RGPD - Personal Data Protection Policy

 

1. Definitions

 

TERMS

DEFINITIONS

- Customer

Any natural or legal person benefiting directly from the Services of SEWAN BELGIUM or via one of its partners

- Personal Data or Personal Information

Means any information relating to an identified or identifiable natural person (hereinafter referred to as "Person Concerned"); an "identifiable natural person" is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, Location Data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

- Person Concerned

Refers to the natural person to whom the Personal Data relates.

- Regulations

Refers to all the laws and regulations applicable in Belgium concerning the protection of Personal Data, in particular the GDPR and their subsequent texts.

- Data Controller 

Refers to the person who determines the purposes and means of a Processing operation, i.e. the objective and the way in which it is carried out.

- Service

Refers to the service(s) provided by SEWAN BELGIUM and described in the contractual documents binding the Parties.

- Data Processor

The Data Processor is the person who processes Data on behalf of another organisation ("the Data Controller"), in the context of a Service or provision.

- Processing

Refers to any operation or set of operations carried out or not by means of automated processes and applied to Personal Data or sets of Personal Data, such as collection, recording, organisation, structuring, storage, adaptation or modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, reconciliation or interconnection, limitation, deletion or destruction

- User

Means any natural person who benefits from the Services.

- Personal Data Breach

A breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

2. Preamble

SEWAN BELGIUM undertakes to comply with all obligations resulting from the application of the applicable regulations on the protection of Personal Data, in particular the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of Personal Data and on the free movement of such Data ("RGPD").

This policy describes the Processing of Personal Data carried out by SEWAN BELGIUM in the context of the provision of the Services, for which SEWAN BELGIUM acts as the Data Controller.

3. What categories of Personal Data do we process?

Within the framework of its activity, SEWAN BELGIUM ensures that it only processes Personal Data that is adequate, relevant and limited to what is necessary for the performance of the Services subscribed to by the Client in accordance with the principle of minimisation (article 5.1.c of the GDPR).

SEWAN BELGIUM processes the following categories of Personal Data:

  • - Identification data/Contact data: title, surname, first names, company, position held, postal address, telephone number (landline and/or mobile), e-mail address, technical identifiers of the User;
  • - Connection and usage data of the Services: connection logs, advertising identifiers, IP address, etc;
  • - Data related to the support provided by our Services: information contained in trouble tickets or telephone records of a Customer's User reporting a problem;
  • - Data on interactions with our Services: reports of interventions, IP addresses used to visit our site, use our applications and consult our e-mails (operating system used, type of equipment, etc.);
  • - Data relating to the transaction and the follow-up of the commercial relationship: transaction number, details of the purchase, subscription, product or Service subscribed to, delivery address, history of purchases and Services, return of products, correspondence with the Customer and after-sales service, exchanges and comments from Customers and prospects, person(s) in charge of the Customer relationship... ;
  • - Payment data: including payment methods, billing data, invoice payment methods, discounts, balances and outstanding payments;
  • - Profile data: e.g. feedback and survey responses;
  • - Traffic and routing data;
  • - Hosted Data : Personal Data of the User that may be recorded or stored (e.g. directories), data that the User entrusts to SEWAN BELGIUM in the context of the use of the Service (Hosted Data);
  • - Cookies and other tracers deposited on our website and applications. For more information, we invite you to consult our cookie policy.

4. Why do we process your Personal Data?

Within the framework of its activity, SEWAN BELGIUM ensures that Personal Data are processed in a lawful manner for specified, explicit and legitimate purposes, in accordance with article 5.1.a and 5.1.b of the GDPR. In particular, your Personal Data may be processed under the following conditions of lawfulness and purposes:

         - Legal basis: performance of the contract

Aims:

  • Customer billing
  • Management of subscriptions and use of the Services
  • Equipment management
  • Order management
  • Interventions on the Client's site
  • Training on tools for the Client
  • Network deployment
  • Authentication and identification on the SEWAN BELGIUM customer portal
  • Customer communication in the context of technical maintenance operations
  • Management of unpaid bills
  • Handling of complaints and cancellations
  • Hosting of User Data
  • Communications necessary for the execution of the contract

    -  Legal basis: Legitimate interests

    Aims:

