Data protection policy
1. Introduction
For the performance of its activities, De Jaeger Automation processes various data, both commercial data and personal data. This policy concerns the processing of personal data by De Jaeger Automation. The personal data of different categories of identifiable persons such as employees, clients and suppliers, users of the website, subscribers and other stakeholders are processed.
De Jaeger Automation understands the importance of the protection of personal data and the concerns of its employees, clients and clients’ contact persons, suppliers and suppliers’ contact persons and other persons with whom it has contact regarding the processing of their personal data. De Jaeger Automation always carefully considers the protection of personal data during the different personal data processing operations.
Different persons within the organisation may have access to the personal data of its employees (the term employees shall include: managers and everyone who works for De Jaeger Automation, including independent service providers and consultants, temporary workers such as agency workers, interns, student workers, volunteers, ex-employees) and other individuals (clients and suppliers) during the performance of their role. Each of these persons within De Jaeger Automation is bound by this policy on the protection of personal data.
The applicable data protection legislation imposes obligations on De Jaeger Automation regarding the way in which it must process data. In addition, the legislation provides for rights for the persons whose data is processed, so that they have more control over their own personal data.
This policy gives an overview of the general obligations under data protection legislation which the company and its employees must comply with. Compliance with this policy is important for the following reasons:
- Compliance with data protection legislation is a legal obligation and failure comply with these duties can lead to liability, sanctions and fines;
- Compliance with data protection legislation leads to more satisfactory and efficient processing of personal data;
- Compliance with data protection legislation is the basis for a relationship of trust between De Jaeger Automation and its business relations, consumers and its employees.
2. Scope
This policy is applicable to De Jaeger Automation which processes personal data and contains the guidelines which each personal data processing operation must comply with. This processing occurs either fully or partly via automated processes which are part of a structured filing system or will form part of a structured filing system.
3. Data Protection Officer
The group of companies has appointed a Data Protection Officer who was selected based on his or her professional qualities, and in particular, his or her expertise in the field of data protection legislation. The Data Protection Officer is independent in the performance of his or her tasks with respect to the protection of personal data. This means that he or she is not bound by instructions from managers in the performance of his or her tasks. The Data Protection Officer will, in addition to advising the company, also supervise the company’s compliance with data protection legislation, this policy and any other related policies.
The DPO is supported by responsible persons in the local office of the group of companies in order to implement the local data protection applications. The local responsible person can be contacted via e-mail gdpr@dja.be
In order to exercise your rights, please refer to Article 8 of this policy.
4. Definitions
The applicable data protection legislation uses specific language and refers to an abstract matter. Below you will find several definitions in order to enable you to better understand the terminology, and by extension, this policy.
Data protection legislation
Various legislation can apply, depending on the concrete application in which personal data are processed. The basic principles and obligations are indicated in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. This regulation is also known as the General Data Protection Regulation (GDPR). Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector is applicable in specific cases (e.g. processing of location data; use of cookies).
As well as the European regulations, specific national data protection legislation also applies, such as the Law of 8 December 1992 on the protection of privacy with regard to the processing of personal data and the Law of 13 June 2005 on electronic communications.
Personal data
Personal data concern all information about an identified or identifiable natural person, also known as the data subject. A person is considered as identifiable when a natural person can be directly or indirectly identified, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more elements that are characteristic of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
Controller
The controller is a natural person or legal person (for example a company), a public authority, agency or other body which, alone or jointly with others, determines the purposes and means for the processing of personal data.
For example, De Jaeger Automation is a legal person which is the controller that processes the personal data of its employees in the context of its personnel management.
Processor
The processor is a natural person or legal person, a public authority, agency or other body that processes personal data on behalf of and only on instructions from the controller.
Processing personal data
Processing personal data means any operation or set of operations which is performed upon personal data or a set of personal data, whether or not by automatic means (e.g. software), such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
An example of processing personal data is when the organisation collects and saves the contact details of its clients’ contact persons in the organisation’s Client Relationship Management software system or in a paper filing system.
Filing system
A filing system means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
This implies both electronic structured filing systems by means of the use of software or cloud applications, and paper files and filing systems, provided that these filing systems are organised and structured in a logical way by connecting them to individuals or which are connected to individuals on the basis of criteria.
5. Principles applicable when collecting and processing personal data
As well as the use of specific language, data protection legislation has several basic principles which every controller must comply with in order to be in accordance with this legislation. In the event of doubt regarding the application of these principles in a concrete case, you can always contact the Data Protection Officer for further explanations, and according to the procedure described in Article 8.
Data protection legislation provides that personal data must be processed in agreement with the various basic principles and the conditions that result from them.
Lawfulness
Data protection legislation provides that personal data must be processed fairly and lawfully with respect to the data subject.
In order to process personal data lawfully, a legal basis must exist. In principle, personal data can only be processed when:
- The data subject has given his or her consent. The organisation shall inform the person concerned at the latest before the data is collected about the purpose for which consent is required, which personal data will be collected for the processing, the right to revoke consent, the possible consequences for the data subject in the context of automated individual decision-making and profiling, and transfer to third countries.
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary for compliance with a legal obligation which is imposed upon the organisation;
- Processing is necessary in order to protect the vital interests of the data subject or another natural person;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the organisation, which acts as the controller;
- Processing is necessary for the purposes of the legitimate interests pursued by the organisation as a controller or the interests of a third party, except where the fundamental rights and freedoms of the data subject regarding the protection of his or her personal data override these interests.
If you have given your consent for a specific processing purpose to the organisation in order to process your data for that purpose, you can withdraw this consent at any time. The organisation will then stop any further processing of your data for which you gave consent and will inform you of the possible consequences of your withdrawal of consent. If the organisation processes your personal data for other purposes and in order to do so it refers to other legal bases, it will still be able to process your personal data.
The organisation ensures that it always refers to at least one of the above-mentioned legal bases when it processes personal data. If you have questions about the applicable legal basis that the organisation is referring to, you can always contact the person in charge of data protection in accordance with the procedure provided in Article 8.
Some categories of personal data are of a sensitive nature and data protection legislation also has a stricter regime for these special categories of personal data (also known as ‘sensitive personal data’). These are data concerning race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership and processing of genetic data, biometric data for the unique identification of a person, or data about health, sexual behaviour or sexual orientation. Data relating to criminal offences or convictions also form a special category.
In principle it is forbidden to process these sensitive personal data, unless the organisation can refer to one of the exceptions. In a specific limited number of cases, the organisation must process sensitive personal data. In these cases, the data subject will be informed in advance. For these specific purposes, the organisation will provide the person concerned with detailed information in advance about the specific purposes and the legal basis of the processing. For more information about the processing of sensitive personal data by the organisation, you can always contact the person in charge of data protection according to the procedure described in Article 8 of this policy.
Fairness
The organisation ensures that personal data shall be processed:
- For specific, explicit and legitimate purposes and may not be processed further in a way incompatible with the initial purposes for which the data were collected. The organisation shall always clearly communicate the purposes before starting the processing.
- This processing shall be limited to what is necessary for the purposes for which the data were collected. If possible, the organisation will anonymise the data or use pseudonyms in order to limit the impact for the data subject as much as possible. This means that the name or identifier will be replaced so that it is difficult or even impossible to identify an individual.
- Limited in time and only as necessary for the specific purpose.
- Accurately, and the data shall be updated where necessary. The organisation shall take all reasonable measures to erase or update the personal data, taking into account the purposes for which they are processed.
Transparency
The organisation processes personal data which, in principle, it has received directly from the data subject. The organisation which processes the data subject’s personal data shall always inform data subjects about the following matters:
- identity and contact details of the controller
- if a data protection officer is appointed, his or her contact details
- processing purposes and legal basis
- if the personal data processing is supported by a legitimate interest, an explanation of this interest
- categories of receivers of the personal data
- transfer of personal data to third countries (outside the EU) or international organisations (+ on what basis)
- Time limit for the storage of personal data or the criteria used to determine the time limit
- Data subject’s rights (including the right to revoke consent)
- The right to lodge a complaint with the supervisory authority
- Explanation when the transmission of personal data is a contractual or legal obligation
- The logic behind automated decision-making processes and the possible legal consequences for the data subject
- If the organisation receives personal data from a third party, it shall clearly inform the data subject about the categories of personal data which it received from this third party and will also make this third party known to the data subject.
When the data subject already has all the information, the organisation will not inform the data subject unnecessarily about the processing of his or her personal data.
If the organisation processes personal data for other purposes which are incompatible with the initial purposes for which the data were initially collected (the new purpose does not appear to be described in the initial information note and the data subject cannot assume that his/her personal data will also be processed for this new purpose), the organisation shall take all the necessary measures to process these personal data lawfully, and shall inform the data subject about this.
The organisation can disclose the information both on a collective and individual basis and shall continue to ensure that it is drafted in plain, intelligible language.
Specific legislation may contain exceptions or set additional requirements which the organisation must comply with, with respect to the provision of information to data subjects. These mandatory legal provisions take precedence over this policy.
Confidentiality and integrity
The company takes the required technical and organisational measures to ensure that the processing of personal data always takes place with the appropriate guarantees, so that the data are protected against accidental loss and against unlawful processing, destruction or damage. The organisation has, when choosing the proper security measures, considered the nature, context, purpose and scope of the processing, the possible risks when processing the personal data, the costs for the implementation of the measures and the state of the art.
These measures are applicable to the physical access to personal data, access to the personal data via computers, servers, networks or other IT hardware and software applications and databases. In addition to the technical and organisational measures, the organisation’s employees who have access to personal data during the performance of their duties, are bound by different obligations in order to guarantee the confidentiality and integrity of personal data, as summarised in Article 9 of this policy.
The organisation will organise training courses for the employees who will process personal data on the instructions of the organisation when carrying out their duties. The employees may only process the personal data at the organisation’s instruction or if the law requires them to do so. The organisation shall also implement access rights, so that the employees only have access to the data they need when performing their duties. The employees who have access to personal data shall sign a confidentiality agreement.
The organisation shall ensure that the third parties that receive personal data from the organisation will comply with the applicable data protection legislation and this policy.
6. Transfer of personal data
In some cases, the organisation may be obliged to transfer your personal data to third party receivers. In any event, these personal data are only transferred on a need-to-know basis to these receivers who carry out the processing for specific purposes. The organisation shall always observe the necessary security measures when transferring the data and with respect to the receivers, in order to guarantee the confidentiality and integrity of the personal data.
The transfer to third parties can take several forms, as described below.
Transfer within the organisation’s group of companies
The transfer of personal data within the organisation’s group of companies is considered as a transfer to a third party. Consequently, this transfer may only occur when the organisation has complied with the different principles and obligations of the data protection legislation. This means, among other things, that the data subject must be informed about the transfer and the reason for this transfer and that the transferring organisation can rely on a legal basis (consent from the data subject, performance of an agreement, legitimate interest, etc.) for this transfer. The organisation must also comply with the other principles as summarised in Article 5 of this policy for this additional processing.
Transfer to processors
The organisation can ask a third party, a processor, to process personal data, on behalf of and only on instructions from the organisation. The processor may not process these personal data for its own purposes which are independent of the purposes for which the organisation uses the processor.
The organisation can opt to work with these processors which deliver services at the organisation’s request, for travel agencies, rental services, medical and other professional consultancy services, etc.
The organisation shall only use processors and provide them with personal data when processor agreements which meet the legal requirements are concluded with the processors. The GDPR provides, among other things, that the agreement must contain a clause which indicates that the processor may only process the personal data at the organisation’s instruction; that the processor must provide the organisation with assistance when it requests it; that personal data must remain confidential, etc.
Part of this processor agreement also concerns the security measures which the processor must implement before processing the personal data and must have throughout the entire duration of the processing in order to ensure the confidentiality and integrity of the data.
The organisation shall take the necessary measures if it establishes that its processors do not comply with the obligations in the agreement.
A standard processor agreement is available from the Data Protection Officer
Transfer to third countries – outside the European Economic Area
It is also possible for the organisation to transfer your personal data to parties that are based in third countries, these are countries outside the European Economic Area (i.e. The European Union, Norway, Iceland and Liechtenstein).
Such a transfer is possible if the country where the receiver is based offers sufficient legal guarantees to protect your personal data and which the European Commission has assessed as being adequate. In other cases, the organisation has concluded a standard contract with the receiver so that equivalent or similar protection to that offered in Europe is offered.
For cases in which this did not or cannot happen, the organisation can always pass on the data subject’s personal data if it obtains consent from the data subject, within the limits of the relationship which the data subject has with the organisation. In order to ensure transfer and thus processing is possible in these cases too, where appropriate, the organisation shall thus ask the data subject whether he/she agrees to this occasional transfer to third countries.
If more information or a copy of the guarantees for these international transfers are desired, the procedure as described under Article 8 can always be followed.
7. Time limit for the storage of personal data
The organisation shall not store personal data any longer than necessary for the specific purpose for which the data were collected. After the final time limit has passed, the organisation shall delete or anonymise the personal data. The organisation shall anonymise the data if it still wishes to use them for statistics. The organisation may store the personal data for a longer period for its dispute management, research or archiving purposes.
8. Rights of individual data subjects
Data protection legislation provides for different rights for data subjects with respect to the processing of personal data so that the data subject can still exercise sufficient control over the processing of his or her personal data.
The organisation tries, via current policy, to already provide as much information as possible to the data subjects in order to be as transparent as possible with respect to the processing of personal data. This general policy must be read together with more specific information notes which give more explanations about the organisation’s specific processing purposes.
The organisation understands that the data subject may still have questions or desire additional clarifications with respect to the processing of his or her personal data. The organisation thus understands the importance of the rights and shall therefore comply with these rights, considering the legal limitations in the exercising of these rights. The different rights are described in detail below.
Right of access/inspection
The data subject has the right to obtain confirmation from the organisation of whether or not his or her personal data are being processed. If his or her data are being processed, the data subject may request the right to consult his or her personal data.
The organisation shall inform the data subject about the following matters:
- the processing purposes;
- the categories of personal data concerned;
- the receivers or categories of receivers to which the personal data are supplied;
- transfer to receivers in third countries or international organisations;
- if possible, the period during which it is expected that the personal data will be saved, or if this is not possible, the criteria used to determine this period;
- that the data subject has the right to ask the organisation to correct or erase personal data, or to limit the processing of his or her personal data, as well as the right to object to this processing;
- that the data subject has the right to lodge a complaint with a supervisory authority;
- if the personal data are not collected from the data subject, all available information about the source of the data;
- the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
The organisation shall also supply a copy of the personal data that are being processed. For any further copies requested by the data subject, the controller may charge a reasonable fee.
Right to rectification
When the data subject establishes that the organisation has incorrect or incomplete data about him/her, the data subject always has the right to inform the organisation of this fact so that appropriate action can be taken to rectify or supplement these data. It is the data subject’s responsibility to provide correct personal data to the organisation.
Right to be forgotten
The data subject can ask to have his or her personal data erased if the processing is not in accordance with data protection legislation and within the limits of the law (Article 17 GDPR).
Right to restriction of processing
The data subject may ask to have the processing restricted if:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to check their accuracy;
- the processing is unlawful and the data subject opposes the erasure of the data;
- the organisation no longer needs the data, but the data subject requests that they not be removed, given that he or she needs them for the exercise or defence of legal claims;
- he or she has objected to processing, pending the verification whether the legitimate grounds of the controller override those of the data subject.
Right to data portability
The data subject has the right to obtain his or her personal data which he or she provided to the organisation in a structured, commonly-used and machine-readable format. The data subject has the right to have those personal data transmitted to another controller (directly by the organisation). This is possible if the data subject has consented to the processing and if the processing is carried out via an automated process.
Right to object
When personal data are processed for direct marketing purposes (including profiling), the data subject can always object to this processing.
The data subject can also object to processing due to a specific situation regarding the data subject. The organisation shall stop processing the personal data unless the organisation demonstrates compelling legitimate grounds for the processing which override the interests of the data subject or for the exercise or defence of legal claims.
Automated individual decision-making
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her such as evaluating personal aspects with respect to the performance of work, reliability, creditworthiness, etc.
This right not to be subjected to such automated decision-making does not exist when the decision is permitted by a mandatory legal provision.
Nor may the data subject invoke this right when the decision is necessary for entering into, or the performance of, a contract between the data subject and the organisation or is based on the data subject’s explicit consent. In these last two cases, the data subject does have the right to obtain human intervention from someone at the organisation and he or she has the right to make his or her point of view known and to challenge the automated decision process.
The right to withdraw consent
If you have given your consent for a specific processing purpose to the organisation in order to process your data, you can withdraw this consent at any time by sending an e-mail.
Procedure for exercising rights and other provisions
The data subject may exercise his or her rights by sending an e-mail to the Data Protection Officer gdpr@dja.be . The organisation can ask the data subject to identify himself /herself in order to ensure that it is indeed the data subject requesting to exercise his or her rights.
If you have any questions about the application of the principles or the organisation’s (legal) obligations, you can always contact the Data Protection Officer gdpr@dja.be
In principle the organisation shall respond to the data subject’s request within one month. If not, the organisation shall inform the data subject why the request received no response or why it did not receive a response in good time. The organisation shall take the necessary measures to inform the receivers of the data subject’s personal data about exercising the right to correction, right to erasure or the limitation of processing by the data subject.
9. Employees’ responsibilities
The organisation expects its employees to comply with this policy and it ensures that the persons it is responsible for comply with this policy.
It is crucially important that the employees understand the aims of this policy and familiarise themselves with it so that they can comply with the provisions contained in this policy. The employees must therefore:
- process the personal data of fellow employees, clients, etc. in a regular and proper way in accordance with the applicable legislation, the employer’s instructions and the company’s privacy policy, and where personal data are processed confidentially and considering their integrity;
- Ask advice from their manager, the DPO if they have doubts about the application of this policy or compliance with data protection legislation when performing their duties;
- Only process personal data when this is required for the performance of duties / on instructions from the organisation;
- Follow training courses about the confidential processing of personal data and the general principles and obligations which result from data protection legislation;
- Provide assistance to the DPO;
- Not save any copies of personal data on their desktop or personal portable storage if the organisation has centralised and secure storage, given that saving your own files or copies can lead to incorrect personal data and higher risks of breaches.
- Immediately inform the DPO if he or she establishes a potential or actual breach of personal data or personal data legislation.
10. Compliance
All entities that are part of the organisation’s group of companies shall guarantee that this policy is complied with. Each person who has access to personal data processed by the organisation must comply with this policy. Non-compliance with this policy can lead to disciplinary measures/sanctions such as a warning, dismissal or any other sanction permitted by law, without prejudice to the right to initiate civil or criminal proceedings.
11. Audit and review
The organisation reserves the right to adjust and review this policy when it deems necessary and to remain coherent with the legal obligations and/or recommendations of the competent supervisory authority for data protection.
The organisation shall inform the Data Protection Officer when it is impossible for it to comply with this policy due to mandatory legal provisions which are imposed upon the organisation.
12. Entry into force
This policy applies as of the start of the GDPR on 25the of May 2018.
13. Technical and organisational security measures
- Monthly check of the suitability of the processing systems and services
- Back-up system
- Access control (physical and logical)
- Password policy
- User ID policy
- Logging system
- Antivirus
- Firewall
- Network security
- Surveillance, research and maintenance of the systems
Processing personal data
Use for customer management and direct marketing
Your personal data are processed by De Jaeger Automation for customer management on the basis of the contractual relationship as a result of your order / purchase and for direct marketing (to offer your new products or services) based on our legitimate interest to undertake. If you do not want us to process your data with a view to direct marketing, it is sufficient to inform us at gdpr@dja.be.
Through this address you can always ask which data we process about you and if necessary have them corrected or erased. It is possible that we ask you to prove your identity so that we deliver the data to the right person. If you have questions about the way we process your data, you can contact gdpr@dja.be . If you do not agree with the way in which we process your data, you can contact the Data Protection Authority (Drukpersstraat 35, 1000 Brussels). You can find our policy on data processing at www.dja.be/gdpr.
Use for supplier management
Your personal data will be processed by De Jaeger Automation for supplier management and accounting processing on the basis of the contractual relationship as a result of the products or services you provide us. You can always ask us, via a request on gdpr@dja.be, what data we process about you and if necessary have them corrected or erased. It is possible that we ask you to prove your identity so that we deliver the data to the right person. If you have questions about the way we process your data, you can contact gdpr@dja.be. If you do not agree with the way in which we process your data, you can always contact the Data Protection Authority (Drukpersstraat 35, 1000 Brussels). You can find our policy on www.dja.be/gdpr .
Website and Cookies
Privacy Policy concerning the use of the website and the use of cookies
De Jaeger Automation understands the importance of the privacy of its customers and the protection of their personal data. Present policy outlines the handling and processing of the personal data we collect.
1. Scope
This website is operated by De Jaeger Automation. It is important for us that we create and maintain an environment where our customers feel comfortable that their information will not be misused.
We comply with the applicable data protection laws, such as the General Data Protection Regulation 2016/679 and national data protection laws. These data protection laws relate to the protection of your personal data and grants you rights in respect of your personal data.
This policy aims to tell you which personal data we collect from you and how your data will be used following the use of our website to try to ensure you the proper handling of your data.
2. What personal data is collected
You do not have to provide your personal data to us in order to use most of our website.
For the purposes as mentioned hereafter, De Jaeger Automation may gather and process the following categories of personal data about you:
- Name, title, address;
- Contact details (e-mail, phone number);
- Company;
You may also choose to provide additional/optional information when completing forms on our website or that you give us when we have contact with you (by telephone, by e-mail or at trade fairs or events).
Furthermore, we may also collect and process information obtained through our websites or the devices you are using. This information can be :
- Information from cookies, web beacons or from the internet. This information will be gathered automatically and may be the website that you have visited before browsing our website or the website that you are visiting after ours. We may also collect information on which pages of our website you are visiting, your IP addresses, type of browser, access times, operating system. This information is aggregated and is not used to identify you. You can find out more about how we do that in the articles on the use of cookies;
- We may record any telephone calls for quality assurance and for training purposes;
- mails: these are stored on our server for further communication purposes, contact purposes and as backup
3. Why do we collect this information
De Jaeger Automation collects the abovementioned information to understand your needs and to provide you with a better service, and more specifically we collect your information for the following purposes:
- Your personal data will be used to respond to your (online) queries about our products or services, to provide you with information on our products, and to follow-up online offers;
- Provide the products and services you have ordered;
- Verify your identity and financial data for payment of our products and services;
- The information will be used to improve our products and services;
- Investigate complaints about the products or services or regarding our website;
- Meet legal, regulatory and compliance obligations and requirements;
- Analyse and monitor the use of accounts to prevent, investigate fraud, terrorism, misrepresentation, security incidents or crime and/or report this to the competent authorities;
- Sending promotional e-mails periodically about our products and services, about special offers or other information which we think that it might be interesting for you;
- Contacting you for market research purposes from time to time. We may contact you by e-mail or phone;
- Process your personal data for specific purposes as mentioned on specific forms as published on our website, on written notices or via e-mail;
4. How will your information be used and shared
De Jaeger Automation may share your personal data:
- with any third party you have asked us to share your personal data with
- government agencies, for legal purposes
- with the bookkeeper for accounting processing
- tax inspectors
- control government agencies: ISO, VAT, taxes,…
We can also share your personal data, based on our legitimate interest, to third party providers who help us with our products and services. Examples include hosting our web servers, analysing data, providing marketing assistance, and providing customer service. These companies will have access to your personal data but only when strictly necessary to perform their functions and they may not use that data for any other purpose.
Your personal data will not be sold or rented to third parties.
We may disclose your personal data to enforce our policies, to comply with our legal obligations or in the interests of security, public interest or law enforcement in any country where we have entities or affiliates. For example, we may respond to a request by a law enforcement agency or regulatory or governmental authority. We may also disclose data in connection with actual or proposed litigation, or to protect our property, security, people and other rights or interests.
In the event that the business of De Jaeger Automation is sold or integrated with another business, your details will be disclosed to any prospective purchaser’s adviser and will be transferred to the new owners of the business. In this case, we will implement the appropriate safeguards to ensure the integrity and confidentiality of your personal data. However, use of your personal information will remain subject to this Policy.
5. Transfer of your personal data
De Jaeger Automation does not transfer your personal data to third countries located outside the European Economic Area.
If you, as a company, are already located outside the European Economic Area (= EEA), we ask that you respect the GDPR as a customer. Since you are dealing with a company within the EEA, you must also comply with VO 2016/697.
6. How we use cookies
Some features of this website are designed to give you a better online experience on our website and will only work if we use cookies. We also use cookies to collect information about your online preferences. Cookies are text files which contain small pieces of information, sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. They will be stored on your computer, tablet or phone when you visit a website.
Cookies may contain identifying information. Cookies enable us to gain information about the use of its websites. This information may be analysed by third parties on our behalf.
a. We use the following categories of cookies on our website:
Strictly Necessary Cookies
These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services you have asked for such as remembering your login details cannot be provided.
Performance Cookies
These cookies collect anonymous information on how people use our Website. For example, we use extra watch and google analytics cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, shopping experience and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established.
Functionality Cookies
These cookies remember choices you make such as the country you visit our website from, language and search parameters such as size, colour or product line. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
Targeting cookies or advertising cookies
These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers. We do not use these cookies.
Social Media Cookies
These cookies allow you to share what you’ve been doing on the website on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies for how their cookies work. We do not use these cookies.
Google Analytics
We also use third party services such as Google Analytics to collect information about visitors to our websites. This information is aggregated to determine number of visits, average time spent, pages viewed, etc. We use this information to measure site usage, as well as to improve the content and value of our site.
b. Deletion of cookies and more information about cookies
Some cookies are deleted when you close down your browser (session cookies). Others remain on your device until they expire or you delete them from your cache (persistent cookies or tracking code) and enable us to remember things about you as a returning visitor.
If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. The help option on the toolbar of most browsers will also tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Please bear in mind that some personalized services may not be available if you choose to disable cookies.
Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
To find out more about cookies please visit: www.allaboutcookies.org or see www.youronlinechoices.eu which contains further information about behavioural advertising and online privacy.
c. Web beacons
Some of our Web pages may contain electronic images known as Web beacons (sometimes known as clear gifs) that allow us to count users who have visited these pages. Web beacons collect only limited information which includes a cookie number, time and date of a page view, and a description of the page on which the Web beacon resides. We may also carry web beacons placed by third party advertisers. These beacons do not carry any personally identifiable information and are only used to track the effectiveness of a particular campaign.
7. Rights of Data Subjects
You are entitled to see the information held about you and to obtain a copy of the information we hold. If your personal data have been changed, you are entitled to ask us to rectify or complete or erase the outdated, incorrect or incomplete data we have about you. Furthermore you have the right to restriction of the processing of your data and to object to the processing of your personal data. You have also the right to data to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
If you have opted to receive newsletters from us at the time you registered on the website, you may opt-out whenever you have changed your mind.
We may require you to provide verification of your identity to ensure that you have a legitimate right to make the request and to verify that we provide the answer to the person that has the legitimate right to send us one of the abovementioned requests and to obtain the information.
Please note that in certain circumstances as provided by law we may withhold access to your information or that we may not grant your request where we have the right to do so under applicable data protection legislation.
If you wish to obtain more information regarding the processing of your personal data or if you wish to exercise your rights, please contact us at gdpr@dja.be
You have the right to lodge a complaint with the competent supervisory (data protection) authority.
8. Security
De Jaeger Automation is committed to trying to make sure that your information is secure. We have implemented reasonable technical and organisational measures to secure your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. You should, however, remember that the internet is an open system and we cannot guarantee that unauthorised third parties will never be able to defeat those measures or use your personal data for improper purposes.
This website may contain links to third party websites. De Jaeger Automation is not responsible for the content of these websites and is not responsible for the privacy standards and practices of that third party. We recommend you to read and understand the relevant privacy policies of these third parties and their websites before you accept their cookies and visit their website to ensure yourself that your personal data is sufficiently protected.
9. Changes to this policy
De Jaeger Automation may amend and update this policy from time to time to ensure that the policy represents the way we process your personal data at that time. We will place an updated version of this policy on the same webpage and will automatically be effective when published. Please return to this webpage regularly to ensure that you are always aware of the information we collect and process, how your data is being used, in which circumstances, and in which cases we will share your data with third parties.
Last update: 03/05/2018