Personal data protection policy for the use of the site
CERTISYS undertakes to ensure that any personal data it may have collected in the course of using the Site, or of making contact by telephone, by e-mail or via the contact form available on the Site, are processed in accordance with the General Data Protection Regulation (“GDPR”)
- The types of personal data that CERTISYS may collect when using the Site, or when making contact by telephone, by e-mail or via the contact form available on the Site,
- The purposes of the processing it carries out and its legal basis,
- The possible recipients of the personal data,
- The length of time personal data is kept, as well as
- The rights attached to your personal data.
1/ TYPES OF PERSONAL DATA COLLECTED AND SOURCES
CERTISYS ensures that it only collects and processes data that is strictly necessary for the purpose for which it is processed (data minimisation).
In the context of accessing and using the Site, or contacting you by telephone, by e-mail or via the form available on the Site, CERTISYS may have access to the following data
- Your name(s) and surname(s)
- Your personal and/or business email address
- Your personal and/or business telephone number
- Your postal address/your location in the world
- Any personal data voluntarily provided by the user himself
2/ PURPOSES AND PURPOSE OF THE PROCESSING
The processing implemented by CERTISYS meets an explicit, legitimate and determined purpose.
Your data are processed by CERTISYS for the following purposes:
- To respond to the request that you have sent to us by means of the contact form, by telephone or by email. In this case, the processing of your personal data is part of a legitimate interest pursued by CERTISYS, i.e. to follow up your contact;
- To make its Site function optimally. If you do not wish to be included in the Site’s statistical data, you can change your preference on the cookie management policy
3/ HOW LONG WE KEEP YOUR PERSONAL DATA
CERTISYS keeps your data for as long as is necessary to achieve the purpose for which it was collected. In the event that the use of your data is made necessary for a purpose different from that for which your personal data was initially collected, CERTISYS undertakes to inform you of this, and to obtain, if necessary, your prior consent.
4/ TRANSMISSION OF YOUR PERSONAL DATA OUTSIDE THE EU
CERTISYS undertakes to transmit your personal data to entities of the ECOCERT Group, or to subcontracting companies, located outside the European Union, only for the purpose of responding to your request.
5/ YOUR RIGHTS REGARDING YOUR PERSONAL DATA AND THE APPLICABLE PROCEDURE
In application of the GDPR, you have rights over your personal data: a right of access, rectification, deletion, limitation of processing, a right to portability and the right to define the fate of your data after your death. These rights can be exercised with the Data Protection Officer (DPO):
- By e-mail to the following address: firstname.lastname@example.org
- Or by post to the following address
For the attention of the Data Protection Officer (DPO)
Rue Joseph Bouché, 57/3
All applications must be accompanied by valid proof of identity.
If you are unable to exercise your rights using the procedure described above and you consider that the processing of your personal data constitutes a breach of the regulations, you may lodge a complaint directly with the Data Protection Authority (DPA), either by means of a form accessible on its website https://www.dataprotectionauthority.be/citizen, or by letter addressed to the attention of its Data Protection Officer (DPO) at the postal address available on the website https://www.dataprotectionauthority.be/citizen.