General Data Protection Regulation (GDPR)
This processing policy concerns the processing of personal data on users of and visitors to the Belnet website. Although most information on this site is available without the need to provide personal data, in specific cases the user is asked for personal details. The processing of personal data must be transparent and secure in conformity with the General Data Protection Regulation. This processing policy contains the information required by the General Data Protection Regulation.
Your personal data are processed by Belnet as controller. Belnet is a public department under separate management, founded within the Belgian Federal Science Policy Office and established at WTC III, Simon Bolivarlaan 30, 1000 Brussels, Belgium, tel. 02/790.33.33, fax 02/790.33.34.
Data Protection Officer
The data protection officer at Belnet is the contact person for all questions relating to the processing of personal data in general and this processing policy in particular. The data protection officer can be contacted at firstname.lastname@example.org or via this form.
Processing Purposes and Legal Basis for Processing
(i) Registration on the website and/or newsletter subscription
When you register on the website and/or subscribe to our newsletter, we ask you to enter some personal details (forename, surname and business email address). These personal data are used for the management of the site and the service for which you are registered. In accordance with the General Data Protection Regulation, the legal basis for processing is your permission.
(ii) Registration for an event
When you register on the event website, we also ask you to provide some personal data (forename, surname, business email address, position and work telephone number). These personal data will only be used for the management of the site and the offered and requested service. In addition, only your forename and surname will be passed on to the persons temporarily responsible for the registration and reception of those attending the event concerned. In accordance with the General Data Protection Regulation, the legal basis for processing is your permission.
(iii) Visits to the site
Your IP address is processed when you visit the website. In accordance with the General Data Protection Regulation, the legal basis for processing is the legitimate interest of Belnet.
(iv) Submitting a candidature
If you want to apply for a vacancy at Belnet or stay up-to-date on the vacancies that Belnet issues, we ask you to submit some personal data (name, position, email address, gender, diploma, etc.) and to attach your CV. This personal data is entered into our database and will only be used to inform you about the developments of your application or to inform you of the vacancies that correspond with your profile. If there is conformity, Belnet will send you an email for information purposes when the position is published on the Selor website. In accordance with the General Data Protection Regulation, the legal basis for processing your data rests on your permission.
Categories of Personal Data
- business postal address
- business email address
- work telephone number
- IP address
- Gender (only when submitting a candidature)
- Diploma (only when submitting a candidature)
- CV (only when submitting a candidature)
Recipients of Personal Data
Belnet limits access to personal data by employees, sub processors and recipients of personal data to the minimum required. Belnet only provides access to employees for whom access to personal data is required. Belnet uses other suppliers to provide the agreed services. When required for the execution of the agreement, personal data can be passed to these suppliers, only for the above-mentioned processing purposes.
Period of Saving
Belnet binds itself not to save the collected and processed personal data for longer than legally and contractually established and agreed.
The personal data of the candidates, including their CV, are kept for maximum one year, barring renewed explicit permission from the candidate.
Rights of the Data Subject and Exercising those Rights
(i) Rights of the data subject
The data subject has the right to send a request to Belnet to view, change or erase personal data or to restrict their processing. The data subject also has the right to object to processing and the right to transfer the data.
(ii) Exercising of rights by the data subject
Data subjects can exercise the above rights via email sent to email@example.com.
In accordance with the stipulations in the regulation, Belnet will act upon this request no later than within on month of receipt of the request. The period can be extended by two months if required, depending on the complexity of the request and the number of requests.
Withdrawal of Permission
After the data subject has given permission for the processing of his or her personal data for one or more processing purposes, the data subject can withdraw his or her permission at any time. Withdrawal does not prejudice the legality of processing based on the permission before its withdrawal.
Submission of a Complaint by the Data Subject
To submit a complaint, the data subject can send an application to:
No Automated Individual Decision-Making
No automated individual decision-making takes place in the processing of the personal data by Belnet.
Technical and Organizational Measures
Belnet binds itself to take appropriate technical and organizational measures regarding the collection and processing of personal data, in accordance with the principles of the General Data Protection Regulation, to guarantee a security level commensurate with the risk.
In the assessment of the appropriate security level with regard to the processing of personal data, account is taken of the processing risks, such as the consequences of the destruction, loss, changing of or unlawful access to sent and saved processed personal data, that may either accidentally or wrongfully take place.
Changes to the Processing Policy for Personal Data
Belnet reserves the right to adapt or change this processing policy for personal data, if required, in accordance with the General Data Protection Regulation. The amended version will come into force 15 days after its promulgation.