Data protection policies

BVBA Kerteza, BVBA Kerteza Holding, BVBA Kerteza Immo and BVBA Kerteza Training and Education (together referred to as the “Company”) attach great importance to the secure, transparent and confidential collection and processing of your personal data. In particular, we want to protect the data of our clients, suppliers, employees and other contacts, among others, from loss, leaks, errors, unauthorized access or unlawful processing.

We wish to inform you about the collection and processing of your personal data through this Data Protection Policy. We ask that you read this Data Protection Policy carefully, as it contains essential information on how your personal data are processed and for what purpose.
 
By communicating your personal data, you declare that you have read and agree to this Data Protection Policy as well as to the processing itself.

Scope

This Data Protection Policy relates to all services provided by (or to) us and, in general, to all activities we conduct.

Controller

BVBA Kerteza (KBO 0454.079.863), BVBA Kerteza Holding (KBO 0837.159.191), BVBA Kerteza Immo (KBO 0833.562.372) and BVBA Kerteza Training and Education (KBO 0465.189.927) all with registered offices at 2460 Kasterlee, Duineneind 16, box 1, are the joint controllers of your personal data. In accordance with article 26 of the General Data Protection Regulation (“GDPR”), we confirm that the mutual arrangement between the companies is such that the responsibilities following from this regulation are centralized at BVBA Kerteza. There is also a single point of contact for data subjects at privacy@kerteza.com.
 
When collecting and processing your personal data, we respect the Belgian regulations on the protection of personal data, as well as the European General Data Protection Regulation / GDPR.

Personal data

According to your activities and your relationship with our company, we will process the personal data described below. Apart from some limited exceptions for our staff, we do not process special categories of personal data (“sensitive data”).
 
We kindly remind you that you are responsible for all data you provide to us and that we rely on its accuracy. Should your data no longer be up-to-date, please notify us by return.
 
You are not obliged to communicate your personal data, but you understand that the provision of certain services or cooperation becomes impossible if you do not consent to the collection and processing.

Processing purposes and legal basis

Customer data
As part of our services and activities, we collect and process personal data from our customers and clients, their staff, employees, appointees and other useful contacts. We process the following personal data: your personal identification data, financial (identification) data, financial transactions, professional activities, agreements and settlements, CBE/VAT number, Chamber of Commerce number, customer number, etc.
The purposes for this processing are the performance of agreements with our clients, customer management, accounting and direct marketing activities such as sending promotional or commercial information. The legal grounds are the performance of the agreement, the fulfillment of legal and regulatory obligations and/or our legitimate interest.
 
Data from suppliers and subcontractors
We collect and process personal data from our suppliers and subcontractors, their staff, employees, appointees and other useful contacts. We process the following personal data: your personal identification data, financial (identification) data, financial transactions, professional activities, agreements and settlements, CBE/VAT number, Chamber of Commerce number, the assigned numbers in the CRM and accounting system, etc.
The purposes of these processing operations are the execution of the agreement, supplier management and accounting. The legal grounds are performance of the agreement, fulfillment of legal and regulatory obligations and/or our legitimate interest.
 
Personnel data
We process our employees’ personal data as part of our personnel management and payroll administration. Given its specific nature, this processing is regulated more comprehensively in a separate Employee Data Protection Policy.
 
Website visitors
We may collect and process personal data from visitors to our website. For more information on this processing, please refer to the specific privacy policy and/or cookie policy as published on this website.
 
Data of self-employed consultants/trainers
We collect and process personal data from our independent consultants and trainers. We process the following personal data: personal identification data, personal particulars, financial identification data; financial transactions, professional activities, agreements and settlements, KBO/BTW number (or KVK number in the Netherlands), CRM and accounting number, curriculum vitae, diploma, professional competence, professional experience, specialization, publications, copy of identity card/passport , assessment/evaluation of performance, photos (website, social media), etc.
The purposes of this processing are the management of consultants and trainers, accounting and dispute management. The legal grounds are performance of the agreement, fulfillment of legal and regulatory obligations and/or our legitimate interest.
 
Data of training participants.
We collect and process personal data from the participants of the training courses, trainings and workshops. We process the following personal data: personal identification data, professional identification data; financial (identification) data; professional competence, photos, video and audio material.
 
The purposes of this processing are to provide the education, training and workshops to our clients or to our clients’ employees, as well as marketing. The legal grounds are performance of the contract, fulfillment of legal and regulatory obligations and/or our legitimate interest.
 
Other data
In addition to the data provided above, we also process personal data of others, such as the data of our directors and business managers, insurance companies and brokers, potential new customers/prospects, useful contacts within our industry and network contacts, etc.
The purposes of this processing are in the interest of our operations, direct marketing and public relations. The legal basis is our legitimate interest or in some cases the performance of a contract.

