At Maerten en Partners NV, we know you care about your personal privacy. In this Data Protection Policy (the “Policy”) we describe how we collect personal data from you and why we collect it, what we do with your personal data, with whom we share it, how we protect it, and the choices you can make about how we use your personal data.
This Policy applies to any of your personal data collected and used, or processed by or on behalf of Maerten en Partners NV, a private limited liability company organized and existing under the laws of Belgium, with registered office at Molenvoetweg 62, 2547 Lint, Belgium, registered with the legal entities register RPR (rechtspersonenregister) under number 0472.568.459, [email protected] (hereinafter “M&P”, “us” or “we”) in the framework of your use of one of our websites www.maertenenpartners.com or www.mindsinaction.com (the “Website”), and the provision of our interim and project management services through which we seek to match your job preferences as a freelance candidate with interim and project management opportunities provided to us by our professional clients and subsequently enable a match with such client by concluding an agreement with you when a match is made for a specific position (collectively the “Services” or “Service”).
We act as a Data Controller and we are responsible for the Personal Data we Process.
This Policy can be complemented with specific privacy notices related to particular Services and which we will provide you with whenever we require your personal data (for example, via individual communication services, newsletters, reminders, surveys, offers, events, etc.).
Because of the nature of our business, our Services are not designed to appeal to minors. We do not knowingly attempt to solicit or receive any information from children.
At the end of this Policy (see section 17), you will find some definitions of certain key concepts used in this Policy and which are capitalised (for example, Personal Data, Processing, Data Controller…).
2. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?
Maerten & Partners NV
3. WHO CAN YOU CONTACT IN CASE YOU HAVE QUESTIONS OR REQUESTS? THE DATA PROTECTION COORDINATOR
We have appointed a Data Protection Coordinator to handle your questions or requests relating to this Policy or your Personal Data (and the way we Process it). For all questions or requests about the collection, processing, use, correction, transfer, portability etc. of your Personal Data, You can contact Els, our Data Protection Coordinator, at [email protected]
4. KEY PRINCIPLES
We value your Personal Data entrusted to us and we are committed to Processing your Personal Data in a fair, transparent and secure way. The key principles M&P applies are as follows:
- Lawfulness: we will only collect your Personal Data in a fair, lawful and transparent manner.
- Data minimisation: we will limit the collection of your Personal Data to what is directly relevant and necessary for the purposes for which they have been collected.
- Purpose limitation: we will only collect your Personal Data for specified, explicit and legitimate purposes and not Process your Personal Data further in a way incompatible with those purposes.
- Accuracy: we will keep your Personal Data accurate and up to date.
- Data security and protection: we will implement appropriate technical and organisational measures to ensure an appropriate level of data security and protection in relation to, among others, the nature of your Personal Data to be protected. Such measures provide for the prevention of any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and any other unlawful form of Processing.
- Access and rectification: we will Process your Personal Data in line with your legal rights, and allow you to access and rectify your Personal Data at any time.
- Retention limitation: we will retain your Personal Data in a manner consistent with the applicable data protection laws and regulations and no longer than is necessary for the purposes for which they have been collected.
- Protection for international transfers: we will ensure that any of your Personal Data transferred outside the EEA is adequately protected.
- Safeguards towards third parties: we will ensure that access to and transfers of your Personal Data to third parties are carried out in accordance with applicable law and with suitable contractual safeguards.
- Lawfulness of direct marketing and cookies: when we send you promotional materials or place cookies on your computer, we will ensure that we do so in accordance with applicable law.
5. DATA COLLECTION: WHICH PERSONAL DATA DO WE COLLECT AND ON WHICH LEGAL GROUNDS?
Whenever we require your Personal Data, we will inform you which of your Personal Data we collect and the purpose for which we collect it. This information will be provided to you within a reasonable time after we have collected it and may be accompanied by a separate privacy notice or a link to this Policy, which will, for example, be included in specific services (including communication services via LinkedIn), electronic newsletters, reminders, surveys, offers, invitations for events, etc.
Please note that in accordance with applicable data protection law, your Personal Data can be Processed if:
- you have given us your consent for the purposes of the Processing; or
- it is necessary for the performance of an agreement to which you are a party; or
- when it is in our legitimate interest (see further description below); or;
- it is required by law.
