A&C Systems Regulations on Personal Data
A & C Systems NV, whose registered office is at Bleyveldstraat 16A, 3320 Hoegaarden, Belgium, registered in the Crossroads Bank for Enterprises under number 445.299. 482 (hereinafter referred to as “A & C Systems”) intends to comply with the applicable legislation governing the protection of personal data, including but not limited to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC and the Belgian Act of 30 July 2018 on the protection of individuals with regard to the processing of personal data.
The purpose of these regulations is to inform you of the rights and obligations applicable to the processing of personal data by A & C Systems and to define A & C Systems’ practices with regard to the collection, use, storage, transfer and other processing of information relating to an identified or identifiable natural person – an “identifiable natural person” is considered to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity – (“personal data”). A & C Systems is the data controller for the processing of personal data as described in these regulations.
What personal data does A & C Systems collect?
A & C Systems only collects the personal data communicated to it by the users of the Website
https://myactions.eu (hereinafter referred to as the “Website”) or that it receives from external sources by processing the requests of the users of the Website (“user’s personal data”). For each user, these regulations apply only to the user’s personal data.
Such data may include, by way of example and in a non-exhaustive manner:
– identification data (name, maiden name and surname, email address and telephone number, smartphone IMEI code, home address, date of birth, national identification number, personal identification code, gender, marital status, dependants, emergency contact details, photographs, citizenship, passport data, identity card data, residence permit or work permit data, etc.)
– professional data (work or profession, salary or remuneration or allowances, employment history and references, educational background, professional qualifications, language skills and other relevant skills, etc.)
– technical data (the Website automatically collects certain non-identifiable information about its users, such as the Internet Protocol (IP) address of the computer, the IP address of the Internet service provider, the date and time of the user’s access to the Website, the Internet address of the site from which the link was made directly to the Website, the operating system used, the sections of the Website visited, the pages of the Website to which the user surfs and the data consulted, as well as the information that the user posts or downloads from the Website)
– tax data (tax assessment, accounting, tax return, etc.)
– bank data (name of financial institutions, bank account numbers, status of accounts, credits, accounts, etc.)
– administrative data (VAT number, data useful for managing user requests, etc.)
– all personal data provided by the user of the Website to A & C Systems.
A & C Systems does not collect or handle specific categories of personal data (“sensitive personal data”) such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as data concerning the health of a natural person.
Who collects these personal data?
Personal data are collected by A & C Systems who are responsible for their processing.
Personal data may be obtained by A & C Systems in particular in the following situations:
– When the user provides personal data to A & C Systems, or when the user has direct contact with A & C Systems (by e-mail, telephone or post);
– When the user enters into a contract with A & C Systems;
– When A & C Systems operates its technological tools and services, including visits to its Website and e-mails sent to A & C Systems;
– When A & C Systems collects personal data from other sources, such as lawyers, co-contractors, official registers, commercial databases or the use of public sources.
What is the purpose of collecting these personal data?
The processing of personal data described in these regulations is necessary for managing the user’s requests and, where applicable, for providing the benefit of A & C Systems’ promotional action and for A & C Systems to comply with its legal obligations.
Subject to applicable legal restrictions, A & C Systems uses personal data for the following purposes.
A & C Systems uses personal data to comply with its obligations relating to the management of user requests and the management of user participation in promotional actions offered on the Website.
A & C Systems also uses personal data to comply with its legal obligations, particularly in the context of money laundering and to meet legal requirements such as income taxes and social security contributions levies, obligations to maintain records and returns, to conduct audits, to comply with government inspections and other requests from the government or other public or regulatory authorities and to comply with internal rules and procedures.
In particular, and in a non-exhaustive manner, A & C Systems processes personal data
– To process and respond to requests, questions or complaints received from the user;
– for managing and ensuring the relationship between A & C Systems and the user;
– to comply with legal and regulatory requirements;
– To provide the products and services requested by the user;
– To communicate with the user about the products and services;
– to make available and improve the A & C Systems Website by generating statistics about the use of the Website;
– to initiate or conduct legal proceedings or defend against a lawsuit involving A & C Systems or its affiliates.
What is the basis of the processing of personal data?
A & C Systems collects and processes personal data on the following basis, as appropriate:
– enter into and perform a contract;
– comply with legal and regulatory requirements;
– a legitimate interest (for example, managing and ensuring the relationship with the user and partners);
– with the consent of the individual concerned.
Who has access to personal data?
In the course of providing its services and administering A & C Systems and its relationships with users and other third parties, A & C Systems is required to share personal information with persons operating within A & C Systems. It may be necessary for A & C Systems to also provide its customers, suppliers and subcontractors with access to personal data, as well as governmental authorities, courts of law and law enforcement agencies. A & C Systems is authorized to share personal data with third parties when it believes this is necessary to comply with a legal or regulatory obligation, or to protect its rights or the rights of third parties.
