DATA PROTECTION NOTICE FROM THE DENYS GROUP. This Data Protection Notice applies to all companies cited below, which are part of the Denys group:

Similar documents
DATA PROTECTION POLICY 2016

DATA PROTECTION NOTICE

INFORMATION WITH REGARD TO THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH REGULATION (EU) 2016/679 AND THE RELEVANT GREEK LEGISLATION

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you:

Data Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents

UK SCHOOL TRIPS PRIVACY POLICY

What you need to know. about GDPR. as a Financial Broker. Sponsored by

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

This privacy policy (the 'conditions') was last amended in May 2016.

DATA PROTECTION POLICY WINCHESTER CITY COUNCIL. Data Protection Policy

GDPR transparency notice for candidates (contractors and permanents)

GDPR Privacy Notice for Staff

Data Protection Policy

Impact. Data Privacy Statement. Outcomes-Based Learning. Introduction

Syntel Human Resources Privacy Statement

Human Resources. Data Protection Policy IMS HRD 012. Version: 1.00

General Data Protection Regulation. What should community energy organisations be doing to prepare?

General Data Protection Regulation (GDPR) Frequently Asked Questions

Policy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent

DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS

Foundation trust membership and GDPR

PREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER

General Personal Data Protection Policy

PRIVACY NOTICE (applicable from May 25th 2018)

THE GENERAL DATA PROTECTION REGULATION: A BRIEF OVERVIEW (*)

General Data Protection Regulation (GDPR) A brief guide

Personal data: By Personal data we understand all information about identified or identifiable natural ( data subject ) according to GDPR

DATA PROTECTION POLICY

Opus2 or an Opus2 Affiliate within the Group (as applicable), shall be the Data Controller in respect of the Personal Data covered in this Notice.

Data Protection Policy

EU GENERAL DATA PROTECTION REGULATION

Guidance on the General Data Protection Regulation: (1) Getting started

Data Protection/ Information Security Policy

UK Research and Innovation (UKRI) Data Protection Policy

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION

Supplemental guide to the GDPR for HR professionals

Guidelines on the protection of personal data in IT governance and IT management of EU institutions

ACCENTURE BINDING CORPORATE RULES ( BCR )

PERSONAL DATA PROTECTION POLICY

GENERAL TERMS OF ACCESS AND USE FOR THE SYNERTRADE WEB SITE sanofi.synertrade.com

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (89) 2 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES

Auditing of Swedish Enterprises and Organisations

LAST UPDATED June 11, 2018 DATA PROTECTION POLICY. International Foundation for Electoral Systems

ARTICLE 29 Data Protection Working Party

General Data Protection Regulation

Customer Data Protection. Temenos module for the General Data Protection Regulation (GDPR)

GDPR Factsheet - Key Provisions and steps for Compliance

Data Protection Policy

ARTICLE 29 DATA PROTECTION WORKING PARTY

General Data Protection Regulation. The changes in data protection law and what this means for your church.

GENERAL TERMS AND CONDITIONS FOR USING THE JUVENTUS eprocurement PORTAL

Broad Run Investment Management, LLC

The General Data Protection Regulation (GDPR) and Data Protection Act (DPA) 2017

EDPS - European Data Protection Supervisor CEPD - Contrôleur européen de la protection des données

TECHNICAL RELEASE TECH 05/14BL. Data Protection Handling information provided by clients

General Optical Council. Data Protection Policy

Data Protection. Policy

Humber Information Sharing Charter

INTERNATIONAL WHAT GDPR MEANS FOR RECORDS MANAGEMENT

Terms & Conditions Lucas Bols INTRODUCTION

Quick guide to the employment practices code

PRIVACY POLICY AND PERSONAL INFORMATION COLLECTION STATEMENT

The General Data Protection Regulation and associated legislation. Part 1: Guidance for Community Pharmacy. Version 1: 25th March 2018

Salesforce s Processor Binding Corporate Rules. for the. Processing of Personal Data

Privacy Policy for Employees

Dealing with the EU Data Protection Regulation in Practice. William Long, Partner Sidley Austin LLP February 11, 2016

