Request Member Access

Privacy Notice

Last update: 25 March 2024

This privacy notice (hereinafter: ‘Privacy Notice’) describes how CESAER AISBL (hereinafter: ‘CESAER, ‘We’, ‘us’, ‘our’) might collect, store, use, and/or share (‘process’) your personal data when you:

  • Visit our website at https://www.cesaer.org or any website of ours;
  • Create an account on our Extranet and subsequently use our Extranet;
  • Engage with us in any other way.

We are committed to protecting and handling your personal data in a responsible manner in accordance with the applicable data protection laws in the countries and regions in which we operate, including but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR),UK Data Protection Act 2018 (amended 2020) (UK DPA) and theSwiss Federal Act on Data Protection (FADP) (hereinafter: ‘Data Protection Laws’).

Please read this Privacy Notice thoroughly so that you are aware of how CESAER processes your personal data. If you have any questions or concerns, please contact us at info@cesaer.org.

Our full contact information is:

Kasteelpark Arenberg 1 Box 2200

LEUVEN 3001

BELGIUM

Tel: +32 486 41 17 56

E-mail: info@cesaer.org

Belgian CBE number: 0441.894.980

1. What personal information do we process?

Personal data” means any information that can be used to directly or indirectly identify a natural person, such as a name, identification number, place and date of birth etc.

The term “processing” includes any treatment of personal data and covers the collection, recording, organization, storage, updating, alteration, retrieval, consultation, use, dissemination or making available by any means, archiving, erasure and destruction of personal data.

We process personal data for various purposes, each time processing only the personal data necessary to achieve the intended purpose.

We process personal information that you voluntarily provide to us when you register to access our extranet, when you express an interest in obtaining information about us and the work we do, when you participate in our activities and events, or otherwise when you contact us.

  • When you create an account on our Extranet, we process the following personal data on the legal basis of contract performance to allow account creation and authentication and otherwise manage accounts on our Extranet:
    • Last name
    • First name
    • Gender
    • Profile picture (optional)
    • Mobile/ telephone number (optional)
    • Information regarding career and studies (optional)
    • Address (optional)
    • E-mail address
    • Links to Twitter/ LinkedIn/ website (optional)
  • User-to-user communication: We may process following personal data to allow user-to-user communication:
    • Last name
    • First name
    • Gender
    • Profile picture (optional)
    • Mobile/ telephone number (optional)
    • Information regarding career and studies (optional)
    • Address (optional)
    • E-mail address
    • Links to Twitter/ LinkedIn/ website (optional)
  • When you participate in activities and events, both online (i.e. webinars, task forces) or offline (i.e. meetings, study days), we may process the following personal data on the legal basis of contract performance:
    • Last name
    • First name
    • Payment data
    • E-mail address
  • Delivery of services: We may process your personal data on the legal basis of contract performance to provide you with (the) service(s) requested by you:
    • Last name
    • First name
    • Address
    • Payment details
  • (Direct) marketing: We may use your personal data to inform you about new events, activities and membership benefits via our newsletter. We only process the personal data below when you give us your consent through the contact form on our website:
    • Last name
    • First name
    • Gender
    • E-mail address
  • Compliance with our legal obligations: In accordance with the legal obligations imposed on us (for example, accounting obligations), we process the following personal data:
    • Last name
    • First name
    • Address
    • Payment data
    • Last name
    • First name
    • Address
    • Additional data submitted in the context of a complaint or dispute or which we already possess and are necessary to follow up the complaint and/or dispute

  • Respond to user inquiries/ Dispute and complaint management: We may process your personal data to respond to your inquiries, to solve any (potential issue) you may have with our services or in case we receive a complaint from you and/ or conduct a dispute with you. We may rely on contract performance or on our legitimate interests (litigation management) to process following personal data:

The personal information that we collect depends on the context of your interactions with us and the choices you make.

We do not process sensitive information.

We also process certain information automatically when you visit, use, or navigate our online services. This information does not reveal your specific identity (like your name) but may include device and usage information, such as your Internet Protocol (IP) address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our online services, and other technical information. This information is mainly needed for the security and operation of our online services, as well as for our internal analytics and reporting purposes.

Like many organisations, we also process information through cookies. You can find more about this in our Cookie Policy: https://www.cesaer.org/cookie-policy/

The information we process through cookies and similar technologies includes:

  • Log and usage data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity on our online services (e.g. date/time stamps associated with your activity, page and files viewed etc.), device event information (e.g system activity, error reports, and hardware settings).
  • Device data: We collect device data such as information about your computer, phone, tablet or any other device you may use to access our online services. Depending on the device, this may include information such as your IP address (or proxy server), browser type, hardware model, internet service provider and/or mobile carrier, operating system, and system configuration information.
  • Location data: We collect location data such as information about your device’s location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access our online services. For instance, we may use GPS to collect geolocation data that tell us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device.

