Our privacy policy

How your personal data is used

Thank you for visiting our website www.daltix.com. We welcome your interest in our company.

You can count on quality service from us. The protection of your privacy and personal data is of utmost importance. We make every effort to protect your privacy and to ensure that you can safely entrust us with your personal data. As such, we always handle personal data securely and discreetly. Furthermore, appropriate security measures have been taken to avoid loss, alteration, access by unauthorised persons and/or any other unlawful processing of your personal data.

We aim to be transparent regarding how we process your personal data and what we do with your personal data. This is clarified in more detail in this privacy policy.

Who are we?

DALTIX NV, with registered offices at 9000 Gent, Ottergemsesteenweg-Zuid 808/B160 (Belgium), registered with the Crossroads Bank of Enterprises under company number 0661.713.511 (hereinafter, “Daltix”, “we” or “us”). You can contact us via the following contact details:

Tel.: +32(0)32461233
E-mail: privacy@daltix.com

We process your personal data in accordance with the applicable legal provisions regarding privacy and the protection of personal data, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “GDPR”) and the appropriate national implementing legislation.

Some definitions

As far as this privacy policy is concerned, the term “personal data” refers to: all information about an identified or identifiable natural person (the ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular through an identifier, such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. In other words, all the information which can be used to identify a person. These elements include, for instance, your surname, first name, date of birth, telephone number and email address, as well as your IP address.

The term “processing” is very broad and covers, among other things, collecting, recording, organising, storing, updating, modifying, retrieving, consulting, using, disseminating, combining, archiving and deleting data.

Entity responsible for the processing of your personal data ("Controller").

Daltix is responsible for the processing of your personal data.

We are what the GDPR refers to as the “controller” of your personal data. In concrete terms, this means that Daltix, along with any others, determines the purpose and means for the processing of your personal data.

When do we collect your personal data?

We collect personal data, inter alia, when you:

  • visit our website;
  • fill out the contact form on our website;
  • request a Demo, download our White Paper or subscribe to our next Webinar;
  • subscribe to our newsletter;
  • wish to apply for a job opening through our website;
  • manage your request to exercise your rights;
  • defend and protect our rights.

We also use cookies, primarily to permanently optimise our website for its users. For more specific information about the cookies we use, you can consult our cookie policy.

We do not intend to collect any personal data from persons younger than 16 years old. These minors are not allowed to provide us with any personal data or a statement of consent without permission from the person who has parental authority.

What personal data do we process, why, and on what legal grounds?

In the table below you can read:

  • column 1: what categories of personal data we process;
  • column 2: why we do this (the ‘purposes’); and
  • column 3: on what legal grounds the processing is based.

All processing activity involving your personal data takes place for one or more specific purposes.

In addition, we only process your personal data on the basis of a legal ground. The applicable legal ground, which you can find in the column ‘legal grounds’, means the following:

  • ‘Consent’: you have given consent for the processing of personal data for one or more specific purposes;
  • ‘Legitimate interest’: the processing is necessary to protect our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

 

Categories of personal data

Purposes

Legal basis

 

Identification details (choice of language, IP address and IMEI code)

To allow you to access our website

Legitimate interests

Until the end of your visit to our website

Identification and contact details (surname, first name, email address, telephone number (optional)) and your question/message

To respond to your question/message transmitted to us via the contact form on our website

Consent

For as long as required to address your question / message and potentially 10 years thereafter in the event of a (legal) dispute

Identification and contact details (surname, first name, telephone number, email address), company name

To allow you to request a Demo, download our Whitepaper or subscribe to our next Webinar

Consent

2 years

Identification and contact details (surname, first name, email address, choice of language, IP address and IMEI code)

To keep you informed about our services

Consent

2 years

Identification and contact details (surname, first name, email address, telephone number), photo, resume, cover letter, language capabilities, Portuguese domicile and/or work permit

To process your job application through our website

Consent

For the duration of the job application procedure

Identification and contact details (surname, first name, address, email address, front side of your electronic identity card)

To manage your request to exercise your rights

Legitimate interest

10 years for request (in the event of a judicial procedure: until termination of judicial procedure)

Identification and contact details (surname, first name, address)

To defend and protect our rights

Legitimate interest

Applicable statute of limitations

 

Your privacy rights

To give you more control over the processing of your personal data, you have various rights at your disposal. These rights are laid down, inter alia, in articles 15-22 of the GDPR.

