The purpose of this Personal Data Protection Charter is to inform you of how the Corman Group collects, processes and uses your personal data, in general, when you use its website or communicate data to it in any other way.
The term 'personal data' is used here to refer to any information relating to an identified or identifiable natural person ('data subject').
The term 'processing' means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, alignment or combination, restriction, erasure or destruction of data.
The processing of personal data is carried out in accordance with the obligations implemented by the General Data Protection Regulations (the GDPR) and all applicable national regulations relating to the protection of privacy and personal data.
We could summarise this charter in 6 points
The information contained in this Charter is provided to you so that you are aware of the commitments in terms of personal data protection made by Corman SA, located at rue de La Gileppe, 4, 4834 Limbourg - Belgium (hereinafter 'Corman' or 'We' or Us), acting as data controller for the processing of personal data described in the articles of this Charter.
The information Corman collects about you, if any, is :
Corman does not collect or process special categories of data unless We receive your express consent to do so or are obliged to do so.
Corman collects and uses your data for specific, explicit, legitimate purposes, and will not use this data for subsequent purposes that are not compatible with the original purposes.
We only carry out data processing if at least one of the following conditions is met:
Corman's treatments are carried out for the following purposes:
In general, Corman collects and uses the Personal Information that you provide or that We collect when you browse our Sites for advertising purposes, to provide you with our products and services, to contact you for advertising or marketing purposes (newsletter), to answer your questions about our products, to help you participate in our offers and promotions, and to analyze and improve the quality of our products or services.
Through some of our sites, you may also provide Us with information in order to apply for vacancies in Corman's workforce.
The processing of your Personal Data is strictly limited to that which is necessary to achieve the purposes mentioned above.
Access to and use of our websites are subject to the Legal Notice specified on the websites in question.
We do not keep your personal data longer than is necessary for the purposes for which it is kept. We use the purpose as one of the criteria to define the period for which data should be kept. Other criteria may be: our legal obligations to retain data or information, or the period during which We have a business relationship with you or during which We provide services to you.
Customer data is retained for the life of the contract and for a period of ten years in principle after the end of the contractual relationship.
Data relating to potential customers (prospects) are thus kept for a maximum of one year, depending on the life cycle of the project for which they were collected and when the person has expressed an interest.
Certain data is archived for longer periods in order to meet our legal obligations and for evidentiary purposes, in particular to safeguard your rights and the rights of our company. This archived data is only accessible for the purposes of proof in court, for control by an authorised authority (e.g. the tax authority), for reasons of document production before judicial, administrative or police authorities.
At the end of the defined retention period, We undertake to erase, destroy or anonymise the data in a secure manner.
Corman wants to be transparent. Not only about how We handle your data, but also about the rights you have over your data and how you can exercise them. In the following sections, We want to remind you of these rights.
Corman undertakes to respond to you without delay and no later than one month from receipt of your request concerning the rights described below. We consider the time of receipt to be when your request is complete, which includes receipt of proof of your identity or certainty from us regarding your identity. Where your application is complex or where You make numerous requests to Us, this one-month period may be extended by up to 2 months. We will inform you of such an extension as soon as possible.
How can you prove your identity?
You can prove your identity by any means, for example by sending a copy of your driving licence or passport. You can also send Us a copy of the back of your identity card. Because emails are not the most secure means of transmission, we advise you to hide your ID card number and photo and to clearly state that this copy is for Corman's exclusive use. Corman will destroy these copies after use.
As a matter of principle, you can exercise all your rights free of charge. However, with regard to the right of access, you may be asked to pay a reasonable fee based on administrative costs for any copy of the data you request.
The rights mentioned below are not absolute and are subject to different conditions under :
Finally, Corman would like to inform you that failure to provide or modify your data may have consequences in the processing of certain requests in the context of the execution of contractual relations and that your request for the exercise of your rights will be kept for follow-up purposes for 6 years regarding the exercise of the right to object and 1 year regarding the exercise of other rights.