Lastly, we may obtain limited personal data from public databases, and other third parties. In order to enhance our ability to provide relevant offers and services to you and update our records, we may obtain information about you from other sources, such as public databases, data providers, partners, and from other third parties. This processing and combining of personal data for purpose of targeted communication and event promotion. We rely on our legitimate interest of (direct) marketing for this processing activity.

  • Personal data obtained from public databases is publicly available (i.e. social media, news articles) include:
    • Job titles
    • Social media profiles
    • Social media URLs
  • We only process personal data we obtain from third parties in accordance with the purpose for which the data was originally collected, or a purpose compatible with this. The personal data may include:
    • Job titles
    • Information regarding career and studies

The legal bases invoked by CESAER are specifically indicated for each processing activity and are underlined.

2. With whom do we share your personal data?

We may share your personal data with third-party vendors, service providers, contractors, or agents (‘third parties’) who perform services for us or on our behalf and require access to certain personal data in order to perform these services. They will only process your personal data on our behalf and in accordance with our instructions. We will not share your personal data with third parties who cannot guarantee at least the same level of protection of your personal data as we have implemented.

The categories of third parties we may share personal information with are as follows:

  • Data analytics services
  • Website hosting service providers.

3. How long do we retain your personal data?

We will not retain your personal data longer than necessary for the purposes set out in the present Privacy Notice, unless a longer retention period is required or permitted by law (for example tax, accounting or other legal requirements). No purpose in this Privacy Notice will require us retaining your information for longer than the period of time in which users have an account on our Extranet. The following retention policy applies to personal data processed by or on behalf of us:

  • Extranet account: 3 years after the end of membership
  • User-to-user communication: 3 years after the end of membership
  • Participation in activities/ events: 5 years after the end of the contractual relationship
  • Delivery of services: 5 years after the end of the contractual relationship
  • Direct marketing: 3 years after completing the contact form, provided that a renewal of this period is possible with your consent;
  • Compliance with our legal obligations: retention in accordance with the statutory period
  • User inquiries/ dispute and complaint management: as long as necessary for the resolution of the dispute/ complaint/ inquiry

After expiry of the periods described above, we will either delete or anonymise such information, or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.

4. How do we keep your information safe?

Both CESAER and the third parties processing personal data on its behalf have implemented appropriate and necessary technical and organisational security measures designed to protect the security of any personal data we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our online services is at your own risk. You should only access our online services within a secure environment.

5. Do we collect information from minors?

We do not knowingly solicit data from children under 18 years old. By using our online services, you represent that you are at least 18. If we learn that personal information from users less than 18 years old has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under the age of 18, please contact us via email at info@cesaer.org.

6. What are your privacy rights?

The Applicable Data Protection Laws grant you a number of rights in relation to personal data processed by us or on our behalf.

You can always contact us to exercise the following rights (provided you do so reasonably and within the legal limits):

  • You have a right to access your personal data
  • You have a right to rectification or correction of inaccurate or incomplete personal data;
  • You have a right to erasure of your personal data. This allows you to permanently delete personal data we process. We are not always obliged and in certain cases may not delete your personal data – this right only applies in the cases and to the extent provided by law.
  • You have a right to restrict the processing of your personal information. This allows you to ask us to freeze the use of your personal data, requiring all processing activities (except storage) to cease.
  • You have a right to object. This allows you to oppose the processing of your personal data for reasons related to your specific situation.
  • You always have the right to withdraw your consent when the processing of your personal data is done on the basis of your consent.
  • You always have the right to oppose the processing of your personal data for direct marketing purposes.
  • You have a right to data portability. This allows you to move your personal data form one IT environment to another in a user-friendly manner.
  • You have the right to review or change the information in your account or terminate your account at any time by contacting us using our contact information provided above or by logging in to your account settings to update your user account.

You may form such a request by contacting us by using the contact details provided at the beginning of this Privacy Notice. When contacting us, please provide a copy of your ID card or passport, along with proof of residence. This identification is necessary for us to authenticate that you are the rightful owner of the personal information in question.

We will consider and act upon any request in accordance with applicable data protection laws.

If you have any concerns regarding how CESAER manages your personal information or its handling of your requests to exercise your rights pertaining to that personal information, please reach out to us, and we will strive to address your concerns promptly. If you do not agree with the way CESAER processes your personal data, you have the option to lodge a complaint with the appropriate supervisory authority in Belgium:

Belgian Data Protection Authority

Rue de la Presse 35

1000 Brussels BELGIUM

contact@apd-gba.be

www.dataprotectionauthority.be

If you have questions or comments about your privacy rights, please email us at info@cesaer.org.

7. May we update this Privacy Notice?

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated ‘Revised’ date and the updated version will be effective as soon as it is accessible. If we make changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are processing your personal data.

Request more information

If you want to know more about CESAER click on the button below.

Request more information here
This website uses cookies to remember your preferences and to analyse website statistics. By continuing to our website or clicking on 'accept', you accept the use of these cookies.

More information: Cookie Policy and Privacy policy.