Responsible for data processing and protection
Metrac Int SA
1336A CH de Waterloo
We process personal data relating to:
- to representatives of our clients;
- to our customers;
- to representatives of our suppliers;
- candidates for a job with us;
- to visitors [of kitciel.com and our workplaces; and
- to other data subjects, (the “ persons concerned “,” you “,” your your “).
- your personal identification data, your professional identification data and your contact data for the activation, management and maintenance of our business relationship with our customers;
- your personal identification data and your professional identification data to enable us to organize the invoicing of our customers;
- where applicable, your bank details to verify payment of invoices related to our service;
- where applicable, your personal identification data, your professional identification data and your contact data for sending communications for marketing purposes;
- conduct restructuring operations of our activities;
- perform internal and external audits;
- manage disputes with data subjects and when the processing is necessary for the establishment, exercise or defense of legal claims.
- the performance of a contract to which the data subject is a party or the performance of pre-contractual measures taken at your request (for example, in the event of solicitation for work with us);
- compliance with an applicable legal obligation applicable to us (for example, in terms of accounting, taxation, etc.);
- in the pursuit of our legitimate interests (or those of a data recipient) provided that these interests prevail over your fundamental rights and freedoms.
- directly from you, for example during the first contact we make with you;
- from publicly available information (on the Internet), for example when we check the profile of candidates for a job with us.
- [members of our staff in charge of commercial and administrative follow-up have access to personal identification data, professional identification data and contact data of our clients or of our clients’ representatives;
- the members of our team in charge of monitoring our suppliers have access to personal identification data, professional identification data and contact data of representatives of our suppliers;
- our legal advisers and lawyers have access to certain personal data of the persons concerned in the context of operations to restructure our activities or in litigation.
- the country to which the personal data are transferred has benefited from an adequacy decision by the European Commission under Article 45 of the GDPR and the transfer falls within the scope of said decision of ‘adequacy ;
- we have concluded a contract with the recipient of the personal data containing the standard contractual clauses for the protection of personal data adopted by the European Commission pursuant to Article 47 of the GDPR; Where
- in the event of transfer to the United States, the recipient of the personal data is certified against the EU-US Privacy Shield program established under Article 45 of the GDPR and the transfer falls within the scope of application of the EU-US Privacy Shield program.
- the date of our last contact;
- security reasons (for example, the security of our information systems);
- any ongoing or potential dispute or litigation with a data subject;
- any legal obligation to store or erase personal data (for example, a retention obligation imposed by an accounting or tax law).
What is our commitment to data protection?
We are committed to using our best efforts to bring our personal data processing activities into compliance with applicable data protection legislation, including Regulation (EU) 2016/679 on the protection of individuals. ‘with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation) (the ” GDPR “) And the Law of 30 July 2018 on the protection of individuals with regard to the processing of personal data, as amended, supplemented or replaced from time to time (the” Applicable Data Protection Legislation “).
For what purposes do we process your personal data?
If you are the representative of one of our clients, we handle:
If you are the representative of one of our suppliers, we process your personal identification data, your professional identification data and your contact data for the management of our business relationship with our suppliers.
If you are a candidate for a job with us, we process your personal identification data, your professional identification data, your contact data, data relating to your professional life (skills, qualifications, experience, etc.) and the personal data contained in your curriculum vitae to assess your profile against our recruitment needs.
If you visit our Website, we may process electronic identification data about you in an aggregate manner to measure frequency on our Website, improve the browsing experience and for the detection and prevention of fraud and breaches. computer security.
If our workplaces are equipped with surveillance cameras, we are able to request access to images concerning you, only when this access is necessary for the pursuit of our legitimate interest in detecting offenses or incivility and to the extent permitted by applicable law.
We are also likely to process some of your personal data for the following purposes:
We do not subject the data subjects to decisions based exclusively on automated processing producing legal effects concerning them or affecting them in a similarly significant way.
How do we process your personal data?
We process your personal data as controller. In this context, we determine the purposes and means of processing your personal data.
On what grounds do we process your personal data?
The provision of your personal data may be necessary:
We ask for your prior, free and informed consent before proceeding with the processing of some of your personal data (for example, whenever the processing of your data involves a transfer of your image rights).
The provision of some of your personal data (for example, your personal identification data, etc.) conditions our ability to provide our service or carry out our activities to you.
The possible consequences of not providing your personal data could include our inability to provide you with our service or carry out our activities or a violation on our part of one or more obligations under applicable laws (for example, accounting and tax laws).
Where does your personal data come from?
The personal data we process comes from the following sources:
Who has access to your personal data?
The following recipients are likely to receive or have access to some of your personal data (only if this is necessary for the performance of their mission):
We entrust the processing of some of your personal data to subcontractors only to the extent necessary to carry out their missions and in accordance with our written instructions and the Applicable Data Protection Legislation.
