Privacy Policy

DATA PROTECTION NOTICE

GHEYSENS BV

  1. Introduction

Gheysens BV with registered office at Waggelwaterstraat 6, 8200 Bruges, BELGIUM and registered with the Crossroads Bank for Enterprises with company number 0413 850 302 attaches great importance to the safe, transparent and confidential collection and processing of your personal data. In particular, we want to protect the data of our employees, customers, subcontractors, suppliers / service providers and others against, among other things, loss, leaks, errors, unauthorized access or unlawful processing.

We would like to inform you as a customer, subcontractor, supplier / service provider, applicant or interested party by means of this Data Protection Notice about the collection and processing of your personal data.

We ask that you read this Data Protection Notice carefully, as it contains essential information about how your personal data is processed and for what purpose.

By communicating your personal data, you expressly declare that you have taken note of this Data Protection Notice and you also expressly agree with it, as well as with the processing itself.

  1. Scope

This Data Protection Notice applies to all services provided by us and in general to all activities that we perform, such as, for example, responding to inquiries, providing useful information regarding our operation or responding to job applications.

  1. Controller and its commitments

Gheysens BV with registered office at Waggelwaterstraat 6, 8200 Brugge, BELGIUM and with company number 0413 850 302, is the controller of your personal data.

In the collection and processing of your personal data, we respect the Belgian regulations on the protection of personal data, as well as the General Data Protection Regulation (“GDPR”) from its entry into force on May 25, 2018.

  1. Personal data

Depending on your activities and your relationship with our company, you provide us with some of the following personal data: your identity and contact details (name, title, address, e-mail address, telephone and mobile number, CV and profile photo). For certain specific legal obligations (electronic attendance registration, 30bis declaration of works), you may provide us with additional data to register your presences (such as E-ID data, Limosa number). And financial identification information.

We would like to point out that you are responsible for all information you provide to us and that we rely on its accuracy. If your details are no longer up-to-date, we request you to notify us immediately.

You are not obliged to provide your personal data, but you understand that the provision of certain services or collaboration becomes impossible if you do not consent to their collection and processing.

  1. Processing purposes and legal basis
  • Customer data

In the context of our services and our activities, we collect and process the identity and contact details; financial data of our customers and clients, their staff, employees, appointees and other useful contacts. The purposes for these processing operations are the execution of agreements with our customers, customer management, accounting and “direct marketing” activities such as sending promotional or commercial information; work planning; dispute management. The legal grounds are the implementation of the agreement, the fulfillment of legal and regulatory obligations (such as the 30bis declaration of works) and / or our legitimate interest.

  • Data of suppliers / service providers and subcontractors

We collect and process the identity and contact details; financial data of our suppliers / service providers and subcontractors, as well as any (sub) subcontractor (s), their staff, employees, appointees and other useful contacts The purposes of these processing operations are the implementation of this agreement, the management of suppliers / service providers / subcontractors, accounting and “direct marketing” activities such as sending promotional or commercial information or newsletters. The legal grounds are the performance of the agreement, the fulfillment of legal and regulatory obligations (such as the mandatory electronic attendance registration, the 30bis declaration of works, the attendance list or other obligations in public contracts, etc.) and / or our legitimate interest (such as for direct marketing). For the electronic attendance registration, the E-ID data or the Limosa number are also processed, where appropriate. For direct marketing activities by e-mail (such as a newsletter or invitation to events), permission will always be requested and can also be withdrawn at any time.

  • Employee data

We process the personal data of our employees in the context of our personnel management and payroll administration. Given its specific nature, this processing is more extensively regulated in a Data Protection Policy for employees.

  • Other data

In addition to the data of customers, suppliers / service providers / subcontractors and personnel, we also process personal data of others, such as possible new customers / prospects, applicants, useful contacts within our sector, network contacts, contacts of experts, etc. The purposes of these processing are in the importance of our activities, direct marketing and public relations. The legal basis is our legitimate interest or in some cases the performance of an agreement.

Our website and / or service does not intend to collect data about website visitors under the age of 16, unless they have permission from their parents or guardian.

However, we cannot check whether a visitor is older than 16. We therefore advise parents to be involved in the online activities of their children, in order to prevent data about children from being collected without parental consent. If you are convinced that we have collected personal information about a minor without this consent, please contact us by email so that we can delete this information.

 

 

  1. Duration of storage

The personal data is stored and processed by us for a period that is necessary in function of the purposes of the processing and in function of the (contractual or non-contractual) relationship we have with you.

