BTW: BE 0666.896.972
RPR: Gent, afdeling Brugge
This policy contains the guidelines that Grabachair applies in processing personal data, in accordance with the objectives and obligations arising from the General Data Protection Regulation, i.e. Regulation (EU) 2016/679 of 27 April 2016 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (‘GDPR’).
Grabachair confirms that it complies with the current legislation, namely the Law of 8 December 1992 on the protection of privacy and its implementing decisions and the European General Data Protection Regulation of 27 April 2016.
- “Personal data”: all information about an identified or identifiable natural person (“the data subject”). A natural person is regarded as identifiable if he or she can be identified directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more elements characterising the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. Appendix 1 lists the Personal Data that the Processer will process in accordance with this agreement and the purposes for which the data are processed.
- “Processing”: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- “Controller”: a natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.
- “Processor”: a natural or legal person which processes personal data on behalf of the Controller.
- “Sub-processor”: the subcontractor appointed by the Processor to carry out part of the processing on behalf of the Controller.
- “Personal data breach”: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, also known as a “data leak” ;
- “GDPR”: The General Data Protection Regulation, i.e. Regulation (EU) 2016/679 of 27 April 2016 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
III. Processing of personal data
Below is a list of personal data which are processed and the purposes for which Executive Learning Partnership processes them as well as Grabachair’s basis for doing so.
In connection with the provision of services by Grabachair, the following personal data are processed:
- Your surname and first name
- Your address
- Your telephone number
- Your email address
The above data are processed with a view to the execution of the contract [for delivery of services] that you have concluded with Grabachair. The processing of your personal data takes place more specifically in connection with delivery to the agreed location, as well as invoicing and the monitoring of invoice payments.
Grabachair justifies the processing of personal data in this case on the basis of the legitimate interest that Grabachair has in the proper and effective execution of the contract.
In connection with your accessing and use of our website, the following personal data will be processed:
- Your IP address
- Your browsing behaviour
- Your email address
Grabachair processes the above data with a view to optimising the content and functioning of the website, in accordance with the needs of the visitor.
Grabachair justifies this processing of personal data on the basis of the legitimate interest that Grabachair has in offering a readily accessible, understandable, appropriate, comprehensive and relevant website.
In connection with the sending [electronically AND/OR by post] of newsletters and advertising leaflets, the following personal data are processed:
- Your surname and first name
- Your address
- Your email address
The above data are processed with a view to personalising our newsletter and our advertising leaflets, as well as informing you about current promotions and special offers.
Grabachair relies on your express and prior consent for the processing of personal data in this case.
In connection with the compilation and analysis of anonymised statistics, the following personal data are processed:
- The sequence of pages you visit on the website
Processing for statistical purposes is carried out using coded data, from which the identity of the data subject cannot be traced.
The legal basis on which Grabachair justifies this processing is the company’s legitimate interest in continually subjecting its services to evaluation and improvement.
Grabachair undertakes not to process your personal data for any purpose other than the purposes mentioned above, unless you give Grabachair express prior permission to do so. Grabachair guarantees that your personal data will not be retained if Grabachair no longer requires them for the provision of services, or if it is no longer subject to a statutory retention obligation.
You are not obliged to transfer your personal data to Grabachair. However, you should be aware that a refusal to provide certain basic data to Grabachair may result in Grabachair being unable to provide you with certain services.
IV. Direct marketing
Your personal data are only processed for direct marketing purposes if you give Grabachair your explicit consent to this. If you give Grabachair permission to use your data for direct marketing purposes, these data will be processed to send you marketing materials [in paper / electronic form].
If your data were included in our mailing list before 16 April 2018, you are deemed to have consented to the use of your data for direct marketing purposes.
You may oppose the use of your personal data for direct marketing purposes free of charge at any time. To do so, simply send a request via the contact form.
V. Retention period
Your personal data processed by Grabachair ship are stored for a period of 3 years.
As a data subject whose personal data are processed, you have a number of rights with regard to the processing operations carried out by Grabachair. To exercise these rights, you should contact us via the contact form. Grabachair is obliged to respond to this request within a period of one month. You will only receive a response within the set period if you send your request for the exercise of your rights to the us using the above-mentioned procedure.
You have the following rights:
Right of inspection and access
You have the right to access your personal data and the right to check how they are being used via email addressed to Grabachair, including proof of your identity by attaching a copy of your identity card to your request. You may obtain a free copy of your available personal data at any time by simply making a request to this effect.
Right to correction, erasure and restriction
Except for those personal data that must be processed in connection with [complete] or in connection with storage because of a legal obligation, you may indicate which personal data may not be processed at all or may only be processed for a limited number of processing operations. In addition, you may request that personal data which you do not wish to be processed in whole or in part, be deleted. You may also ask to check and, if necessary, correct your personal data.
Right to object, automated decisions and profiling
You may oppose the processing of your personal data at any time if your objection is based on serious and legitimate reasons. If you wish to oppose the use of your personal data for direct marketing purposes, you do not have to give any reasons for this. To exercise this right, you should contact us via the contact form.
The processing of personal data by Grabachair is not carried out on the basis of automated decisions; in other words it is not carried out without human intervention.
Grabachair does not engage profiling on the basis of the available personal data.
Right to withdraw consent
If the processing of your personal data is based on consent you have given, you may withdraw this consent at any time.
