Privacybeleid
Privacy policy
INTRODUCTION
ACA IT-Solutions considers your privacy very important. You have the right to know which personal data we process about you and how we do this. In this privacy policy, you will receive an answer to the following questions:
- Who is responsible for the processing of personal data?
- What do a number of important terms in this policy mean?
- When do we collect which personal data from you, what do we do with it and why are we allowed to do this and for how long do we keep it?
- How do we protect your personal data?
- Who has access to your personal data?
- What are your rights as a data subject?
- Who do you contact in case of questions regarding this privacy policy?
- Changes to the privacy policy
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA
The data controller for the processing of your personal data is ACA IT-Solutions, with registered office Herkenrodesingel 8B 2.01, 3500 Hasselt.
These are our contact details: by phone +3211.26.50.10 or by email at: legal@aca-it.be.
For questions regarding the processing of your personal data, it is best to contact our DPO who can be reached at the following email address: dpo@aca-it.be.
WHAT DO SOME IMPORTANT TERMS IN THIS POLICY MEAN
- GDPR: The General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data entered into force on 25 May 2018. Also known as GDPR - General Data Protection Regulation.
- Personal data: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Processing of personal data: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Data Subject: Any natural person, such as a website visitor.
- Data Controller: The Organization that is ultimately responsible for all personal data processing that is discussed within this Privacy Policy (in this case, ACA IT-Solutions).
- Data Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of ACA IT-Solutions.
- Data Processing Agreement (DPA): A binding written agreement, which states that the processor shall only act on the controller's instructions; and that it provides sufficient guarantees to protect the personal data that it processes.
- Standard Contractual Clauses (SCC): The Standard Contractual Clauses are standard sets of contractual terms and conditions which the sender and the receiver of personal data both sign up to, aimed at protecting personal data leaving the European Economic Area (EEA) through contractual obligations in compliance with the GDPR’s requirements in territories which are not considered to offer adequate protection to the rights and freedoms of data subjects.
- Data Retention: The policies within ACA IT-Solutions to the time period for storing/processing personal data.
- Cookies: Cookies are small files which are stored on a user's computer when visiting a website.
WHEN DO WE COLLECT WHICH PERSONAL DATA OF YOU, WHAT WE DO WITH IT, WHY MAY WE KEEP THIS AND HOW LONG DO WE STORE IT?
Who and which personal data |
Purpose and legal basis |
Retention period |
Your Identification and contact data when you contact us by telephone, the contact form on the website or through email. |
We need your identification data and contact data for the performance of the agreement to know who we communicate with and to answer your questions. | 1 month after the request has been received, we will remove your personal data unless your request results in a collaboration or similar agreement. In that case your data will be removed one year after the collaboration has been ended. |
Your Identification and contact data | Only with your consent, we sent you our newsletters. You can always unsubscribe through the link in each email. | We keep your personal data until 1 year after you have unsubscribed from our newsletter and other direct marketing updates. |
Your Identification and contact data | We have a Legitimate Interest to contact people with whom there has already been earlier contacts with regard to business purposes. | The data of these contact people will be kept until an opt-out has taken place or until they have asked to be removed from the databases. |
Identification and contact data | We have a Legitimate Interest to contact people with whom we would like to discuss a business opportunity and that we haven’t contacted yet. These are people that we would like to contact by phone, email, video call, LinkedIn, … | These people will be kept in our database for a maximum of 60 days and will be deleted if there hasn’t been any business contact or direct marketing consent during those 60 days. |
Job applicants : CV, notes during the job interview, motivational letters, … | These data are processed for the purpose of the application procedure and are necessary for a possible agreement to be concluded when you send us your application for a published job offering or when you send us your candidacy spontaneously. | Name, email address, job area of interest and the reason for termination of the application will be kept for 3 years to keep you up-to-date on other interesting vacancies at ACA IT-Solutions NV that fall within your area of expertise. Resumes will be kept for 3 months after the application process. |
All personal data that can be included in case of a complaint | In case you would contact us to file a complaint we have a legitimate interest to use all personal data involved for handling these complaints. In addition to identification data, other personal data can also be processed, depending on the complaint. | 12 months after the request has been closed, we will remove your personal data unless we are required by law to keep the data for a longer period. |
FURTHER PROCESSING
ACA IT-Solutions has no further processing with the personal data of website visitors, applicants, partners, … All the processing activities are described in the table above.
HOW DO WE PROTECT YOUR PERSONAL DATA
Your privacy is our top priority, which is why we do everything we can to protect your personal data. We have taken all appropriate technical and organizational measures to protect your data against a possible data breach.