SAI Global Full Service Team

A GDPR Primer For U.S.-Based Cos. Handling EU Data: Part 1

Prior Checking Opinion

Vendor Agreements and the New EU GDPR Steps to Take Now

ON ARM S LENGTH. 1. Introduction. 2. Background

SIGBI DATA PROTECTION PROTOCOLS 2018

CANDIDATE DATA PROTECTION STANDARDS

WORK PLACEMENT CONTRACT FOR WORK PLACEMENTS, INTERNSHIPS AND GRADUATION ASSIGNMENTS IN THE NETHERLANDS

General user conditions for supplier s applications and the AUMA supplier portal

ARTICLE 29 Data Protection Working Party

EQUASS 2018 ASSURANCE PROCEDURES

Pursuant to Convention No. 108 of the Council of Europe for the protection of persons with regard to the automated processing of personal data;

Getting Ready for the GDPR

New General Data Protection Regulation - an introduction

GDPR factsheet Key provisions and steps for compliance

Getting ready for the new UK data protection law Eight practical steps for micro business owners and sole traders

Employee Privacy Notice

EDPS - European Data Protection Supervisor CEPD - Contrôleur européen de la protection des données

A Parish Guide to the General Data Protection Regulation (GDPR)

Data Privacy Policy for Employees and Employee Candidates in the European Union

What is GDPR and Should You Care?

Breakthrough Data Protection Policy Approved by Lead Organisation: November 2017 Next Review Date: November 2018

Preparing for the General Data Protection Regulation (GDPR)

EU General Data Protection Regulation (GDPR) Tieto s approach and implementation

Data protection (GDPR) policy

Presenting a live 90-minute webinar with interactive Q&A. Today s faculty features:

Code of Conduct Suppliers Deloitte Netherlands. Version 1.0

Discussion Paper on innovative uses of consumer data by financial institutions

PRIVACY POLICY MAW Men at Work S.p.A. Agenzia per il Lavoro S.p.A

The new EU data protection Regulation: The business opportunity beyond legal compliance. Kalliopi Spyridaki Chief Privacy Strategist, Europe

AmCham EU s Recommendations on GDPR Implementation

General Terms and Conditions of Business and Customer Information

Tourettes Action Data Protection Policy

Transcription:

DATA PROTECTION NOTICE FROM THE DENYS GROUP INTRODUCTION This Data Protection Notice applies to all companies cited below, which are part of the Denys group: - NV Denys Global with registered offices at Van Orleystraat 15, 1000 Brussels and enterprise number 0416.598.964; - NV Denys with registered offices at Industrieweg 124, 9032 Wondelgem and enterprise number 0416.585.801; - NV Denys Support with registered offices at Industrieweg 124, 9032 Wondelgem and enterprise number 0508.751.736; - SAS Denys France with registered offices at 21, Boulevard Haussman 75009 Paris and enterprise number 503 648 180 R.C.S. Paris - Denys Ltd with registered offices at 8, Northumberland Avenue, WC2N 5BY London and enterprise number 5813452; - Denys Engineers & Contractors BV with registered offices at Darwinstraat 5, 2722 PX Zoetermeer and Chamber of Commerce no. 27142635; - SA Conduites et Entreprises with registered offices at Avenue Jean Mermoz 22, 6041 Gosselies and enterprise number 0418.544.409; - NV Building with registered offices at Vaartstraat 174, 2520 Oelegem and enterprise number 0404.626.788; - NV Socea with registered offices at Vaartstraat 174, 2520 Oelegem and enterprise number 0889.622.355; - NV Foremost Immo with registered offices at Van Orleystraat 15, 1000 Brussel and enterprise number 0866.848.319; - NV Future Foundations with registered offices at Industrieweg 124, 9032 Wondelgem and enterprise number 0644.842.934; - NV Arcaterra with registered offices Industrieweg 124, 9032 Wondelgem and enterprise number 0883.551.026; 1/6