Right to portability
Under the conditions stipulated in the GDPR, you have the right to obtain your personal data in a structured, commonly used and machine-readable form. You may ask Executive Learning Partnership to transfer your data in this way to another Controller. To exercise this right, you should contact us via the contact form.
If you believe that your rights as a data subject are being infringed by or during the processing of your personal data, you have the right to make a complaint to the Data Protection Supervisor (the Commission for the Protection of Privacy, Drukpersstraat 35, 1000 Brussels, email: email@example.com, tel. +32 (0)2 274 48 00, fax +32 (0)2 274 48 35), without prejudice to any other possibility of initiating a judicial review or seeking a judicial remedy.
VII. Transfer to third parties
Grabachair undertakes not to sell, rent, distribute or otherwise disclose your personal data to third parties, unless the communication is made to the third party under a legal obligation. In exceptional cases, mandatory laws oblige Grabachair to transfer your personal data to the competent government authorities. Likewise, a court order may require Grabachair to communicate personal data to people authorised by the order to inspect the personal data concerned.
Grabachair makes an exception to its non-disclosure undertaking in the event of a partial or complete reorganisation or a transfer of the company’s business operations. In such cases, your personal data will be conveyed along with the business operations to the third parties involved in the transfer and in the confidential negotiations prior to the transfer.
As far as possible, Executive Learning Partnership will inform you of the transfer to the aforementioned third parties.
VIII. Security and confidentiality
Grabachair guarantees that the processing of your personal data takes place in an appropriate, correct and secure manner. If you wish, you will be informed in a transparent manner about the processing procedures and the technical and organisational measures taken to prevent any loss, falsification or unlawful alteration of or unlawful access to your personal data.
Grabachair reserves the right to change this policy.
If substantial adjustments are made, Grabachair will take all reasonable measures to notify you before the changes take effect.
Acceptance and refusal of cookies
However, Grabachair wishes to inform visitors that if they refuse to accept cookies, certain parts of the website will not function properly. It is possible that the visitor will no longer have access to the services that Grabachair offers on the website.
If the visitor does not change his or her cookie settings and chooses to 'continue’ when first visiting the website, Grabachair assumes that the visitor accepts the various types of cookies and their use.
Technical information about cookies
What is a cookie?
A cookie is an information file which is placed on the web browser of a computer or mobile device – such as a smartphone, iPhone or iPad – by the server of the website that the visitor is consulting. The cookie contains a code that can be read by the server that placed it on the visitor’s web browser. The website being visited does not have access to other information files located on the visitor’s computer or mobile device.
How is a cookie file structured?
A cookie file consists of the following components:
- The name of the server that placed the cookie file on the computer;
- An expiry date;
- A unique numerical code.
What are cookies for?
Cookies ensure that visitors to the website have the best possible experience. Among other things, this means enabling the visitor to navigate more quickly and easily between the different parts of the website and adjusting the content of the website to the visitor’s personal preferences, for example their preferred language.
Where can I find these cookies?
The cookies are placed in a separate folder for the web browser on the hard disk of the visitor’s computer or mobile device.
Are there different types of cookies?
The relevant legislation makes a distinction between functional or technically necessary cookies on the one hand (these are first-party cookies, where the stored information is passed back to the website that placed the cookie), and all other cookies on the other hand (third-party cookies, where the stored information is forwarded to another website to which it belongs). Functional cookies ensure the optimal functioning of the website, and aim to provide the visitor with as pleasant and smooth an experience as possible. Permission for this kind of cookies is not strictly necessary, as they are only stored for the current browser session.
A further distinction can be made according to the specific purpose of the cookie.
What are 'session' cookies and 'permanent' cookies and what is the difference between the two? The task of the session cookie is to recognise the web browser during the visit to the website, while the task of the permanent cookie is to recognise the web browser with a view to repeat visits to the website.
What are 'performance’ cookies? 'Performance' cookies monitor how the visitor uses the website. This enables the website administrator to adjust and optimise the content and ease of use of the website. For example, performance cookies enable daily tracking of how many different people have visited the different pages and which language version of the website is the most popular.
What are 'third-party' cookies? Third-party cookies are cookies that come from advertisements placed on the website by third parties. They are intended to adapt the advertisements and/or their contents to the visitor’s personal preferences. The visitor will only see the advertisements if he or she has not disabled third-party cookies, meaning that permission has been granted for them. The use of third-party cookies does not give either the website administrator or the advertisers (third parties) access to the visitor’s personal data.
What is 'embedded content'?
How can the visitor manage the cookies?
Visitors control the management of the cookies themselves. They can adjust the settings of their web browser according to their personal preferences. They can delete cookies which have already been installed at any time, and refuse new cookies by adjusting their browser settings.
Grabachair also uses functional cookies when the visitor has created a personal account and wishes to log in. With the help of the cookies, Grabachair can safely check the visitor’s identity before granting access to the personal information stored on the account.
Grabachair only uses the following cookies:
- Functional cookies
- Non-functional cookies
If the necessary cookies are disabled the visitor will have the impression that certain parts of the websites are not working properly. Visitors can change their cookie settings for the Grabachair website in order to withdraw permission which was previously given.
If a visitor to the website also visits the website of a third party via a hyperlink on the Grabachair website, Grabachair advises the visitor to check the conditions of use of the relevant website administrator and find out about the third party's privacy and cookie policies.