  • Fighting fraud
  • Management of unpaid bills
  • Deployment of SEWAN BELGIUM products and services
  • Network deployment
  • Securing information technology
  • Responding to satisfaction surveys in order to identify areas for improvement in our services
  • Carrying out statistical studies
  • Training of SEWAN BELGIUM employees based on the analysis grids and/or recordings for the educational benefit of the employee
  • Evaluation of SEWAN BELGIUM employees

 

- Legal basis: Consent

Aims

  • To improve the quality of service on our networks by collecting terminal information
  • Identify prospects or the Client and their needs or offers
  • Make personalised recommendations to Clients
  • To propose targeted and adapted offers to the Customers of SEWAN BELGIUM and its subsidiaries

    - Legal basis: Legal and regulatory obligation

    Aims :
  • Archiving accounting and legal data
  • Respond to requests from third parties authorised by the regulations
  • Responding to requests from the authorities
  • Managing requests to exercise the rights of Person Concerned
  • Management of pre-litigation and litigation
  • Fraud prevention and enforcement of related sanctions.

5. Who processes your Personal Data?

In order to fulfil the purposes mentioned above, your Personal Data is transmitted only to authorised and competent recipients, in accordance with the regulations in force, namely

  • •  The internal services of SEWAN BELGIUM
  • •  Data Processor and possible service providers of SEWAN BELGIUM
  • • Competent authorities at their request in response to legal proceedings, judicial inquiries, requests for information or to comply with other legal obligations.

6. What about transfers outside the European Union?

The Personal Data collected may be processed outside the European Union. In this case, SEWAN BELGIUM takes the necessary measures with its Data Processor and partners to guarantee an adequate level of protection of the Personal Data in full compliance with the GDPR and the applicable laws on the protection of Personal Data.

7. How do we secure your Personal Information?

SEWAN BELGIUM has defined technical and organisational measures to ensure the protection of your Personal Data. The measures take into account the category of Personal Data and the level of risk that the processing presents.

In this sense we have set up :

  • • Raising awareness among SEWAN BELGIUM employees of the challenges and good practices surrounding the protection of Personal Data
  • • Physical and logical access security
  • • Operational safety
  • • Asset security
  • • Safety in relations with Data Processor

8. How long do you keep your Personal Data?

SEWAN BELGIUM retains your Personal Data for the periods of time necessary to fulfil the purposes mentioned in Article 4 hereof. The duration of the retention of the Personal Data depends on each processing purpose. When required by law, we keep certain information for a period of time necessary to comply with the legal and regulatory provisions applicable to our activity as a telecom operator.


9. What are your rights?

In accordance with the GDPR, you have various rights to your Personal Data.

In our capacity as Data Controller, you may request at any time access to your Personal Data, its rectification, deletion (insofar as this does not prevent the proper performance of our contractual relationship or compliance with legal obligations) and the limitation of one or more particular processing operations of Personal Data concerning you, in accordance with the conditions provided for by the Regulation.

You also have the right to object to the processing of your Personal Data under the conditions set by the Regulations. It is therefore important that the information you provide to SEWAN BELGIUM is accurate and up to date, and that you inform us without delay of any significant change concerning you.

10. How to exercise your rights?

You can exercise your rights by contacting the Data Protection Officer of SEWAN BELGIUM at the following address

SEWAN
Comité Délégué à la Protection des Données
2 Cité Paradis
75010 Paris
Or by email at the following address: dpo@sewan.fr

SEWAN BELGIUM will provide you with information on the measures taken as a result of your request within one month of receiving the request in accordance with Article 12 of the GDPR. In case your request is complex and/or in case SEWAN BELGIUM is faced with a large number of requests, the response time may be extended by two months. In the latter case, SEWAN BELGIUM will provide you with the reasons for the extension within one month after receiving your request.

Furthermore, in accordance with Article 12.5 of the GDPR, when requests are manifestly unfounded or excessive, in particular because of their repetitive nature, SEWAN BELGIUM may demand payment of reasonable costs which take into account the administrative costs incurred in providing the information, making the communications or taking the measures requested, or refuse to comply with these requests.

11. Making a complaint to the ADP

You can also lodge a complaint with the DPA via its website www.autoriteprotectiondonnees.be; and in certain specific cases directly online: lodge a complaint | Data Protection Authority (autoriteprotectiondonnees.be)

You can also send an email to contact@apd-gba.be if you wish to make a phone appointment.