You have the following rights:

 

  • The right to access the personal data we process about you (art. 15 GDPR):

You have the right to be informed by us at any time whether or not we are processing your personal data. If we are processing them, you have the right to access these personal data and to receive additional information about:

  1. the purposes of the processing;
  2. the categories of personal data concerned;
  3. the recipients or categories of recipients (in particular, recipients in third countries);
  4. the retention period or, if that is not possible, the criteria for determining that period;
  5. the existence of your privacy rights;
  6. the right to lodge a complaint with the supervisory authority;
  7. the source of the personal data if we obtain personal data from a third party;
  8. whether we are using automated decision-making in respect of you.

If we cannot give you access to your personal data (e.g. due to legal obligations), we shall inform you as to why this is not possible.

You can also obtain a free copy, in an understandable format, of the processed personal data in an understandable format. Please note that we may charge a reasonable fee to cover our administrative costs for any additional copy you may request.

 

  • The ‘right to be forgotten’ (the right to request us to delete your personal data) (art. 17 GDPR):

In certain cases, you can request that we delete your personal data. In this event, however, please note that we shall no longer be able to offer you our services if you exercise this right. Please also note that your right to be forgotten is not absolute. We are entitled to continue to store your personal data if this is necessary for, among other things, the execution of the agreement, compliance with a legal obligation, or the establishment, execution or substantiation of a legal claim. We shall inform you of this in more detail in our response to your request.

 

  • The right to rectification (art. 16 GDPR):

If your personal data is incorrect, out of date or incomplete, you can ask us to correct these inaccuracies or incomplete information.

 

  • The right to data portability (art. 20 GDPR):

Subject to certain conditions, you also have the right to have the personal data that you have provided to us for the performance of the agreement or for which you have given your consent, transferred by us to another controller. Insofar as technically possible, we shall provide your personal data directly to the new controller.

 

  • The right to restriction of processing (art. 18 GDPR):

If any of the following elements apply, you may request us to restrict the processing of your personal data:

  1. you dispute the accuracy of those personal data (in this case, its use shall be limited for a period that allows us to verify the accuracy of the personal data);
  2. the processing of your personal data is unlawful;
  3. we no longer need your personal data for the its purposes, but you need them in establishing, exercising or substantiating a legal claim;
  4. as long as no decision has been taken on exercising your right to object to the processing, you may request that the use of your personal data be restricted.
 
  • The right to object (art. 21 GDPR):

You can object to the processing of your personal data on the basis of your particular situation, if we process your personal data on the basis of legitimate interests or on the basis of a task of general interest. In this event, we shall cease the processing of your personal data, unless we can demonstrate compelling and legitimate grounds for processing which outweigh your own, or if the processing of the personal data is related to establishing, exercising or substantiating a legal claim.

 

  • The right not to be subject to automated decision-making (art. 22 GDPR):

You have the right not to be subject to a decision made exclusively on the basis of automated data processing that significantly affects you or has legal consequences and that is made without substantial human involvement.

You cannot exercise this right in following three situations:

  1. when automated decision-making is legally permitted (e.g. to prevent tax fraud);
  2. when automated decision-making is based on your explicit consent; or
  3. when automated decision-making is necessary for entering into, or performance of a contract (please note: we always endeavour to use less privacy-intrusive methods for entering into or performing the contract).

 

  • The right to withdraw your consent (Art. 7 GDPR):

If your personal data are processed on the basis of your consent, you may withdraw this consent at any time upon simple request.

Exercising your rights

To exercise these rights, you can contact us by email at the following email address: privacy@daltix.com.

In order to verify your identity when you wish to exercise these rights, we may ask you to send us a copy of the front side of your identity card. The image on your electronic identity card shall not be retained by Daltix. We strongly advise you to “blackline” the image before transmitting a copy of your electronic identity card to us.

You can exercise all these rights free of charge, unless your request is manifestly unfounded or excessive (for instance due to its repetitive nature). In such cases, we shall be entitled to charge you a reasonable fee or to refuse to respond to your request.

