Parc Industriel de Tyberchamps 18, 7180 Seneffe Belgium, telephone number +32 64 44 30 63, email address: info@btci.be. In all cases described in this Policy, btci.be will process your personal data as a Data Controller.
We are committed to protecting the privacy of our users and customers. This Privacy Policy is especially directed at:
- visitors to the websites and mobile applications of btci.be;
- natural persons contacting us through the contact or other forms available on the websites and/or mobile applications;
- subscribers to our newsletter(s);
- employees
- external service providers
- clients
This Privacy Policy is intended to inform you how we gather, define, and use information that could identify you, such as your name, email address, address, other contact details, online identifiers or other information that you provide to us when using our websites and mobile applications or when you send it directly to us using the contact information provided by us on the website. Please take a moment to read this Privacy Policy carefully.
This policy is to be read as consistent with the Cookie Policy.
THIS POLICY INCLUDES A DESCRIPTION OF YOUR DATA PROTECTION RIGHTS, INCLUDING A RIGHT TO OBJECT TO SOME OF THE PROCESSING ACTIVITIES WE CARRY OUT.
Applicable legislation
For the purpose of this policy, the term “Data Protection Legislation” shall mean the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (the “GDPR“), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the processing of Personal Data and privacy that may exist under applicable law.
| Controller | The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. |
| Processor | A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller. |
| Recipient | A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not. |
| Third Party | A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data. |
| Supervisory Authority | An independent public authority which is established by a Member State pursuant to Article 51” of the GDPR. |
| Personal Data | Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. |
| Processing | Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
| Privacy Shield | The EU-U.S. and Swiss-U.S. Privacy Shield legal framework, designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring Personal Data from the European Union and Switzerland to the United States in support of transatlantic commerce. |
| Standard Contractual Clauses | Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data. |
| Personal Data Breach | A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed. |
What personal data we collect and why we collect it?
Through certain actions such as when you browse our website or ask us to provide you more information, you provide your consent to us to process information that may be personal information.
Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to our use of cookies.
Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally. We may aggregate it in a pseudonymized way and use it to provide class information, for example, to monitor the performance of a particular page on our website.
We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.
You may withdraw your consent at any time by instructing us privacy@btci.be. However, if you do so, you may not be able to use our website or our services further.
| Processed data categories | Source of data | Legal basis | Recipients of data |
|---|---|---|---|
| Name and Email Address | – Directly from you through our Contact Forms; – Directly from you through email service provider; – Directly from you through the Request for Proposal. |
– Your consent / opt-in obtained during filling our contact form; – The service contract we have with you. |
– IT service providers; – Other affiliates of btci.be; – Marketing communications service providers; – Our employees. |
| Media | – Directly from you through email service provider. | – The service contract we have with you. | – IT service providers; – Other affiliates of btci.be; – Marketing communications service providers; – Our employees. |
| Cookies | – Directly from you through our Contact Forms and/or Request Forms; – Comment Forms; – Login Forms; – Edit or publish an article: – Third-party websites/applications. |
– When the Visitor uses the website or application, cookies are used to identify its browser or device – they can collect all kinds of information which, as a rule, do not constitute personal data (do not allow the identification of the Visitor). Some information, depending on their content and use, may, however, be associated with a specific person – assigning certain behaviors to a specific Visitor, e.g. by linking them to the data provided during the registration of an account in the website – and thereby be considered as personal data. – Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly. |
– IT service providers; – Other affiliates of btci.be; – Marketing communications service providers; – Our employees. – Third-party websites/applications. |
| Embedded content from other websites | Third-party websites/applications. | – Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website; – These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. |
– Third-party websites/applications. |
| Electronic identification data (IP addresses, cookies, connection timing) | – Directly from you; – Third-party websites/applications. |
– If you visit our website we may collect electronic identification data about you like IP address, connection timing, via additional third-party tracking and monitor your interaction with our website. | – IT service providers; – Other affiliates of btci.be; – Marketing communications service providers; – Our employees. – Third-party websites/applications. |
| From our employees and external contractors: – Personal identification data (first name, last name, title, gender, ID/profile photograph, email, phone, address, national ID number, Tax number, VAT number, medical certificates); – Academic curriculum; – Professional experience; – Current job; – Professional qualification (skills, languages); – Payment information; – Information submitted or posted by you; – Location Data; |
– Directly from you; – Governmental authorities; – Third-party websites/applications. |
– For the performance of our labor or service agreement; – Labour legislation; – Accounting and finance legislation. |
– IT service providers; – Payroll, accounting, and legal service providers; – Banks; – Governmental authorities; – Our employees. |
What are your rights?
