Vision and policy on the protection of personal data

Introduction: The data protection policy Van Bavel bvba

The protection of personal data of natural persons is a legal obligation (GDPR effective 25/5/2018) that Van Bavel bvba considers very important.

With this policy text, we want to explain how we safeguard the rights and freedoms of the natural persons and employees concerned (‘data subjects’) when we process personal data, both on paper and digitally.

We pay close attention to any processing of personal data that is deemed delicate, for example when ( if applicable ) using data for specific purposes, technical and organisational measures during processing, the exchanging data with other actors, …. We are also cautious when processing personal data of our staff and other actors. Especially when we use technologies that, without protection, may infringe their privacy.

Policy objectives for data protection

Providing quality products and/or services is a top priority for Van Bavel bvba. How we process personal data is an important consideration. Through this policy, the management of Van Bavel bvba strives to safeguard the rights and freedoms of all parties involved with respect to processing personal data. The purpose of this policy is to demonstrate the proper handling of personal data. It discloses and formalises the policy objectives. It clarifies the measures of data processing with respect for everyone’s rights and freedoms.

We place special attention on the following objectives (to the extent in which they are applicable): Van Bavel bvba​

1. Is transparent about the personal data it processes and the purpose for which the data is processed, both to the person concerned and to the supervisor. Van Bavel communicates this in an open way that is easily accessible and understandable. The transparency principle also applies to the exchange of personal data.​

2. Only processes the data that is relevant to the performance of required tasks. Any task involving the processing of personal data is lawful. This means, among other things, that the processing is in line with the legal and statutory objectives of Van Bavel bvba. The process is evaluated each time a new processing purpose is identified.

3. Processes only the personal data that is strictly necessary for the performance of activities.

4. Ensures the integrity of personal data throughout the processing cycle.

5. Does not hold on to data longer than necessary. The necessity is checked against legal obligations and the rights and freedoms of the person concerned.

6. Prevents breaches that result from the processing of personal data. The systems we adopt are built-in information security, data protection and privacy-friendly default settings. When a breach occurs, we report this in according to relevant regulations.

7. Is able to execute all applicable rights of data subjects, such as the right of inspection, copy and, if necessary, deletion. Van Bavel bvba will monitor any restrictions regarding these rights.

8. Actively ensures that, when processing personal data for a specific purpose, the rights and freedoms (e.g. right to transfer) of the data subject are safeguarded.

9. Processes data in line with the rights and freedoms applicable in the European Economic Area and verifies their application when data is exchanged outside the European Economic Area. Van Bavel bvba, therefore, complies with all legal and normative frameworks (i.e. Flemish, Federal and European rules) when processing personal data, and has therefore clearly mapped out its responsibility regarding the personal data and data of others. Van Bavel bvba also monitors the codes of conduct that apply in the sector and adopts these.

10. Can demonstrate that all policy objectives are compliant and in accordance with the legal provisions. This accountability is monitored by internal supervision and control and is enforced according to the legally applicable principles.