1. The importance of data protection

Calibrate attaches great importance to the correct protection of the data it processes, in particular personal data. By means of this policy, Calibrate wants to record on a strategic level how data is protected, what responsibilities have been assigned around this and what priorities Calibrate has set around data protection.

In particular, Calibrate wants to protect the data of users of the website and the personal data that they make available:

  • loss: data is no longer available;
  • leaks: data ends up in the wrong hands;
  • Errors: information is incorrect, e.g. outdated or incomplete;
  • not accessible: when necessary, the data is not accessible;
  • wrongful viewing: viewing by persons who are not authorized to do so;
  • not being able to check who looked into, changed or deleted the data;
  • processing that is not in line with regulations, directives and standards.

In this policy, Calibrate wants to appeal to everyone involved in electronic and paper processing in order to correctly process the personal data of our visitors, from a common vision and from our common desire to offer quality services.

2. Scope of data protection policy

This policy applies to the entire lifespan of information within the Calibrate website, from obtaining information to the final removal of information within the organization.

This policy applies to Calibrate as a whole:

  • The office of Calibrate;
  • All staff members of Calibrate, both internal and external employees who are employed within Calibrate for a fixed or indefinite period of time;
  • All company assets and information processing systems managed by Calibrate as well as systems managed by external parties for information processing for Calibrate such as databases, information regardless of its carrier, networks, datacenters, etc;
  • All processing activities, both as processing manager and processor.

For certain domains or processes within Calibrate, additional guidelines or procedures can be developed that describe in detail which measures are taken to achieve the desired level of data protection.

Given the important role of the ICT suppliers in setting up the ICT environment to process data, the privacy policy also lays down the policy principles for this.

3. Data protection policy objectives

Calibrate, both in its role as processing manager and processor:

  1. Is transparent about the personal data it processes and the purpose of the processing, both to the data subject, the customers and the regulators. The communication conducted is honest, easily accessible and understandable. The principle of transparency also applies when personal data is exchanged.
  2. Processes only the data relevant to the performance of its tasks. Any task involving the processing of personal data is legitimate. This is always evaluated at a new processing purpose, where necessary by means of a data protection impact assessment.
  3. Processes only the personal data strictly necessary for the execution of the activities. In this way, identifiers belonging to the personal data are reduced to a minimum.
  4. Monitors the integrity of personal data throughout the entire processing cycle.
  5. Stores data no longer than necessary. Necessity has been checked against legal obligations and the rights and freedoms of the person concerned.
  6. Prevents violations resulting from the processing of personal data. Information security, data protection in design and privacy-friendly default settings are tools for this. When a breach occurs, it will be reported in accordance with the relevant regulations.
  7. Is able to exercise all applicable rights of a data subject, such as the right of inspection, copying and, if necessary, deletion.
  8. Actively ensures that when personal data is processed for a specific purpose, the rights and freedoms of the data subject are safeguarded.
  9. Processes data in line with the rights and freedoms applicable in the European Economic Area and monitors its application when data is exchanged outside the European Economic Area.
  10. Can demonstrate compliance with all policy objectives, in accordance with legal requirements. This accountability is monitored by internal supervision and control and is practicable according to the legally applicable principles.

4. What personal information do we collect?

We collect different types of personal data:

  • Personal information that you give us via webforms: for example, your name, email address and phone number when you use our contact form.
  • Personal data we obtain through your use of the website:
    • Log file information: among other things, we keep the following data in server logs:
      • IP address;
      • Browser information;
      • The external web page from where you come from;
      • The pages you visited on our website;
      • Time and duration of pages visited.
    • Device data: we can track which device you use to visit our website;
    • Local Storage: We can collect and store data locally on your device using mechanisms such as browser web storage and application data caches;
    • Cookies: we use cookies to identify our visitors in order to remember your preferences such as the standard language. For more information about cookies, please refer to our cookie policy.

5. What do we use the personal data for?

We use the personal information we collect to provide, maintain, protect and improve the proper service. Your personal information is kept only as long as necessary for the purpose for which it was collected.

We may use your personal information for:

  • Communication with you, mainly to give feedback when a question has been asked via the contact form or when you have applied via our site;

We only share your personal information:

  • With your consent: we only share your personal information with companies other than Calibrate if we have your consent. Please be aware that when you click on a social media button, the privacy policy of this provider applies.
  • For legal reasons: we may need to share your personal information in order to comply with a legal obligation;
  • With parties that process personal data on our behalf: these parties may only process personal data on behalf of Calibrate. These processing operations will be recorded in a processing agreement between Calibrate and this party.

6. Your rights

You can ask us (for free):

  • What data we have about you;
  • What is the purpose of a certain processing;
  • Who processes all your personal data.

You have the right (free of charge):

  • On a copy of your personal data that we process for a specific purpose;
  • To submit a request to delete your data;
  • To ask us to stop processing your personal data (if you have a legitimate and legal reason to do so).

Under no circumstances will Calibrate process personal data relating to political or religious preferences or beliefs, race, or any data relating to your health or sex life.

7. Contact information

 If you have any further questions about the processing of personal data, or if you would like to submit a request to change, view or delete your data, you can send us an email to dpo@calibrate.be. We will ask for proof of identity and process your request within 30 days of receiving the email.