- NV Artenys with registered offices at Kleinvleeshuissteeg 2 bus A, 9000 Gent and enterprise number 0556.696.658; The Denys group attaches considerable importance to your personal data being collected and processed in a secure, transparent and confidential manner. In particular, we aim to protect data concerning our clients, subcontractors and suppliers, etc. against loss, breaches, errors, unauthorised access and improper processing, among other things. By means of this Data Protection Notice, we wish to inform you about the collection and processing of your personal data. We ask you to read this Data Protection Notice carefully, since this contains essential information on how your personal data is processed and for what purpose. By providing your personal data, you explicitly declare to have read this Data Protection Notice, and also explicitly agree with it, as well as with the processing itself. APPLICABILITY This Data Protection Notice relates to all services we provide, and in general to all activities we perform. CONTROLLER AND ITS COMMITMENTS The companies stated in the introduction are controllers of your personal data. When collecting and processing your personal data, we respect Belgian regulations concerning protecting personal data, as well as the General Data Protection Regulation (GDPR) as of its entry into force on 25 May 2018. PERSONAL DATA According to your activities and your relationship with our company, you provide us with the following personal data: your identity and contact details (name, title, address, email address, telephone and mobile number). For specific legal obligations (electronic attendance registration, art. 30Bis declaration of works), it may be that you provide us with additional data so as to record your attendance (such as E-ID details, Limosa number). We would like to refer to your bearing responsibility for all data you provide us, and that we rely on its accuracy. Should your data no longer be up to date, please inform us immediately. Although you are not obliged to communicate your personal data, you understand that providing certain services or collaboration becomes impossible if you do not agree with it being collected and processed. PURPOSES FOR PROCESSING AND LAWFUL BASIS Client data Within the scope of our services and our activities, we collect and process the identity and contact details of our customers and clients, their staff, employees, appointees and other useful contacts. The purposes for this 2/6

processing is to implement agreements with our clients, client management, accounting and direct marketing activities such as sending out promotional and commercial information. The lawful bases are implementing the agreement, fulfilling legal and regulatory obligations (such as the art. 30Bis declaration of works) and/or our legitimate interest. Data concerning suppliers, subcontractors and service providers We collect and process the identity and contact details of our suppliers, subcontractors and service providers, as well as their potential (sub)contractor(s), their staff, employees, appointees and other useful contacts. The purposes of this processing are implementing this agreement, managing the suppliers/subcontractors/service providers, accounting and direct marketing activities such as sending out promotional or commercial information. The lawful bases are implementing the agreement, fulfilling legal and regulatory obligations (such as, for example, compulsory electronic attendance registration, the art. 30Bis declaration of works, the attendance list or other obligations in the case of public procurement contracts) and/or our legitimate interest (such as for direct marketing). If necessary, E-ID data or the Limosa number are also processed for electronic attendance registration. Permission will always be requested for direct marketing activities by email (such as a newsletter or invitation to events), which can be withdrawn at any time. Staff data We process our employees personal data within the scope of our staff management and payroll administration. Given its specific nature, this processing is regulated more extensively in a Data Protection Policy for employees. Other data Besides data concerning clients, suppliers/subcontractors and staff, we also process personal data concerning others, such as possible new clients/prospects, useful contacts within our sector, network contacts and expert contacts. The purposes of this processing are in the interests of our activities, direct marketing and public relations. The lawful basis is our legitimate interest or, in certain cases, the implementation of an agreement. DURATION OF THE PROCESSING We store and process personal data for a period necessary depending on the purposes of the processing and the role of the relationship (contractual or otherwise) we have with you. Client data and data concerning suppliers or subcontractors will in any event be deleted from our systems following a 10-year period after the agreement or the project has ended, except concerning personal data we are obliged to store for longer based on specific legislation, or in the event of an ongoing dispute for which the personal data is still required. RIGHTS In accordance with and under the conditions of Belgian privacy legislation and the provisions of the General Data Protection Regulation, we inform you that you have the following rights: - Right of access: you are entitled, free of charge, to access the data we have concerning you and to 3/6