In the event of a restructuring transaction (for example, a financing transaction), we may transmit certain personal data concerning a limited number of data subjects to a third party involved in the transaction (for example, a bank) in accordance with Applicable Data Protection Legislation.
How do we manage subcontractors?
We take appropriate measures to ensure that our processors process your personal data in accordance with Applicable Data Protection Law.
Among other things, we ensure that our subcontractors undertake to process personal data only on our instructions, not to hire another subcontractor without our prior authorization, to take the appropriate technical and organizational measures to to guarantee the security of personal data, to guarantee that the persons authorized to access personal data are subject to adequate confidentiality obligations, to return and / or destroy the personal data they process at the end of their services, to comply with audits and to provide us with assistance in following up on requests from data subjects regarding the exercise of their rights in relation to their personal data.
Where do we process your personal data?
[Some recipients of personal data may be organizations headquartered in a country outside the European Economic Area (“ EEE “) Or to process certain personal data from a country outside the EEA.]
In the event that your personal data is transferred to countries outside the EEA, we will take care to take the following guarantees:
What are the applicable retention periods?
We ensure that your personal data are only kept for a period that does not exceed that necessary for the purposes for which they are processed.
We keep invoices and other accounting documents (which may include some of your personal data) for a period of seven (7) years following the date of their issue in accordance with the accounting law. These accounting documents may, where appropriate, contain certain personal identification data, certain professional identification data and certain contact data.
We also use the following criteria to determine the retention period of personal data depending on the context and the purposes of each processing:
What are your rights ?
Subject to Applicable Data Protection Legislation, you have the right to information, the right to access, rectify and delete your personal data, the right to object to or limit the processing of your personal data, a right to the portability of personal data and the right to withdraw your consent.
Below is a table describing each of your rights in more detail:
|The right to information||You have the right to obtain clear, transparent and understandable information on how we process your personal data and on the exercise of your rights. This information is contained in the Policy. If they should not be sufficiently clear, we invite you to contact us (via our contact details given in the Policy).|
|The right of access||You have the right to obtain confirmation that personal data concerning you are or are not being processed and, when they are, access to such personal data. You have the right to obtain a copy of your personal data, unless the exercise of this right infringes the rights and freedoms of others.|
|The right to rectification||You have the right to obtain rectification of personal data concerning you if they prove to be inaccurate. You also have the right to have your personal data completed if it turns out to be incomplete.|
|The right to erasure (the “right to be forgotten”)||You have the right to have your personal data erased. However, the right to erasure (or the “right to be forgotten”) is not absolute and is subject to specific conditions. We are likely to keep some of your personal data to the extent permitted by applicable law, and in particular when their processing remains necessary for compliance with a legal obligation to which we are subject or for the observation, exercise or the defense of a right in court.|
|Right to object to processing||You have the right to object to certain types of processing (when the processing is based on our legitimate interests and, taking into account your particular situation, your interests or fundamental rights and freedoms prevail).|
|Right to object to processing for prospecting purposes||You have the right to object at any time to the processing of your personal data when we process this data for prospecting purposes.|
|The right to restriction of processing||You have the right to obtain the restriction of processing in certain circumstances (for example when we no longer need your personal data but these are still necessary for the establishment, exercise or defense of a right to court).|
|The right to the portability of personal data||You have the right, in certain circumstances, to receive the personal data concerning you and which you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller.|
|The right to withdraw your consent||If you have given us your consent for the processing of your personal data, you have the right to withdraw it at any time.|
Please send any request relating to your rights in relation to your personal data that we process in the capacity of data controller to our[Délégué à la Protection des Données][personne de contact pour toute question relative à la protection des données] using their contact details listed in the Policy. We undertake to respond to your request as soon as possible and always within the deadlines provided for by the Applicable Data Protection Legislation. Please note that we may retain your personal data for certain purposes when required or permitted by law. Finally, please note that we may, in case of doubt as to your identity, ask you for proof of identity in order to prevent any unauthorized access to your personal data.
What level of security do we provide?
We take appropriate technical and organizational measures to ensure a level of security adapted to the risks associated with the processing of your personal data.
We follow industry best practices to ensure that personal data is not accidentally or unlawfully destroyed, lost, altered, unauthorized disclosed, or accessed in an unauthorized manner.
Do you have questions or complaints?
If you should have any questions or complaints about the way in which we process your personal data, please address them in advance to our Delegate at our contact person for any questions relating to data protection using their contact details provided. in politics.
You have the right to lodge a complaint with the competent supervisory authority. The competent authority for Belgium is: Data Protection Authority, rue de la presse 35, 1000 Brussels, +32 (0) 2 274 48 00, email@example.com .
Something else ?
We reserve the right to update the Policy from time to time. We inform you of any changes that we may have to make to the Policy.
In the event of a conflict or incompatibility between a provision of the Policy and a provision of another policy or other document relating to the processing of personal data, the provision of the Policy shall prevail.