Once you have provided your Personal Data, the Data Protection Legislation grants you several rights, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example, if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request here privacy@btci.be.
Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.
Right to withdraw consent
Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative by logging into your account on our website (if you have one) or by contacting us here privacy@btci.be. The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent.
Right to access and rectify your data
You have the right to access, review, and rectify your Personal Data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to rectify any information like your name, email address, passwords and/or any other preferences, you can easily do so by logging into your account on our website (if you have one) or by contacting us here privacy@btci.be. You may also request a copy of the Personal Data processed as described in this Privacy Policy.
Right to erasure
In accordance with the Data Protection Legislation, you have the right to erasure of your Personal Data processed by us as described in this Privacy Policy in case it is no longer needed for the purposes for which the Personal Data was initially collected or processed or in the event you have withdrawn your consent or objected to processing as described in this Privacy Policy and no other legal ground for processing applies. Should you wish to have your Personal Data erased, please file a request here privacy@btci.be.
Right to restriction of processing
Under certain circumstances described in the Data Protection Legislation, you may ask us to restrict the processing of your Personal Data. This is, for example, the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.
Right to object to processing
Under certain circumstances described in the Data Protection Legislation, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes.
Right to data portability
Where you have provided your data directly to us and where the processing is carried out by automated means and based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.
Security measures
Appropriate technical and organizational measures are implemented in order to ensure an appropriate level of security of your Personal Data, including but not limited to encryption techniques, physical and IT system access controls, obligations of confidentiality, etc.
In the event personal information is compromised as a result of a Personal Data Breach and where such breach is likely to result in a high risk to the rights and freedoms, we will make the necessary notifications, as required under the Data Protection Legislation.
What rules apply to children?
We do not knowingly collect or solicit Personal Data from anyone under the age of 18.
In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at privacy@btci.be.
How is your Personal Data shared with Third Parties?
We only share or disclose information as described herein, including with Third Parties.
Your Personal Data will also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the Controller(s) legitimate interests in compliance with applicable laws (example for data concerning our subcontractors or employees).
Is your Personal Data transferred outside the EEA?
For the purposes described in this policy, your personal data will be kept within the EEA and transferred outside the EEA only to a country or countries which have been recognised by the European Commission to provide an adequate level of data protection.
How long will we keep your Personal Data?
We retain your Personal Data for as long as is required to fulfill the activities set out in this Privacy Policy, for as long as otherwise communicated to you or for as long as is permitted by applicable law. For example, we may retain your Personal Data if it is reasonably necessary to comply with any legal obligations, meet any regulatory requirements, resolve any disputes or litigation, or as otherwise needed to enforce this Policy and prevent fraud and abuse.
To determine the appropriate retention period for the information we collect from you, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
Does this Privacy Policy apply to Third Party websites?
If you click on a link to a Third Party website, you will be taken to a website we do not control and our Privacy Policy will no longer be in effect. Your browsing and interaction on any other website is subject to the terms of use and privacy and other policies of such Third Party website. Read the privacy policies of other websites carefully. We are not responsible or liable for the information or content on such Third Party Websites.
What happens if we make changes to this Policy?
We reserve the right to modify and update this Privacy Policy from time to time. We will bring these changes to your attention should they be indicative of a fundamental change to the processing or be relevant to the nature of the processing or be relevant to you and impact your data protection rights.
How to contact us?
Questions, comments, remarks, requests or complaints regarding this Privacy Policy are welcome and should be addressed to:
privacy@btci.be