A & C Systems may entrust the processing of personal data in whole or in part to subcontractors. When A & C Systems engages a third party processor to process personal data on its behalf, A & C Systems will
delegate this treatment in writing, select a subcontractor who provides sufficient guarantees in respect of the technical and organisational security measures relating to the process in question and will propose the subcontractor to act on behalf of A & C Systems and in accordance with A & C Systems’ instructions. In addition, A & C Systems will impose appropriate requirements on these external subcontractors for such data protection and information security.
A & C Systems does not in principle transfer personal data outside the European Union or the European Economic Area. If such a transfer of personal data outside the European Union or the European Economic Area takes place on A & C Systems’ initiative, a special procedure will be followed.
of A & C Systems, such a transfer will take place in accordance with the applicable data protection legislation and, in particular, will be based on the standard contractual clauses established by the European Commission in force at the time.
A & C Systems implements appropriate technical and organisational measures to protect against the unauthorised or unlawful processing of personal data and/or against accidental loss, alteration, dissemination or access, or destruction and
unintentional or unlawful alteration of personal data. These measures are intended to ensure the continued integrity and confidentiality of personal data. A & C Systems evaluates these measures on a regular basis in order to guarantee secure processing.
The user guarantees that A & C Systems has the full power to authorise the collection and processing of personal data by A & C Systems and, in particular, that it has obtained the consent of the persons concerned or a regularly referred to other
legitimate cause for the collection and processing of personal data by A & C Systems. The user guarantees A & C Systems and will indemnify A & C Systems against any recourse or claim by any third party directly or indirectly connected with the collection and processing of personal data by A & C Systems pursuant to these regulations. A & C SYSTEMS DOES NOT ASSUME ANY LEGAL
Systems makes no legal warranties, express or implied, with respect to personal data. The user shall indemnify A & C Systems for any direct or indirect damage, of whatever nature, that results from a violation of the provisions of these regulations with regard to personal data that can be attributed to the user.
Rights of the persons concerned
The “Data Subject”, is any identified or identifiable natural person to whom the personal data relates, may legitimately exercise the rights set forth below in relation to his personal data.
The User is obliged to provide any assistance reasonably required by A & C Systems to assist it in complying with its obligations under data protection legislation, including but not limited to the obligation to respond to any request for information in relation to the processing of personal data that might be
made by the individual concerned. The User shall use its best efforts not to involve A & C Systems in resolving any issues concerning the User’s or A & C Systems’ compliance with data protection legislation and the User shall attempt to resolve such issues directly with the affected person without A & C Systems. The user will do nothing and refrain from any action that might jeopardise A & C Systems’ compliance with data protection legislation.
The user will comply with any commercially reasonable request from a third party (data subject, data controller, data protection authority, etc.) or, as the case may be, A & C Systems to facilitate the correction, amendment, blocking or deletion of personal data in accordance with data protection legislation, to the extent the user is legally entitled to do so. The User will use its best efforts to ensure that A & C Systems is not affected by such request and by its follow-up.
To the extent permitted by applicable data protection law, a third party (data subject, data controller, data protection authority, etc.) or, as the case may be, A & C Systems will immediately notify the user if it receives a request from a data subject to access, or to rectify, modify or delete his personal data. The user undertakes to respond to legitimate requests from data subjects or data protection authorities or the data controllers or other third parties authorised to process personal data in performance of the contract with A & C Systems, including requests from data subjects regarding the
exercise their rights under applicable data protection law, by using its best efforts to prevent A & C Systems from being involved in any way by such request, or failing that by limiting as much as possible A & C Systems’ involvement in the handling of such request. If such a request is sent directly to the User, the User shall respond to such request directly without involving A & C Systems, but in accordance with any applicable guidelines of which the User was aware. In any case the user acknowledges and agrees that A & C Systems is not obliged
to intervene in the situations referred to in ” Rights of affected persons”. In these situations, A & C Systems’ intervention will always be as limited as possible and the user will have to use his best efforts to limit A & C Systems’ involvement as much as possible.
Retention of personal data
A & C Systems retains personal data for the duration of the agreement with the user, in accordance with the applicable legal requirements, and only as long as necessary for the purposes described in these regulations or as long as
required by law or for initiating or defending against possible legal remedies.
Rights in relation to personal data
To the extent required by applicable law, data subjects have the right to:
To have access to their personal data;
the right to obtain the deletion or the correction of inaccurate data;
The right to oppose the processing of their personal data;
The right to restrict the use of their personal data by A & C Systems;
the right to receive and transfer their personal data to a third party in a usable electronic format (right to “data portability”); and
the right to lodge a complaint with the local data protection authority.
If you have any questions about these regulations or the exercise of the aforementioned rights, please contact the data controller (e-mail: firstname.lastname@example.org).