We consider that we process you data based on a legitimate interest in case we have a business or commercial reason to use your information in conducting our business. In this case, we will always seek to balance your interest to the protection of your privacy and Personal Data with our business interest in order to not adversely impact your rights and freedoms. An example thereof is the collection of publicly available information of you via your profile on LinkedIn, and any subsequent contact or e-mails by M&P to assess your interest in our Services.
The M&P Services specifically collects information from you at several different points, including but not limited to the following:
• INFORMATION YOU PROVIDE TO US THROUGH OUR WEBSITE, BY SENDING US AN EMAIL OR AFTER AN IN-PERSON INTERVIEW OR MEETINGS
M&P primarily collects the information you provide us when you contact us via our website, send us an email or when you provide us with your details during job fairs, networking events or during a personal interview or meeting, including:
- First name
- Last name
- Education history and professional qualifications, usually in the form of a curriculum vitae or CV, which may contain information on e.g. studies, work experience, job titles, job references, awards, skills, publications and other relevant professional information.
In order to adequately provide you with (one of) the Services, we may request you to provide us with additional information, such as:
- Contact details, including phone numbers and your address
- Personal interests and hobbies
- Current remuneration and other benefits as well as salary expectations
- Your job search preferences and expectations
We may subsequently inform you of interim and project management opportunities that match your search preferences and expectations via phone, email alert, or LinkedIn.
In case you accept an interim and project management opportunity presented to you by M&P as part of the Services to you, we will request you for additional information before we can conclude an agreement for that specific position, including but not limited to:
- Bank account information
- Insurance information
- Information on your family situation
M&P will treat any information of you as a client or candidate as confidential and will not disclose it to any third party without your approval. We do not rent, sell or otherwise disclose personal information for activities that are not part of the Services.
• OUR PROFESSIONAL CLIENTS
If you are a professional client who seeks to fill (one or more) interim and project management opportunities in your organization and choose to work together with M&P, we may Process information about individuals in your organisation to enable us to communicate with them and to provide our Services. Usually we Process the individual’s name and business contact data only.
If you correspond with us via e-mail, the postal service, or other form of communication, we may retain such correspondence and the information contained therein and use such to respond to your inquiry and/or notify you of M&P news or other Service-related information. Importantly, e-mail and postal address information is never sold, given, or otherwise shared or disclosed to third parties except as set forth herein.
• INFORMATION FROM OTHER SOURCES
We may receive information about you from other sources than yourself, such as publicly available information on LinkedIn, or information from other professional contacts in our own professional network that we (may) have in common.
In case we receive Personal Data in the abovementioned way, we will inform you thereof without undue delay and provide you with a link to our Policy.
If you do not wish to make use of our Services, you can request us to delete your Personal Data in accordance with your data subject rights (see section 8 “What rights do you have in relation to your Personal Data”) by contacting our Data Protection Coordinator (see section 3 “Who can you contact in case you have questions or requests?”).
• URL AND IP ADDRESS
We collect information about our customers’ utilization and navigation of our Services, including via Google Analytics. This information helps us to design our Services to better suit your needs.
We may also use your IP address to help diagnose problems with our server and to administer our Services, analyse trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.
6. FOR WHICH PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
We will only Process your Personal Data for specified, explicit and legitimate purposes and we will not Process your Personal Data further in a way that is incompatible with those purposes.
The main purpose for which we Process your Personal Data is the provision of our interim and project management services in order to match your job preferences with interim and project management opportunities provided by our professional clients and subsequently enable a match with such client by concluding an agreement with you when a match is made for a specific position.
Such purpose can also be the improvement of your visit on our Website, an update of our terms and conditions or this Policy, or other legitimate business purposes such as determining the success of our Services, keeping your information secure, marketing and communication, or complying with any contractual or legal obligations imposed upon M&P.
In addition to the purposes as described in this Policy, we may communicate with you the purpose of each Processing of your Personal Data in the specific privacy notice, from time to time, relating to that particular Processing.
7. HOW TO KEEP YOUR PERSONAL DATA ACCURATE AND UP-TO-DATE?
It is important for us to maintain accurate and up-to-date records of your Personal Data, in order to adequately provide you with our Services.
