DATA PROTECTION POLICY
SCIPION is concerned about protecting the privacy and data of their contacts (users of their websites and computing platforms, contacts established in the context of professional meetings, cases, missions, partnerships, services, applications, etc.). Thus, SCIPION ensures that they adopt and comply with a data processing policy in accordance with current regulations.
It is on this basis that SCIPION respects the applicable European law on the protection of personal data, and, in particular, the European General Regulation on the Protection of Personal Data n°2016/679 of April 27th, 2016 (the “RGPD / GDPR”), as well as all the rules of national law adopted in application thereof, as a subsidiary matter, and which may apply according to the case.
The purpose of this Data Protection Policy (the “Policy”) is to provide clear, simple and complete information to the data subjects (“you” or “your”) on the way in which SCIPION (“SCIPION”), in its capacity as data controller, collects and uses your personal data (“the personal data”) and on the means at your disposal to control this use and to exercise your rights.
Information about who we are
SCIPION is registered at Rue des Anciens Etangs 40, B-1190 Brussels
Further information, and details of our registration with data protection supervisory authorities are detailed below.
How our website works
When you visit our website, we might collect data on your location. This allows us to direct you to the website version in your geographic region if this is necessary to perform any of your requested actions.
We also use cookies on our website to collect standard internet log-on information and details of visitor behavior patterns (e.g. to find out the number of visitors to different parts of the site). This enables us to analyse and improve the content of our site and the navigation experience of users. We do not use this information to attempt to find out the identities of those visiting our website. Some cookies on our site also permit third parties to analyse visitor behavior to display advertising. These parties also do not use this information to attempt to find out the identities of individuals. You can disable or delete some or all cookies in your browser setting, although this may affect some parts of the site’s functionality.
Cookies Notice
When visiting SCIPION, some cookies will be installed on your computer or device. SCIPION does not use cookies to track you or to retain any personal information, they are used to store some information about the technical capabilities of your computer or device in order to give you a better experience.
We use 3rd party tool to measure user behavior on our site, to run experiments for improving our site, for displaying multi-media content or to facilitate social sharing. Some of these tools may install cookies on your computer or device. Here is an overview of the different cookies which might be installed after a visit to www.scipion.net :
Google Analytics
We are using Google Analytics for measuring user behavior. The cookies installed by Google Analytics help remember user behavior from page to page. It is not used to track personal information as all data collected by Google Analytics is being anonymized before it is saved.
YouTube
On pages where we use YouTube to show you videos, YouTube will save some cookies on your device. Most of the cookies are there to offer you a better functionality in the video player. However, YouTube also saves a cookie for DoubleClick, Google’s advertisement platform. This cookie allows Google to track you for advertisement personalization purposes. You can opt-out using Google Ads Settings.
Optimizely
Optimizely is a tool which enables A/B testing. When visiting our site, Optimizely will install a number of cookies which are used to allow this form of testing and to measure the results of these tests. Optimizely does not record any personal information. Find out more about the use of cookies by Optimizely and how you can opt-out.
ShareThis
ShareThis is a social media sharing tool. Visitors to a website using this tool will be tracked by ShareThis for advertisement purposes. Read more information about ShareThis tracking and how you can opt-out.
When will we send you marketing communications?
We will only contact you for marketing purposes (for example keep you up to date on our work based on your previous responses to our campaigns, or let you know of ways in which you can support that work) where we have your consent.
At each place that you provide your personal data on our website, there is an opportunity for you to express your preferences in relation to marketing communications from us. Where you provide your consent to such communications, you can withdraw consent or change your preferences at any time by clicking the unsubscribe button on any marketing communication or by sending an email to info@Scipion.net expressing your preferences.
We will generally treat any marketing consent you give us as lasting for 5 years, as we have found our clients may get involved with different campaigns at different points over this period of time. We never sell or share your information with entities outside SCIPION for their marketing purposes.
Your data and social media
This section refers to the ability for you to like, re-tweet, share, etc. SCIPION content on social media platforms, such as Facebook, Twitter, Instagram and YouTube. Additionally, when using our website, you can link through to such social media sites. When you do this, depending on your privacy settings, these networks will adjust their marketing to show you more SCIPION content. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this.
AT WHAT OCCASION ARE YOUR PERSONAL DATA COLLECTED ?
SCIPION may collect your personal data in the context of professional meetings, cases, partnerships, applications, your visit to our offices, your visits to our sites and web pages and your use of our online services, in particular information.
There are a number of areas on our website where you may provide personal data to SCIPION, including when you, register your interest to the site, register to a plan:
The information we collect will depend on the nature of your action but may include name, email address, telephone number, country and language preference. Where you make a payment through our website, we do not collect your financial information but direct you to a payment provider to process your payment.. Our payment provider is certified.