verify the purpose for which this is used. - Right to rectification: you are entitled to have your incorrect personal data rectified (correction), as well as to have incomplete personal data completed. - Right to erasure or restriction: you are entitled to request us to erase your personal data or to restrict its processing in the circumstances and under the conditions as stipulated in the General Data Protection Regulation. We may refuse to erase or restrict any personal data essential to us for performing a legal obligation, implementing the agreement or our legitimate interest, provided this data is necessary for the purposes for which it was collected. - Right to data portability: you are entitled to obtain the personal data you have provided us in a structured, commonly used and machine-readable form. You are entitled to transfer this data to another controller for processing. - Right to object: you are entitled to object to your personal data being processed due to serious and legitimate reasons. Please also take into account that you are unable to object to processing personal data that is essential to us for performing a legal obligation, implementing the agreement or our legitimate interest, provided this data is necessary for the purposes for which it was collected. - Right to withdraw permission: If the processing of personal data is based on prior permission, you have the right to withdraw this permission. This personal data will then only be processed if we have another lawful basis to do so. - Automatic decision-making and profiling: we confirm that processing personal data does not entail profiling, and that you are not subject to fully automated decisions. You may exercise the above rights by sending an email to the Denys group: dataprotection@denys.com. We do our utmost to handle your personal data in a careful and legitimate manner, in accordance with applicable regulations. If you nevertheless believe your rights have been violated and your concerns are not addressed within our company, you are free to lodge a complaint with: Belgium: Gegevensbeschermingsautoriteit/ Data Protection Authority Rue de la Presse/Drukperssraat 35, 1000 Brussels Tel. 02 274 48 00 Fax: 02 274 48 35 http://www.dataprotectionauthority.be The Netherlands Autoriteit Persoonsgegevens (Dutch Data Protection Authority) Postbus 93374 2509 AJ The Hague (Den Haag) Tel. 088 1805 250 www.autoriteitpersoonsgegevens.nl/en 4/6

France Commission Nationale de l Informatique des Libertés 3 Place de Fontenoy TSA 80715 75334 Paris Cedex 07 Tel. 01 53 73 22 22 www.cnil.fr/en UK: Information Commissioner s Office Wycliffe House, Water Lane, Wilmslow Cheshire SK9 5AF Tel. 0303 123 1113 www.ico.org.uk You can in addition appeal to a court when you believe you have suffered damage resulting from your personal data being processed. TRANSFER TO THIRD PARTIES Certain personal data we collect will be transferred to and possibly processed by third-party service providers, such as our IT supplier, accountant, auditor, as well as the government (e.g. in the case of the 30bis declaration of works, electronic attendance registration or with public procurement contracts). It is possible that one or more of the abovementioned third parties are located outside the European Economic Area ( EEA ). Personal data will nevertheless only be forwarded to third countries with a suitable level of protection. The employees, managers and/or representatives of the abovementioned service providers or institutions and the specialised service providers they engage must respect the confidential nature of your personal data, and this data must only be used for the purposes for which they were provided. If necessary, your personal data may be forwarded to other third parties. This might be the case, for instance, if we are wholly or partially reorganised, our activities are transferred, or if we are declared bankrupt. It is also possible that personal data is forwarded due to a court order or to comply with a certain legal obligation. We will in that case make reasonable efforts to inform you in advance concerning this disclosure to other third parties. You will nevertheless recognise and understand that this is not always technically or commercially feasible in certain circumstances, or that legal restrictions may apply. In no instance will we sell your personal data or make it commercially available to direct marketing agencies or similar service providers, unless with your prior consent. 5/6

TECHNICAL AND ORGANISATIONAL MEASURES We take the necessary technical and organisational measures to process your personal data according to an adequate level of security, and to protect this against destruction, loss, forgery, alteration, unauthorised access or accidental disclosure to third parties, as well as any other unauthorised processing of this data. In no instance can the Denys group be deemed liable for any direct or indirect damage resulting from incorrect or unauthorised use of personal data by a third party. THIRD-PARTY ACCESS In order to process your personal data, we provide access to your personal data to our employees, colleagues and appointees. We guarantee a similar level of protection by making contractual obligations opposable to these employees, colleagues and appointees, which are similar to this Data Protection Notice. FURTHER QUESTIONS If, after reading this Data Protection Notice, you have any further questions or comments relating to collecting and processing your personal data, please contact the Denys group, either by post to Industrieweg 124, 9032 Wondelgem or by email to dataprotection@denys.com. 6/6

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback