2. What personal data are processed?
You do not need to provide us with any personal data to use most of our Website.
When you use the Website and/or Services, we process the following categories of personal data relating to you:
For marketing purposes:
- last name, first name
- contact details (such as e-mail)
- job title
For job applications:
- address and other contact details (such as telephone number) and personal data that applicants upload in their CVs through the Website
In principle, we obtain the above-mentioned personal data directly from you. We do not send any personal information that you provide through the Website to social media providers unless you have consented to this.
3. Why do we process your personal data?
Cheops collects the aforementioned information to get a clear picture of your needs and to offer you a better service, and more specifically for the following purposes:
- To provide you with information on products and Services that you request in a personalised and efficient way, or to respond to your (online) enquiries about our products or Services, whether through the Website, e-mail, telephone or social media channels.
- To be able to provide you with the Services and/or deliver products.
- To improve our products and Services.
- To investigate complaints about our products and Services or about our Website.
- To consider your job application if you apply for a vacancy.
- For direct marketing purposes, i.e. to provide you with targeted communications, promotions, offers and other advertisements from us or our selected partners. We will ask for your prior consent for this use.
- To perform statistical analyses to improve our Website and/or Services, or to develop new products or Services.
- To provide to a financial institution or payment service provider, to enable your financial institution and the payment service provider to comply with their legal obligations.
- To transfer to the police or the judicial authorities as evidence of possible crimes or if there are justified suspicions of an unlawful act or crime committed by you through your registration with or use of the Website or the Services.
- To meet legal and regulatory obligations as well as obligations and requirements relating to compliance.
- In the context of a possible merger with, acquisition of/by or demerger by a third party, even if this third party is located outside the EEA (European Economic Area).
- If and when your registration on the Website or use of the Website or Services can be considered (a) a breach of the terms and conditions or the intellectual property rights or any other right of a third party, (b) a threat to the security or integrity of the Services, (c) a danger to the Website or Services or systems belonging to us or our subcontractors as a result of viruses, Trojan horses, spyware, malware, or any other form of malicious code, or (d) being in any manner whatsoever illegal or unlawful, discriminatory or offensive, we may process your data in the interests of ourselves, our partners or third parties.
4. Who we share data with
We do not send your personal data to third parties in an identifiable manner if this is not necessary to provide the Services, unless you have given your explicit consent to do so.
We may engage external processors to provide you with the Website and/or Services, based on our legitimate interests. We ensure that third-party processors may only process your personal data on our behalf, and on our written instructions, and only when this is strictly necessary to carry out their activities. We guarantee that all external processors are selected with due care in order to ensure the security and integrity of your personal data, and that they do not use your personal data for any other purposes.
We may transfer anonymised and/or aggregated data to other organisations that may use these data to improve products and services, and to tailor the marketing, presentation and sale of products and services.
In the event that (part of) the activities of Cheops are sold or merged with another company, your data will be disclosed to the adviser of any potential buyer and transferred to the new owners of the company. In this case, we will take appropriate measures to ensure the integrity and confidentiality of your personal data.
5. Where we process data
We and our external processors will only process your identifiable personal data in the EEA.
We may transfer your anonymised and/or aggregated data to organisations outside the EEA. If such a transfer takes place, we will ensure that appropriate safeguards are in place to guarantee the security and integrity of your personal data, and that all rights with respect to personal data that you may have under applicable mandatory laws are guaranteed.
If there is a transfer of your personal data and/or anonymised and/or aggregated data, the following legal protection mechanism will be implemented:
|Country outside EEA||Legal transfer mechanism|
|HubSpot||USA||SCC model contract|
|USA||SCC model contract|
|USA||SCC model contract|
|USA||SCC model contract|
|Greenhouse||USA||SCC model contract|
|OneTrust||USA||SCC model contract|
6. How we process data
We will take appropriate technical and organisational measures to keep your personal data secure from unauthorised access or theft and from accidental loss, alteration or destruction. Access by our personnel or the personnel of our external processors is only possible on a need-to-know basis and subject to strict confidentiality obligations. However, you should be aware that the care for safety and security are only best-effort obligations, which can never be guaranteed.
7. How long do we keep your data?
The retention periods vary depending on the nature of the service provided. We keep your data for the longest of the following periods:
- as long as is necessary for the purposes for which they are collected and processed.
- as long as is necessary to comply with our legal, contractual and statutory obligations and to fulfil our commercial operational activities.
8. Your Rights
You have the right to request access to all the personal data that we process about you. However, requests for access that are clearly submitted with a view to causing nuisance or harm to us will not be dealt with.
You have the right to request that any personal data about you that is incorrect or inaccurate be corrected free of charge. If such a request is submitted, you must also enclose with this request proof that the personal data for which correction is requested are incorrect.
You have the right to withdraw your previously given consent to the processing of your personal data. You can withdraw your consent at any time by sending an e-mail to firstname.lastname@example.org or by deleting your profile (if applicable).
Instead of requesting deletion, you may request that we restrict the processing of your personal data if (a) you dispute the accuracy of the data, (b) the processing is unlawful, or (c) the data are no longer necessary for the stated purposes, but you need them to defend yourself in legal proceedings.
You have the right to object to the processing of personal data if you can demonstrate that there are serious and legitimate reasons relating to special circumstances that warrant such an objection. However, if the intended processing qualifies as direct marketing, you have the right to object to such processing free of charge and without justification.
If your personal data are processed on the basis of consent or on the basis of a contract and the processing is carried out by automated means, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and, if technically possible, you have the right to transfer such data directly to another service provider. The technical feasibility of this will be assessed exclusively by us.
If you wish to submit a request to exercise one or more of the above-mentioned rights, please send an e-mail to email@example.com. This request must clearly state which right you wish to exercise and why. It must also be dated and signed, and be accompanied by a digitally scanned copy of your valid identity card showing your identity. We will immediately inform you of the receipt of such a request. If the request appears to be well-founded, we will comply with the request as soon as reasonably possible and no later than thirty (30) days after receipt of the request.
If you have a complaint about the processing of your personal data by us, you can always contact our Data Protection Manager at the e-mail address firstname.lastname@example.org. If you remain dissatisfied with our answer, you are free to lodge a complaint with the competent Belgian Data Protection Authority. For more information, go to https://www.dataprotectionauthority.be/
Cheops makes every effort to ensure the security of your data. We have implemented reasonable technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or unauthorised access to the data transmitted, stored or otherwise processed. However, please note that the internet is an open system and we cannot guarantee that it will be impossible for unauthorised third parties to circumvent these measures or use your personal data for improper purposes.
This Website may contain links to third-party websites. Cheops is not responsible for the content of these websites, nor is it responsible for the privacy standards and practices of these third parties. Please ensure that you read and understand the relevant privacy policies of these third parties and their websites before you accept their cookies and visit their website to ensure that your personal data are adequately protected.
10. Changes to this policy
Cheops may amend and update this policy from time to time to ensure that the policy describes how we process your personal data at any given time. The updated version of this policy will be posted on the same web page and will take effect immediately upon publication. Please return to this web page regularly to ensure that you are always aware of what information we collect and process, how and under what circumstances your data are used and in which cases we share your data with third parties.
Version 04 March 2021