SOFICO CONFIDENTIALITY CHARTER
This information notice on the protection of personal data and privacy (hereinafter, the “Privacy notice”) has been drafted to keep you informed about the personal data that SOFICO, a public legal entity, processes. SOFICO acts as a data controller. Its headquarters are at Rue Canal de l’Ourthe 9/3, 4031 Angleur, Belgium, and it is registered with the Crossroads Bank for Enterprises under number 0252.151.302.
SOFICO, (hereinafter, “we, us or our”, depending on the case) places great importance on the privacy and protection of each user’s personal data. This is why we make every effort to guarantee the secure processing of your data.
We secure and protect the processing of your data in compliance with the applicable legislation, including the European regulation of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the “GDPR”) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data.
With this Notice, we would like to inform you about how we collect and process your personal data via the www.sofico.org website (hereinafter the “Website”), as it is described in section 6 “How we use your data” below. We will detail on what bases we collect your data, as well as the purposes for which we process, protect and share it.
By using our website, you acknowledge that you have been informed that we process your data as described in this Privacy notice.
2. On what basis do we use your data?
In compliance with the GDPR, we use a legal basis to process your personal data: your specific consent.
3. What data concerning you do we collect, and how?
Via this Website, we collect personal information (hereinafter, “personal data”) concerning you in two ways:
- Directly from you, with the information that you choose to send us via our contact and newsletter subscription forms. This personal data includes your surname, first name, e-mail address, telephone number, the subject and content of your message, and your preferences concerning the newsletter. Information requested with the symbol “*” must be provided, to enables us to fulfil the aims of these processing activities.
4. Do we collect “sensitive” data?
4.1. No processing of specific categories of personal data
Specific categories of personal data are referred to as “sensitive” personal data and cover information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as the processing of genetic data and biometric data to identify an individual in a unique way and data about health, sex life or sexual preference.
In compliance with the GDPR, we do not collect or process any specific category of personal data concerning you, unless you have explicitly given such data or another legal basis provided for by the GDPR applies.
4.2. No processing of personal data relating to criminal convictions and offences
We do not collect or process any personal data relating to criminal convictions and offences concerning you, unless this processing activity is authorised or obligatory pursuant to applicable national or European legislation.
6. How do we use your data?
Your personal data that we collect via this Website will only be processed in an aim to:
- Respond to the requests that we make to you directly via our contact form;
- Send you our newsletters by e-mail according to your choices.
We may combine your personal data sent via this Website with other data concerning you that we have obtained via other sources for the same purposes.
We will not use your personal data for new purposes that have not yet been provided for to date in this Privacy notice, except on the basis of your specific consent or another applicable legal basis. Under all circumstances, prior to using your personal data for other purposes, we will inform you of any changes to this Privacy notice, and for activities based on consent, we will give you the possibility to refuse to take part in such changes.
7. Use of your data for direct marketing purposes
We will not use your personal data for direct marketing purposes without your prior specific consent.
If, at any moment, you decide not to receive our newsletter, you may withdraw from this type of communication, free of charge and without having to give a reason, and oppose the future processing of your personal data for these purposes by sending an e-mail to firstname.lastname@example.org. In this case, please mention “Newsletter opt-out” in the subject of your message. Alternatively, you can use the unsubscribe procedure provided in any communication message you receive from us.
Please note that if you no longer receive our newsletter, you will no longer receive any information about any requests you have made via our contact form or another method or on another basis.
8. No automated decisions
We do not use automated decision-making processes, including profiling, unless it is necessary to fulfil a contract concluded between you and us, or authorised by the applicable national or European legislation, or with explicit consent from you. In this circumstance, we will inform you of the basis for the decision, as well as the importance and consequences envisaged of this processing activity for you.
9. Who has access to your data?
We will not make your personal data available to third parties, unless these transfers are i. based on your explicit consent, or ii. necessary for the execution of a contract concluded between you and us, or iii. based on another legal basis, or iv. authorised or made compulsory by national or European legislation or by an order from a public or legal authority.
We transfer your personal data to the following recipients: those who provide us with statistics on the use of the Website, the provider of our e-mail system, our host, our developer in charge of Website maintenance and our supplier in charge of newsletter creation.
Please note that when a transfer involves the transmission of your personal data to countries outside the European Economic Area that is considered by the European Commission not to provide an adequate level of personal data protection, we will ensure that appropriate measures are put in place in compliance with the applicable national and European legislation on personal data protection. You can obtain a copy of the appropriate protection measures taken or information on the location where they have been made available to you by sending us an e-mail at email@example.com.
10. Links to third-party websites that we make available to you
Some areas of this Website contain links to third-party websites. Please note that these links are provided for your convenience and that we have no control over these third parties or their websites, and that they have a different privacy notice to ours which applies to the information you submit when you consult these third-party websites. We recommend that you read the privacy notices of all websites before submitting your personal data.
11. How long do we store your data?
We only store your personal data as long as necessary to fulfil the aims described in section 6 above or when it is required by the applicable legislation in terms of data retention and the legal time frames for claims.
12. How is your data secured?
We use technical and organisational measures, in accordance with standard industry practice, to guarantee an appropriate level of security for the personal data processed. Nevertheless, security requires efforts from all those involved. We encourage you to contribute to these efforts by taking appropriate security measures yourself, in particular, when applicable, by using strong passwords and keeping all usernames and passwords confidential.
13. How do we protect children’s data?
The content of this Website is not intended for children aged under 16 years. We do not, to our knowledge, via this Website or other means, directly collect information from children aged under 16 years. If you are parents or legal guardians and you think that your child has provided us with personal data, please contact us at firstname.lastname@example.org.
14. What are your rights?
You have the right, at any time, to send us a request to access your personal data that we collect and process, and to ask us to rectify, or where applicable, delete your personal data if it is incorrect or unnecessary, as well as, where applicable, to oppose or limit data processing, and you have the right to data portability, in compliance with the applicable personal data protection legislation. To exercise your rights, please send us a written and signed request, with a copy of your identity card or any other identification document proving that you are the user concerned by the personal data to email@example.com, or by letter for the attention of the Data Protection Officer, Rue Canal de l’Ourthe 9/3, 4031 Angleur, Belgium.
When applicable, you have the right to withdraw your consent at any time, without affecting the legality of the processing activity based on consent prior to this withdrawal.
Finally, as the data subject, you have the right to make a claim to a supervisory authority (in particular in the member state of the European Union where you normally reside or work, or which is the location of the breach) if you consider that the processing of your personal data breaches applicable personal data protection legislation.
15. You can contact our data protection officer (DPO)
We have appointed a data protection officer whose contact details are as follows: Compliance Officer, firstname.lastname@example.org.
You can contact our personal data protection officer for any question about the processing of your personal data and the exercising of your rights under applicable national and European personal data protection legislation.
16. Date of effect and changes
This Privacy notice was created and has been in effect since 28/02/2019. We reserve the right, at our full discretion, to change, modify, add or delete parties to this Privacy notice at any time. We recommend that you regularly read this page to see the most recent version of this Privacy notice, insofar as your use of this Website after the publication of changes made to this Privacy notice will imply that you acknowledge these changes.
This Privacy notice was updated on 28/02/2019.
 Pursuant to the principle of “information transparency” in articles 12 to 14 of the GDPR.
 “Processing personal data” means “using personal information” which relates to an individual, with a certain purpose.
 A “data controller” is an individual or legal entity who decides to initiate a personal data processing activity with a certain purpose.