Transfers to third parties

We shall only disclose your personal data to third parties in accordance with the applicable legal framework, if you have given your consent, if such transfer is necessary for the performance of our services, for example transfers of your personal data to the suppliers who assist us in processing your personal data (based on our legitimate interest) or unless we are legally obliged to do so (e.g. disclosure to governmental bodies, such as supervisory or law enforcement bodies).

In particular, we may share your personal data with third parties on following :

  1. When you fill out a job application through the “Careers” page, we transfer your personal data to Recruitee BV, a company specialized in recruitment management services which is duly incorporated under the laws of the Netherlands, having its registered offices at Keizersgracht 313, 1016 EE Amsterdam, The Netherlands and registered with the Dutch Chamber of Commerce under number 63881829. You can access Recruitee’s privacy policy by clicking the following hyperlink: https://recruitee.com/privacy-policy.
  2. When you subscribe to our newsletter, we transfer your personal data to The Rocket Science Group LLC d/b/a Mailchimp, a company specialized in marketing services which is duly incorporated under the laws of the United States of America, having its registered offices at 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. Mailchimp’s EU GDPR representative is Bird & Bird GDPR Representative Services Ireland, Deloitte House, 29 Earlsfort Terrace, Dublin 2, D02 AY28 and with contact email address Mailchimp@twobirds.com. You can access Mailchimp’s privacy policy by clicking the following hyperlink: https://mailchimp.com/legal/privacy/#1._The_Basics.

Categories of recipients

Within our company, we see to it that your personal data are only accessible to persons who need them to comply with our contractual and legal obligations.

In certain cases, our employees and associates may be assisted in their work by external service providers. With regard to data protection, an agreement has been concluded with all these service providers to ensure that they manage your personal data securely, with respect and with due care and diligence.

Transfer to third countries

We shall only transfer your personal data to processors or controllers in third countries to the extent we are legally entitled to do so.

Insofar as such transfers are necessary, we take the necessary measures to ensure that your personal data are highly protected and that all transfers of personal data outside the EEA take place lawfully. If a transfer takes place to a country outside the EEA for which the European Commission has not determined that it offers an adequate level of protection, this transfer shall always be subject to an agreement that complies with all requirements for transfers to third countries, such as the relevant safeguards and standard contractual clauses on data protection approved by the European Commission.

Security of your personal data

We have taken all reasonable and adequate technical and organisational security measures to protect your personal data as best as possible against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. For instance, we always store your personal data at a secured location to prevent third parties from accessing your personal data.

Retention of your personal data

We shall only retain your personal data for as long as necessary to achieve the intended purpose. You should take into account that numerous (legal) retention periods result in the fact that personal data (must) remain stored. Where there is no obligation to retain the data, it shall be routinely deleted once the purpose for which it was collected has been fulfilled.

In addition, we may store your personal data if you have given us your consent to do so or if we may require this data in the context of a legal claim. In the latter case, we need to use certain personal data as evidence. To this end, we store certain personal data, in accordance with the applicable statute of limitations, which may be up to thirty years; however, the usual statute of limitations in relation to personal claims is ten years.

Complaints?

We make every effort to securely protect your privacy and personal data. If you have a complaint about the way in which we process your personal data, you can notify us thereof via our contact details, as mentioned at the beginning of this privacy policy, so that we can deal with it as quickly as possible.

You can also lodge a complaint with the competent supervisory authority. The supervisory authority for our organisation is the Data Protection Authority, with the following contact details:

 

Website:

https://www.dataprotectionauthority.be 

 

Contact details:

Data Protection Authority
Drukpersstraat 35, 1000 Brussels, Belgium

 +32 (0)2 274 48 00

 +32 (0)2 274 48 35

 contact@apd-gba.be

 

If you are a job applicant located in Portugal, you may also lodge a complaint with the Portuguese Data Protection Authority, having following contact details:

 

Website:

www.cnpd.pt

 

 Contact details:

Comissão Nacional de Protecção de Dados

Av. D. Carlos I, 134, 1º, 1200-651 Lisboa, Portugal

 +351 21 392 84 00

 geral@cnpd.pt

Do you have any questions?

You can always contact us by telephone, email or mail to our registered offices. We are happy to answer any of your questions.

Amendments

In response to feedback, or to reflect changes in our processing activities, we may amend this privacy policy from time to time. We therefore invite you to always consult the latest version of this privacy policy on our website.