Please inform us of any changes to or errors in your Personal Data as soon as possible by contacting the Data Protection Coordinator (see section 3 “Who can you contact in case you have questions or requests?”.
We will take reasonable steps to make sure that any inaccurate or outdated Personal Data is deleted or adjusted accordingly.
8. WHAT RIGHTS DO YOU HAVE IN RELATION TO YOUR PERSONAL DATA?
You have the right to access your Personal Data which we are Processing at any time.
If your Personal Data is inaccurate or incomplete, you have the right to request the rectification or erasure of your Personal Data.
In addition, you have the right to object to the processing of your Personal Data when we process your Personal Data based on a legitimate interest, or when we process your Personal Data for direct marketing purposes. We will provide you at any time a way to exercise this right, for example by including an unsubscribe option in each marketing communication we send you.
You also have the right to data portability, which means we will provide you – or another Data Controller of your choosing – with a copy of all Personal Data we have collected about you.
If you require further information in relation to your privacy rights or would like to exercise any of these rights, please contact the Data Protection Coordinator (see section 3 “Who can you contact in case you have questions or requests?”).
We will send you a notification that we received your request within 1 – 3 business days. Please take into account that the timeframe for M&P to respond to your above-mentioned request is 30 days. In case your request is complex, or in case you have multiple request, such timeframe may be exceeded, in which case we will inform you thereof before the end of the first 30 days.
Exercising your rights can be done free of charge, unless in case your request is unfounded or excessive.
9. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will keep your Personal Data in a manner consistent with applicable data protection law. We will only keep your Personal Data for as long as necessary to comply with the law or for the purposes for which we Process your Personal Data.
If you have not yet been in contact with us and we find your professional profile interesting, we may choose to store a limited amount of your personal data (“data minimization”) to the extent it is publicly available information (e.g. information provided by you on LinkedIn) and after informing you thereof, and this maximum up to 1 year after the first contact. At the end of this period, you will be contacted again to decide whether you want to continue to be registered in our professional database.
If you have been in contact with us in any way, your data will be stored up to 6 years after receiving your most recent CV. At the end of this period, you will be contacted again to decide whether you want to continue to be registered in our professional database.
We may be requested by law to keep certain Personal Data for contract liability, financial and tax reasons up to 7 years to 10 years from when you stop using our Services, even if you request the erasure of your Personal Data in accordance with your data subject rights (see section 8 “What rights do you have in relation to your Personal Data?”).
For information on how long certain Personal Data is likely to be kept before being removed from our systems and databases, please contact the Data Protection Coordinator (see section 3 “Who can you contact in case you have questions or requests?”).
10. KEEPING YOUR PERSONAL DATA SECURE
We ensure that appropriate technical and organisational security measures are taken against unlawful or unauthorised access or use of your Personal Data, as well as against accidental loss or damage to the integrity of your Personal Data.
Your Personal Data will only be Processed by a third party Data Processor if that Data Processor agrees to comply with those technical and organisational data security measures.
We update and test our security technology on an ongoing basis. We restrict access to your Personal Data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate measures to enforce our employees' privacy responsibilities.
Maintaining data security means guaranteeing the confidentiality, integrity and availability of your Personal Data:
(a) Confidentiality: we will protect your Personal Data from disclosure to third parties.
(b) Integrity: we will protect your Personal Data from being modified by unauthorised third parties.
(c) Availability: we will ensure that authorized parties are able to access your Personal Data when needed.
12. DISCLOSURE OF PERSONAL DATA
For the purposes for which we collect your Personal Data, we may disclose your Personal Data to the following categories of recipients:
a) Authorised staff members of M&P;
b) Affiliates and subsidiary companies of M&P;
c) Professional clients of M&P: trusted and established companies that are looking to fill interim and project management positions that match your job preferences, but only after you provided your permission to do so;
d) Our advertising, marketing and promotional agencies: to help us deliver and analyse the effectiveness of our advertising campaigns and promotions;
e) Service providers or business partners: companies that provide Services for or on behalf of M&P. For example, M&P may share your Personal Data with external providers of IT related services (for example, data storage facilities, hosting or web servers) or with payroll services to enable us to pay you for interim and project management positions. We ask such companies to always act in compliance with applicable laws and this Policy and to pay high attention to the confidentiality of your personal information.