Duration of processing

Personal data will be kept and processed by us for a period necessary in function of the purposes of the processing and in function of the (contractual or non-contractual) relationship we have with you.
 
Data of trainers, consultants and suppliers will in principle be deleted from our systems after a period of ten years after the termination of the cooperation, except with regard to this personal data that we are required to keep longer on the basis of specific legislation, in the event of an ongoing dispute for which the personal data are still necessary, or if you yourself have asked us to keep the data longer.
 
Client data will be deleted from our systems no later than twenty years after the completion of the works or after the termination of the cooperation, except with regard to such personal data that we are obliged to retain for a longer period of time on the basis of specific legislation, in the event of an ongoing dispute for which the personal data are still required, or if you yourself have asked us to retain the data for a longer period of time.

Rights

In accordance and under the terms of the Belgian privacy legislation and the provisions of the GDPR, we inform you that you have the following rights:
 
  • Right of access and inspection: you have the right to acquaint yourself, free of charge, with the data we hold about you and to find out what it is used for.
  • Right to rectification: you have the right to obtain rectification (correction) of your incorrect personal data, as well as to complete incomplete personal data.
  • Right to data erasure or restriction: you have the right to request us to erase or restrict the processing of your personal data in the circumstances and under the conditions stipulated by the GDPR. We may refuse data erasure or restriction of any personal data necessary for us to carry out a legal obligation, the performance of the contract or our legitimate interest, and for as long as such data is necessary for the purposes for which it was collected.
  • Right to data portability: you have the right to obtain the personal data concerning yourself that you have provided to us in a structured, common and machine-readable form. You have the right to transfer this data to another data controller.
  • Right to object: you have the right to object to the processing of your personal data for serious and legitimate reasons. However, please note that you cannot object to the processing of personal data that is necessary for us to carry out a legal obligation, the performance of the contract or our legitimate interest, and for as long as this data is necessary for the purposes for which it was collected.
  • Right to withdraw consent: If the processing of personal data is based on prior consent, you have the right to withdraw this consent. These personal data will then only continue to be processed if we have another legal basis for doing so.
  • Automatic decisions and profiling: we confirm that the processing of personal data does not involve profiling and that you will not be subject to fully automated decisions.
You may exercise the aforementioned rights by contacting BVBA Kerteza at privacy@kerteza.com.
 
We make every effort to handle your personal data in a careful and legitimate manner in accordance with applicable regulations. Should you nevertheless believe that your rights have been violated and your concerns have not been addressed within our company, you are free to lodge a complaint with the competent data protection authority (www.gegevensbeschermingsautoriteit.be).
 
In addition, you may take your case to court if you believe that you have suffered damages as a result of the processing of your personal data.

Transfer to third parties

Certain personal data collected by us will be transmitted to and may be processed by government agencies, banks and insurance companies, as well as third party service providers, such as, among others, our IT supplier, accountant, corporate auditor, professional advisors, consultants and trainers, other companies, training venues and other training participants. The data is also transferred within the Company, intra-group.
 
It is possible that one or more of the above third parties may be located outside the European Economic Area (“EEA”). However, personal data will only be transferred to third countries with an adequate level of protection.
 
The employees, managers and/or representatives of the aforementioned service providers or institutions and the specialized service providers appointed by them must respect the confidential nature of your personal data and may only use this data for the purposes in the context of which it was provided.
 
If necessary, your personal data may be passed on to other third parties. This may be the case, for example, if we were to be reorganized in whole or in part, if our activities were to be transferred or if we were to be declared bankrupt. It is also possible that personal data may have to be transmitted pursuant to a court order or in order to comply with a particular legal obligation. In such a case, we will make reasonable efforts to inform you in advance of such communication to other third parties. However, you will recognize and understand that in certain circumstances this may not always be technically or commercially feasible or legal restrictions may apply.
 
Under no circumstances will we sell or make your personal data commercially available to direct marketing agencies or similar service providers, except with your prior consent.

Technical and
organizational measures

We take the necessary technical and organizational measures to process your personal data according to an adequate level of security and to protect them from destruction, loss, falsification, modification, unauthorized access or notification by mistake to third parties, as well as any other unauthorized processing of these data.
 
Under no circumstances can the Company be held liable for any direct or indirect damage resulting from an erroneous or unlawful use by a third party of the personal data.

Third-party access

For the purpose of processing your personal data, we provide access to your personal data to our employees, associates and appointees. We guarantee a similar level of protection by making contractual obligations opposable to these employees, associates and appointees, which are similar to this Data Protection Policy.

Duineneind 16 bus 1, 2460 Kasterlee, België

Tel.: +32 14 25 90 00
E-mailadres: academy@kerteza.com

Contacteer ons

Voornaam *
Achternaam *
Telefoonnummer *
E-mail *
Instelling *
Functie *
Afdeling *