Last update: 25 March 2024
This privacy notice (hereinafter: ‘Privacy Notice’) describes how CESAER AISBL (hereinafter: ‘CESAER’, ‘We’, ‘us’, ‘our’) might collect, store, use, and/or share (‘process’) your personal data when you:
We are committed to protecting and handling your personal data in a responsible manner in accordance with the applicable data protection laws in the countries and regions in which we operate, including but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR),UK Data Protection Act 2018 (amended 2020) (UK DPA) and theSwiss Federal Act on Data Protection (FADP) (hereinafter: ‘Data Protection Laws’).
Please read this Privacy Notice thoroughly so that you are aware of how CESAER processes your personal data. If you have any questions or concerns, please contact us at info@cesaer.org.
Our full contact information is:
Kasteelpark Arenberg 1 Box 2200
LEUVEN 3001
BELGIUM
Tel: +32 486 41 17 56
E-mail: info@cesaer.org
Belgian CBE number: 0441.894.980
“Personal data” means any information that can be used to directly or indirectly identify a natural person, such as a name, identification number, place and date of birth etc.
The term “processing” includes any treatment of personal data and covers the collection, recording, organization, storage, updating, alteration, retrieval, consultation, use, dissemination or making available by any means, archiving, erasure and destruction of personal data.
We process personal data for various purposes, each time processing only the personal data necessary to achieve the intended purpose.
We process personal information that you voluntarily provide to us when you register to access our extranet, when you express an interest in obtaining information about us and the work we do, when you participate in our activities and events, or otherwise when you contact us.
The personal information that we collect depends on the context of your interactions with us and the choices you make.
We do not process sensitive information.
We also process certain information automatically when you visit, use, or navigate our online services. This information does not reveal your specific identity (like your name) but may include device and usage information, such as your Internet Protocol (IP) address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our online services, and other technical information. This information is mainly needed for the security and operation of our online services, as well as for our internal analytics and reporting purposes.
Like many organisations, we also process information through cookies. You can find more about this in our Cookie Policy: https://www.cesaer.org/cookie-policy/
The information we process through cookies and similar technologies includes:
Lastly, we may obtain limited personal data from public databases, and other third parties. In order to enhance our ability to provide relevant offers and services to you and update our records, we may obtain information about you from other sources, such as public databases, data providers, partners, and from other third parties. This processing and combining of personal data for purpose of targeted communication and event promotion. We rely on our legitimate interest of (direct) marketing for this processing activity.
The legal bases invoked by CESAER are specifically indicated for each processing activity and are underlined.
We may share your personal data with third-party vendors, service providers, contractors, or agents (‘third parties’) who perform services for us or on our behalf and require access to certain personal data in order to perform these services. They will only process your personal data on our behalf and in accordance with our instructions. We will not share your personal data with third parties who cannot guarantee at least the same level of protection of your personal data as we have implemented.
The categories of third parties we may share personal information with are as follows:
We will not retain your personal data longer than necessary for the purposes set out in the present Privacy Notice, unless a longer retention period is required or permitted by law (for example tax, accounting or other legal requirements). No purpose in this Privacy Notice will require us retaining your information for longer than the period of time in which users have an account on our Extranet. The following retention policy applies to personal data processed by or on behalf of us:
After expiry of the periods described above, we will either delete or anonymise such information, or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Both CESAER and the third parties processing personal data on its behalf have implemented appropriate and necessary technical and organisational security measures designed to protect the security of any personal data we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our online services is at your own risk. You should only access our online services within a secure environment.
We do not knowingly solicit data from children under 18 years old. By using our online services, you represent that you are at least 18. If we learn that personal information from users less than 18 years old has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under the age of 18, please contact us via email at info@cesaer.org.
The Applicable Data Protection Laws grant you a number of rights in relation to personal data processed by us or on our behalf.
You can always contact us to exercise the following rights (provided you do so reasonably and within the legal limits):
You may form such a request by contacting us by using the contact details provided at the beginning of this Privacy Notice. When contacting us, please provide a copy of your ID card or passport, along with proof of residence. This identification is necessary for us to authenticate that you are the rightful owner of the personal information in question.
We will consider and act upon any request in accordance with applicable data protection laws.
If you have any concerns regarding how CESAER manages your personal information or its handling of your requests to exercise your rights pertaining to that personal information, please reach out to us, and we will strive to address your concerns promptly. If you do not agree with the way CESAER processes your personal data, you have the option to lodge a complaint with the appropriate supervisory authority in Belgium:
Belgian Data Protection Authority
Rue de la Presse 35
1000 Brussels BELGIUM
www.dataprotectionauthority.be
If you have questions or comments about your privacy rights, please email us at info@cesaer.org.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated ‘Revised’ date and the updated version will be effective as soon as it is accessible. If we make changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are processing your personal data.