When you provide your information to us, we will only use the information for the purposes for which it is provided, like invoicing, for any compatible purposes and to fulfil our legal or regulatory obligations unless you have agreed for your data to be used for other purposes.
Declarative personal data are those that you provide via forms, whether they are dematerialised on websites, in paper format or in response to questions asked you by lawyers or members of the company.
SCIPION takes into account the principles of data minimisation, data protection from their conception onward and data protection by default. Consequently relevant, adequate and limited information necessary for the purposes for which it is processed is collected.
Mandatory declarative personal data are indicated by an “*” sign on the collection medium. Apart from these cases, you are free to provide or not all or part of your personal data. However, such a decision could limit your access to certain services or products offered by SCIPION, or other functionalities offered by its websites and mobile applications.
ON WHAT BASIS ARE YOUR DATA COLLECTED ?
Your personal data are processed by SCIPION in the cases permitted by applicable regulations, and in particular under the following conditions:
- when you have given free, specific, informed and unequivocal consent to the processing of your personal data (e.g. subscription to thematic information, registration for an event, etc.)
- when this is necessary for the execution of a contract, or pre-contractual measures taken at your request (e.g. application, handling of a dossier, need for access to a dataroom, etc.);
- to comply with legal or regulatory obligations of SCIPION(e.g.: fight against fraud);
- when the legitimate interests of SCIPION may be such as to justify processing by the our company (e.g. computer security measures).
Information in accordance with the applicable law is provided in each case.
It is specified here that for minors under 18 years of age, such consent must be given or authorised by the holder of parental responsibility. If the latter discovers that Personal Data of the minor concerned has been entrusted to SCIPION without their consent, they may ask SCIPION to delete such Personal Data by following the procedure described in point 7.2. of this Charter.
WHY ARE PERSONAL DATA COLLECTED ?
Your personal data is collected for specific, explicit and legitimate purposes.
Depending on the case, your personal data may be used for the purpose of:
- dialogue with you within the framework of cases, missions, partnerships, etc.
- participation in satisfaction surveys, analyses and statistics in order to improve our products and services as well as the knowledge of our customers and prospects;
- requesting, obtaining or receiving information on SCIPION or one of its entities or affiliates, or on the products and services offered by them or their partners;
- subscribing and receiving thematic information (training, documentation, invitations, activity reports, etc.);
- processing your application for a position;
- improving your customer experience.
SCIPION may also use your personal data for administrative purposes or for any other purpose imposed by current legislation.
WHO ARE THE RECIPIENTS OF YOUR PERSONAL DATA ?
Your personal data being confidential, only persons duly authorised by SCIPION can access your personal data, apart from their possible transmission to the bodies in charge of a control or inspection in accordance with the applicable regulations.
All persons who have access to your personal data are bound by an obligation of confidentiality.
These persons include the staff authorised within the company and its affiliates. Our service providers may also be required to process personal data strictly necessary for the performance of the services we entrust them with (mission, electronic and postal dissemination, logistics and catering, etc.).
In the event of recourse to affiliates or service providers located outside the European Union, SCIPION undertakes to verify that appropriate measures have been put in place to ensure that your personal data benefit from an adequate level of protection (in particular through standard contractual clauses of the European Commission, the Internal Company Rules or the Data Protection Shield set up between the European Union and the United States).
HOW IS THE SECURITY OF YOUR PERSONAL DATA PRESERVED ?
SCIPION takes care to protect and secure your personal data in order to ensure their confidentiality and prevent their being distorted, damaged, destroyed or disclosed to unauthorised third parties.
When disclosure of data to third parties is necessary and authorised, SCIPION ensures that these third parties guarantee the same level of data protection as that offered to them by SCIPION , and requires contractual guarantees so that the data are exclusively processed for the purposes you have previously accepted, and with the required confidentiality and security.
SCIPION implements technical and organisational measures to ensure that personal data are kept securely for the duration necessary for the exercise of the purposes pursued in accordance with applicable law.
Although SCIPION takes reasonable steps to protect your personal data, no transmission or storage technology is foolproof.
In accordance with applicable European regulations and in the event of a proven breach of Personal Data likely to create a high risk for the rights and freedoms of the persons concerned, SCIPION undertakes to communicate this breach to the competent supervisory authority and, where required by the said regulations, to the persons concerned (individually or generally as the case may be).
Notwithstanding the above, it is your responsibility to exercise caution to prevent unauthorized access to your personal data and terminals (computer, smartphone, tablet,…).
In addition, the Company’s websites may provide links to third-party websites that may be of interest to you. SCIPION has no control over the content of these third party sites or over the personal data protection practices of these third parties. Consequently, SCIPION declines any responsibility concerning the processing of your Personal Data by these third parties, not subject to the present Charter. It is your responsibility to inform yourself about the personal data protection policies of these third parties.