How long we keep your personal data will vary based on the context of the services and activities provided, our legal obligations or time required to process your request. The following factors typically affect retention periods:

  • How long is the personal information necessary to provide our services and activities?
  • Is the personal data sensitive?
  • Have you given permission for a longer retention period?
  • Are we subject to a legal, contractual or similar obligation to keep your personal information?

Gheysens BV will keep your personal data for as long as necessary for the purposes in this Data Protection Notice. When it is no longer necessary to keep your personal information, we will delete it securely, in accordance with our data retention and deletion policies.

  1. Rights

In accordance with and under the conditions of the Belgian privacy legislation and the provisions of the General Data Protection Regulation, we inform you that you have the following rights:

  • Right of access and inspection: you have the right to inspect the data we have about you free of charge and to check what they are used for.

 

  • Right to rectification: You have the right to obtain rectification (correction) of your incorrect personal data, as well as to have incomplete personal data completed.

 

  • Right to erasure or restriction: you have the right to request us to erase your personal data or to restrict its processing in the circumstances and under the conditions set out by the General Data Protection Regulation. We can refuse the erasure or restriction of any personal data that is necessary for us to perform a legal obligation, the performance of the agreement or our legitimate interest, as long as this data is necessary for the purposes for which it was collected.

 

  • Right to data portability: you have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format. You have the right to transfer this data to another person responsible for the processing.

 

  • Right of objection: you have the right to object to the processing of your personal data for serious and legitimate reasons. However, please note that you cannot object to the processing of personal data that is necessary for us to perform a legal obligation, the execution of the agreement or our legitimate interest, and this as long as these data are necessary for the purposes for which they were collected.

 

  • Right to withdraw consent: If the processing of personal data is based on prior consent, you have the right to withdraw this consent. These personal data will then only be processed if we have a legal basis for this.

 

  • Automatic decisions and profiling: we confirm that the processing of the personal data does not include profiling and that you will not be subject to fully automated decisions.

We make every effort to handle your personal data in a careful and legitimate manner in accordance with the applicable regulations. If you nevertheless believe that your rights have been violated and your concerns are not addressed within our company, you are free to file a complaint with:

Data protection authority
Drukpersstraat 35, 1000 Brussel
Tel. 02 274 48 00
Fax. 02 274 48 35
E-mail: contact@apd-gba.be

You can also address a court if you believe that you would suffer damage as a result of the processing of your personal data.

  1. Transfer to third parties

Certain personal data collected by us will be passed on to and possibly processed by third party service providers, such as but not limited to: IT supplier, accountant, auditor, insurer, legal advisers, consultants, external parties for optimization and support of our services, as well as by the government (for example in the 30bis declaration of works, electronic attendance registration or competition for public contracts).

It is possible that one or more of the aforementioned third parties are located outside the European Economic Area (“EEA”). However, personal data will only be transferred to third countries with an adequate level of protection.

The employees, managers and / or representatives of the above-mentioned service providers or institutions and the specialized service providers appointed by them must respect the confidential nature of your personal data and can only use this data for the purposes for which it was provided.

If necessary, your personal data can be passed on to other third parties. This could be the case, for example, if we were to be reorganized in whole or in part, our activities were transferred or if we were declared bankrupt. It is also possible that personal data must be transferred pursuant to a court order or in order to comply with a certain legal obligation. In that case, we will make reasonable efforts to inform you in advance of this communication to other third parties. However, you acknowledge and understand that in certain circumstances this is not always technically or commercially feasible or that legal restrictions may apply.

Under no circumstances will we sell your personal data or make it commercially available to “direct marketing” agencies or similar service providers.

  1. Technical and organizational measures

We take the necessary technical and organizational measures to process your personal data to an adequate level of security and to protect it against destruction, loss, falsification, alteration, unauthorized access or notification by mistake to third parties, as well as any other unauthorized processing of this data.

Under no circumstances can Gheysens BV be held liable for any direct or indirect damage resulting from incorrect or unlawful use by a third party of the personal data.

  1. Employee access

With a view to processing your personal data, we grant access to your personal data to our employees, employees and appointees on a "need to know" basis. We guarantee a similar level of protection by making contractual obligations enforceable against these employees, employees and appointees, which are similar to this Data Protection Notice.

  1. Changes

Gheysens BV reserves the right to change this Data Protection Notice at any time. This Data Protection Notice was last modified on 4/3/2021.

  1. Cookies

Gheysens BV uses "cookies" on this website: small information files that are automatically stored on the hard drive of your computer.

  1. Nog vragen?

If, after reading this Data Protection Notice, you have further questions or comments regarding the collection and processing of your personal data, you can contact Gheysens BV, either by post to Gheysens BV, Waggelwaterstraat 6, 8200 Bruges or by e-mail to info@gheysenskranen.be.