1. SCIO’s STATEMENT
This website and statement is the property of SCIO, an IT company that helps companies with their digital archiving challenges. As such, we are processing some personal data to improve your experience on our website thus we are acting as a Data Controller following the EU 2016/679 regulation (commonly called GDPR).
This Statement sets out the base on which any personal data we collect from you, or that you provide to us, will be processed by us, following EU regulation such as GDPR, the e-Privacy directive and the Belgian privacy laws. As information management specialist, we want to be as transparent as we can with processing our customers’ and website visitors’ data. This Statement aims to provide you all the necessary information regarding data privacy.
2. VALIDITY OF THIS STATEMENT
This statement will remain valid and in effect until an automatic expiration, updates or external causes.
3. INFORMATION WE COLLECT
You may choose to give us information about you by filling in forms on our site such as the contact us form, newsletter form or by corresponding with us by phone, e-mail or otherwise. By filling out the newsletter form, you consent to opt-in to our Newsletter and agree to receive occasional newsletters. We only collect the minimum information necessary to provide you with information requested by you or to submit a question/suggestion/comment in relation to our website.
We may also collect details of your visits to our site (including, but not limited to, traffic data, location data, weblogs and other communication data), and the resources that you access. When you access our website, your computer’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data on the use of our website. This information may be used to help us to improve our site and the services we offer.
Information we might collect
- Identity, identifiable information
First & last name, email address, …
- Professional information
Company, function title, …
- Connection details
IP addresses, time and location of connection, …
Devices localisation from network, gps signal from mobile devices, …
Cookies are specific files installed on your devices and used to track and log your internet activity that enable us to analyze our visitor behavior and improve our website content and architecture. All the information collected are anonymous and will never be used to identify or target specific persons. Their only purpose is to let us know how you come to our website and what is the most relevant information for you.
Our cookies usage follows the EU directive 2002/58/EC and its transposition in the Belgian legal framework.
5. HOW YOUR INFORMATION IS USED
Where you submit your personal information to us, it will only be used for the stated purpose.
Such information will only be used by us for:
- The purposes for which it was provided by you including providing you with the information that you request from us;
- Marketing and administration purposes;
- For analytical purpose including ensuring that content from our site is presented in the most effective manner for you and your computer.
SCIO undertakes not to sell or rent to any third party whatsoever any personal data about you. However, to fulfil its purposes and operational needs, SCIO could rely on third-parties which are defined as data processors and/or sub-processors. Any organization implied in our processes, such as website hosting provider, are suggest to GDPR compliance and we request from them to commit to this compliance and provide sufficient guarantees. We will never allow those third-parties to sell or use your personal information in a different purpose than the one we defined. SCIO keeps track and documents any process with personal data, managed ourselves or by the (sub)processor. This enables us to answer quickly to any legitimate request regarding personal data.
6. LAWFUL BASIS FOR PROCESSING
Following the GDPR, WP29 and Privacy Commission recommendations, we will collect personal information from you, only when we have your consent to do so and if we need the personal information to perform a contract with you or if the processing is in our legitimate interests and is not overridden by your data protection interests or fundamental rights and freedoms.
We endeavor to use industry standard security measures to protect your information and to prevent the loss, misuse or alteration of any information in our control. However, the transmission of information via the internet is not completely secure and we cannot guarantee that all of your private communications and other personal data will never be disclosed. However, we will use our reasonable endeavors to ensure that such information is kept as secure as possible.
- We aim to be GDPR compliant and implement relevant security measures to all our processes.
- We required proof of compliance from all our suppliers.
We ensure that all the data is stored in the European Economic Area (EEA) or in countries presenting adequate levels of data protection. In case of other countries, we required from our processors to provide sufficient safeguards such as certification or accreditation (e.g. Privacy Shield certification for US companies).
8. DATA RETENTION & DELETION
Your privacy is an important concern for us and therefore we implemented security measures to better protect the data we processed. Among other security measures, we apply strict retention management and define specific retention periods following the legislation and/or needs.
In case of termination of a retention period, or withdraw of consent when applicable, we commit to delete every data as soon as possible and will notify you afterwards.
9. YOUR RIGHTS
You should ensure that the information we collect and hold in relation to you is accurate and kept up to date. If you would like to review the information we have collected on you at any time, please see contact below.
You also have the right to have the information erased if we do not have a legitimate reason for retaining it. We will accede to any such valid requests as soon as possible within one month, as stated in GDPR article 12 (3), starting on the receipt of a valid request in writing.
You have the right to be given a copy of information held by us about you. We will provide the requested information to you within one month of the receipt of a valid request in writing. We might request you to provide additional information to enable us to identify your personal data and/or to verify your identity. Please send all requests to contact person below.
10. AMENDMENTS OF THIS PRIVACY STATEMENT
This Privacy Statement may change from time to time, and any changes to this Policy will be communicated. As your use of the SCIO website is subject to your acceptance of this Privacy Statement, and any amendments thereto, please review the Privacy Statement each time you use this website.
11. THIRD PARTY SITES
Our website may, from time to time, contain links to and from the websites of our Members, partner networks, advertisers, event organizers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
12. GOVERNING LAW AND JURISDICTION
This statement follows the EU 2016/679 regulation, commonly called General Data Protection Regulation (GDPR) and the Belgian privacy law transposing. As a Belgian company, we rely on the Authority for Data Protection and its recommendation for compliance. Any questions or claims could be submitted to the privacy commission.
Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Statement is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.
14. DATA BREACH NOTIFICATION
We have implemented certain measures to monitor and detect any potential data breaches. Our internal procedures are implemented to analyze any potential threat and, following GDPR recommendation, we may notify you if we encounter a potential data breach and what we will implement to lower the risk and manage it.
15. CONTACT US
Your privacy is important to us. If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at firstname.lastname@example.org