HOW LONG ARE YOUR PERSONAL DATA KEPT ?
SCIPION keeps your personal data for the time necessary to fulfil the purposes pursued, respecting the legal possibilities of archiving, obligations to keep certain data, and/or anonymisation.
In particular, we apply the following retention periods for these few broad categories of personal data:
- Personal data of customers/prospects/business partners: as long as the user is active and, at the latest, 3 years after the last contact with the user;
- Personal login data (datarooms): 1 year after last login
- Personal data of candidates (recruitment): time needed to process the application and, in case of a negative outcome, 3 years after the last contact (unless the candidate agrees to a longer period).
WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA AND HOW TO EXERCISE THEM?
Respecting the limits provided by the regulations in force, you have the following rights with regards to your personal data:
➢ Right to information on the processing of your personal data
SCIPION strives to provide you with concise, transparent, understandable and easily accessible information on the conditions for processing your personal data, in clear and simple terms.
➢ Right of access, rectification and deletion (or “right to forget”) of your personal data
The right of access allows you to obtain from SCIPION confirmation that your personal data have or have not been processed as well as the conditions of such processing, and to receive an electronic copy (for any additional copy, SCIPION is entitled to demand payment of any reasonable fees based on the administrative costs incurred).
You also have the right to obtain from SCIPION , as soon as possible (and by default within 30 days), the rectification of your personal data.
Finally, subject to the exceptions provided by applicable law (e.g.: retention necessary to comply with a legal obligation), you have the right to ask SCIPION to delete, as soon as possible, your Personal Data, when one of the following grounds applies :
- Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- You wish to withdraw your consent on which the processing of your personal data was based and there is no other basis justifying such processing;
- You consider and can establish that your personal data has been unlawfully processed;
- Your personal data must be deleted in accordance with a legal obligation.
➢ Right to limit the processing of your personal data
The applicable regulations provide that this right may be invoked in certain cases, in particular the following:
- when you dispute the accuracy of your personal data;
- when you consider and can establish that the processing of personal data is unlawful but you oppose the deletion of personal data and demand instead that the processing be limited;
- when SCIPION no longer needs your personal data but they are still necessary for you to establish, exercise or defend your legal rights;
- When you object to the processing that would be based on the legitimate interest of the controller, during the verification whether the legitimate grounds pursued by the controller prevail over those of the person in question.
➢ Right to the portability of personal data
When the processing is based on your consent or a contract, this right to portability allows you to receive the personal data you have provided SCIPION with in a structured, commonly used format, and to transmit this personal data to another data controller without SCIPION hindering it.
When technically possible, you may request that this personal data be transmitted directly to another controller by SCIPION .
➢ Right to withdraw consent to the processing of personal data
When SCIPION processes your personal data on the basis of your consent, this latter may be withdrawn at any time using the means provided for this purpose (procedure indicated in point 7.2 of this Policy). On the other hand, and in accordance with applicable law, the withdrawal of your consent is only valid for the future and cannot therefore call into question the lawfulness of the processing carried out before this withdrawal.
➢ Right to lodge a complaint with a supervisory authority
If, despite SCIPIONs ’ efforts to preserve the confidentiality of your personal data, you feel that your rights are not respected, you have the right to lodge a complaint with a supervisory authority. A list of control authorities is available on the European Commission’s website.
➢ Right to decide the fate of your personal data after your death
Finally, you have the right to organize the fate of your personal post-mortem data through the adoption of general or specific guidelines. SCIPION is committed to respecting these guidelines. In the absence of directives, SCIPION recognises the possibility for heirs to exercise certain rights, in particular the right of access, if it is necessary for the settlement of the deceased’s estate; the right to object to the closure of the deceased’s user accounts ; and the right to object to the processing of their data.
How to exercise your rights
For any question relating to this Policy and/or to exercise your rights as described above, you may contact SCIPION , electronically or by post, by sending a letter accompanied by a copy of any identity document to :
info@scipion.net
or
Personal Data Management Service
SCIPION
Rue des Anciens Etangs 40
B-1190 Brussels
—–
SCIPION commits to reply as soon as possible, and at the latest within one month of receipt of your request.
If necessary, this deadline may be extended by two months, taking into account the complexity and number of requests addressed to SCIPION. In this case, you will be informed of the extension and the reasons for the postponement.
If your request is submitted in electronic form, the information will also be provided to you electronically whenever possible, unless you expressly request otherwise.
If SCIPION does not comply with your request, it will inform you of the reasons for its inaction and you have the possibility of lodging a complaint with a supervisory authority and/or filing a judicial appeal.
APPLICABLE LAW AND COMPETENT COURT
This Policy is subject to Belgian law. In the event of a dispute and if an amicable agreement cannot be reached, the competent courts shall be those of the Brussels courts, notwithstanding the defendants’ plurality or the introduction of third parties.