You acknowledge that the present notice informs you as the purposes, applicable legal framework and interest of collection of your personal date, and as to the recipients or categories of recipients with whom your personal data are shared, as well as to the possibility of a data transfer towards a third country or international organisation.
In addition to this information and in order to ensure fair and transparent processing of your data, you dconfirm that you have received additional information concerning :
If We decide to process your data for another purpose than those initially indicated, we will provide you with full information on that other purpose.
By exercising this right, you may obtain confirmation that your personal data are or are not subject to processing and if they are so subject,, you may have access to them as well as to information concerning :
You may request that your personal data be rectified or completed, if they are inexact, incomplete, equivocal or out of date.
You may request restriction of the processing of your personal data in accordance with the applicable legal and regulatory provisions.
You have the right to object to processing of your personal data unless such processing is justified by compelling legitimate grounds on the part of the Data Controller.
If we contact you directly, this right may be exercised by any means including, in particular, clicking on the unsubscribe link at the bottom of the message sent.
You have the right to the portability of your personal data.
The right is applicable to the following data
The right is limited to processing based on your consent or on a contract and to personal data you have personally generated. It does not extend to derived or inferred data which are personal data created by the Data Controller.
You may request erasure of your personal data when one of the following reasons applies:
Exercise of this right is nevertheless not possible if the conservation of your personal data reflects a legal or regulatory requirement or is necessary for the establishment, exercise or defense of legal claims.
Where processing is based on your consent, you may withdraw your consent at any time, in which case we will no longer process your personal data but any earlier processing to which you agreed will not be affected.
You have the right to lodge a complaint with a supervisory authority without prejudice to your other rights of administrative or legal recourse.
In Belgium the supervisory authority is the Data Protection Authority, rue de la presse, 35, 1000 Brussels. You can also consult its website at https://www.autoriteprotectiondonnees.be/contact
You can exercise your rights
by e-mail at the following address: donnees.personnelles@corman.be
or
by post to the following address
SA Corman
Legal Department
Rue de la Gileppe, 4
4834 Limburg
Belgium
The personal data that We collect, as well as those collected subsequently, are intended for Us in our capacity as Data Controller.
We ensure that only authorised persons may have access to these data. Our sub-contractors / service providers may receive these data for performance of the services We confer on them.
Your personal data may be compared or shared between all the Data Controller’s parent or associated companies and subsidiaries.
They may be communicated to those entities for the purposes described in the present notice, in accordance with the applicable regulatory requirements and in such a manner as to ensure protection of your data and civil liberties.
Your personal data may be shared with third parties within the framework of certain services that We have set up, or for the sending of information concerning products and services.
We guarantee that these suppliers only have access to your data to the extent necessary to perform their tasks. We also guarantee that they are bound by an obligation of confidentiality and that they may only process data in accordance with the instructions We have given them.
Only authorised users have access to your personal data in order to fulfil the above-mentioned purposes. Authorised users are persons who, in the course of their duties at Corman, are authorised to process personal data on the basis of Corman's guidelines.
We take steps to ensure that persons who need to access your personal data can do so only for the purposes listed in this Charter.
In addition, all our processors contractually guarantee the confidentiality, security and integrity of your data.
We ensure that your personal data are protected by appropriate physical, technical, organisational and/or administrative security measures and procedures against accidental or unlawful loss, destruction, alteration, unauthorised use, disclosure or access.
In addition to the commitment of our employees to maintain the confidentiality of this data and the implementation of a rigorous selection and monitoring procedure for our service providers, we therefore ensure that our operating environment is adequately secured in proportion to the sensitivity of the personal data processed.
These measures are regularly evaluated and if necessary updated in order to guarantee maximum protection of the personal data processed by us.
In a world of constant technological change, We will regularly update this Charter.
We therefore invite you to read the latest version of this document on our sites and we will inform you of any substantial modifications through our site or through our usual means of communication.
This Personal Data Protection Charter is applicable as of 25 May 2018 and was last updated on 10 february 2022.