f) Other parties when required by law or as necessary to protect M&P: M&P may share your Personal Data with other third parties:
- to comply with the law, regulatory requests, court orders, subpoena, or legal processes;
- to verify or enforce compliance with M&P’s policies and agreements; and
- to protect the rights, property or safety of M&P and/or its customers;
- to verify your professional experience as described in your CV.
g) Other parties in connection with corporate transactions: M&P may share your Personal Data with other third parties in the context of a divestiture of all or a portion of its business, or otherwise in connection with a merger, consolidation, change in control, reorganisation or liquidation of all or part of M&P’s business;
h) Other parties with your consent or upon your instruction: M&P may share your Personal Data with third parties when you consent to or request such sharing; and
i) Any other third party communicated to you by M&P prior to sharing your Personal Data with that third party.
Please be aware that third party recipients as referred to under points d) to i) above – especially service providers who may offer products and/or services to you via their own channels – may separately collect Personal Data from you. In such case, these third parties are solely responsible for the control of such Personal Data and your dealings with them will fall under their terms and conditions.
13. USE OF SOCIAL MEDIA
Publication on social media may have certain consequences, including for your privacy or for the privacy of persons whose Personal Data you share, such as, for example, the impossibility to withdraw a publication within a short term. You are fully responsible for your publications. M&P will not have any responsibility and liability in this regard.
14. TRANSFERS OUTSIDE THE EEA
Your Personal Data may be transferred to recipients, which may be outside the EEA, and may be Processed by us and these recipients outside the EEA. In connection with any transfer of your Personal Data to recipients outside the EEA that do not offer the same level of data protection as in the EEA, M&P will implement appropriate safeguards to ensure an adequate level of protection of your Personal Data. These safeguards can for instance consist in agreeing with recipients on standard data protection clauses in the form of template transfer clauses adopted by the European Commission guaranteeing such adequate level of protection.
15. LEGAL INFORMATION
The requirements of this Policy supplement, and do not replace, any other requirements existing under applicable data protection law. In case of contradiction between what is written in this Policy and requirements in applicable data protection law, applicable data protection law (i.e. as of 25 May 2018, the General Data Protection Regulation) will have priority.
By using (one of) the Services, you agree to the terms and conditions contained in this Policy and/or any other agreement that we might have with you.
You agree that any dispute over privacy or the terms contained in this Policy, or any other agreement we have with you, will be governed by the laws of Belgium. Any dispute related to this Policy or the Website will adjudicated exclusively by the courts of Antwerp, Belgium.
As our organization, customers and benefits change from time to time, this Policy is expected to change as well. We reserve the right to amend the Policy at any time, for any reason, without notice to you, other than the posting of the amended Policy on the Websites. We may e-mail periodic reminders of our notices and terms and conditions and will e-mail M&P customers of material changes thereto, but you should check our Website frequently to see the current Policy that is in effect and any changes that may have been made to it. The provisions contained herein supersede all previous notices or statements regarding our privacy practices.
If you have any questions, issues or complaint concerning our Policy, or any concern about privacy at M&P or the use of the Services in general, or to exercise your rights, such as your rights of access, rectification, restriction, portability…, within the context of this Policy, you may contact the Data Protection Coordinator (see section 3 “Who can you contact in case you have questions or requests?”).
In this Policy, the following terms have the following meanings:
(a) Data Controller means the organisation which determines the purposes for which, and the manner in which, your Personal Data is Processed. Concretely, the Data Controller(s) is Maerten & Partners NV.
(b) Data Processor means the person or organisation which Processes your Personal Data on behalf of the Data Controller.
(c) Data Protection Coordinator means the person appointed by M&P to handle your questions and requests.
(d) EEA means the European Economic Area (= member states of the European Union + Iceland, Norway, and Liechtenstein).
(e) Personal Data is any data relating to you directly or which allows your identification, such as, for example, your name, telephone number, email address, national ID number, home address, work experience, previous employers, etc.
(f) Processing / to Process / Processed means the collection, accessing and all forms of use of your Personal Data.