WHO HAS ACCESS TO YOUR PERSONAL DATA
Internal
Within our organization, only authorized staff members and the persons we designate have access to your personal data. These are only those persons who require access for the correct performance of their function or for the needs of the service.
External
Personal data will never be passed on by us to third parties / processors, unless:
- There are legal obligations
- Each of these parties offers the necessary guarantees that your personal data will be processed in accordance with the requirements of Belgian privacy legislation and the European General Data Protection Regulation and all implementing decrees.
- For certain processing within the implementation of our agreement, such as IT support, we call on other parties. We have concluded a processor agreement with these parties to ensure that your personal data is also processed by them in a safe and confidential manner. The processor agreement guarantees appropriate technological and organizational protective measures. Your personal data is therefore in good hands with them.
International
ACA IT-Solutions uses Google Workspace, an application from Google, as email tool and for (some) data storage. We also work with Mailchimp for our newsletters and Hubspot. With all of these companies Standard Contractual Clauses (SCC) were signed as required by GDPR. Except in the situations described above, your personal data will not be transferred to third countries without your prior consent. Under no circumstances will they be sold, rented or made available to third parties without your prior consent.
THE USE OF COOKIES
ACA IT-Solutions makes use of cookies to get to know you better when you visit our website. Further, we try to optimize our newsletters by keeping statistics of their use. For the convenience of the website visitor, ACA IT-Solutions has implemented a cookie management tool that enables the visitor to manage their cookie preferences very easily.
When you as a visitor visits the ACA IT-Solutions website for the first time, the cookie banner is presented. You are then given the opportunity to manage your choices and read our cookie policy and the description of each of the cookies used.
Marketing and analytical cookies will only be used with your consent. Functional and technical required cookies are always activated. For more information you can read the text in the tool.
As a visitor you can easily change your preferences by accessing the tool which can be done on the following page: https://www.acagroup.be/en/cookie-policy.
WHICH ARE YOUR RIGHTS AS A DATA SUBJECT
As a data subject, you have a number of rights with regard to your personal data. These are described below.
Right |
Description |
Right of information | This privacy policy is written to inform you about our privacy practices |
Right of access | You can always send a request to ACA IT-Solutions to get an overview of all we process about you or to obtain an expression of this in a readable format. When you request this information, ACA IT-Solutions will provide it with all necessary information such as: the processing, the retention period, the legal basis for processing and the recipients. This information will be sent to you within one month. |
Right of rectification | You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning yourself. |
Right to erasure |
If you no longer wish ACA IT-Solutions to process your personal data, you can request (by email) to remove this data from our files / databases. However, this is not an absolute right and you should be aware that other legislation may limit this right. E.g. you cannot request deletion of data on which a legally defined retention period has been set and this retention period has not yet been reached. You can have all personal data that we process from you on the basis of "consent" removed immediately when you withdraw your consent. This can be done by simple request by e-mail. However, if disputes are ongoing, for example a lawsuit or other discussion that may have legal consequences, our interest in retaining this data is more important than your right to erasure. We cannot delete data while such activities are in progress. |
Right of restriction of processing |
If you do not agree with one or more of the processing activities that ACA IT-Solutions does with your data, you can invoke a restriction on that specific processing activity. This can be done with a simple question by e-mail. |
Right to object |
You have the right to object to any processing of your personal data for which we believe we have a legitimate interest. The processing of relevant personal data is stopped, unless we put forward compelling legitimate grounds for this processing that outweigh your interests, rights and freedoms or if these personal data are related to the establishment, exercise or defence of legal claims. |
Right of dataportability |
If you want to move to another similar service, you can ask ACA IT-Solutions (by e-mail) to supply the data you have provided in a digital format so that you can communicate it to a similar organization. [This only applies for personal data processed using consent or on the basis of a contract] |
Right to lodge a complaint |
If you consider that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgium Authority: Gegevensbeschermingsautoriteit (GBA), Drukpersstraat 35, 1000 Brussels. |
Right to withdraw consent |
At any time and without having to motivate this you have the right to withdraw your consent for any personal data processing by ACA IT-Solutions based on consent as legal basis. |
WHO DO YOU CONTACT IN CASE OF QUESTIONS REGARDING THE POLICY?
If you have any questions regarding this privacy policy or the exercise of your rights in this regard, please contact our DPO through the following e-mail address: dpo@aca-it.be.
CHANGES IN THIS PRIVACY POLICY
ACA IT-Solutions reserves the right to update this privacy policy. In the event that this privacy policy changes, we advise you to review this privacy policy regularly when you visit our website.