Privacy notice

 

Responsible editor

The responsible editor of this site is Contraste Europe NV, whose registered office is located at Avenue Arianelaan N°5 – 1200 Brussels, Belgium (VAT registered under number BE 451.992.086 Company number 0451.992.086). You can contact the company by telephone on +32 (0)2 730 79 80 or by e-mail at ContrastePrivacy@contraste.com. 

 

Privacy Policy

Contraste Europe is the Data Controller for data collected via this website. Contraste Europe’s Data Protection Officer (DPO) can be contacted by e-mail at ContrastePrivacy@contraste.com. if you have any questions regarding the protection of your Personal Data. 

Contraste Europe is a group of companies offering IT services and solutions to businesses. It operates exclusively in the B2B market, and does not offer its services to private individuals. 

The Group comprises the following companies: Contraste Europe, Contraste Digital, Audaxis SA, Audaxis SAS, Audaxis Maghreb and The Digital Journey. 

The group is present in Belgium, France, Switzerland and Tunisia. 

In this policy, we use the name Contraste to refer to all group companies.

This policy describes all Personal Data processing carried out by Contraste as Data Controller, with regard to data processing carried out via this site.  

 

What personal data is collected about users on this Website?

Users can provide personal information to Contraste via this website by browsing, applying online or using the contact form. 

For full details of the Personal Data processed in connection with online applications, please refer to the specific privacy statement for applicants, available at https://www.contraste.com/en/contraste-europe-privacy-policy-candidates.

For each request via the contact web form, Contraste Europe collects the following information: 

Last name, First name, Company (not mandatory), e-mail address, Area of interest, Message.

  • During browsing, our server stores information relating to your IP address and request history (such as the history of pages visited).  
  • In addition, some cookies on our website process certain Personal Data. If you would like more information on this subject, please read our Cookie Policy.  
  • When you subscribe to our newsletter, Contraste Europe will collect your e-mail address.  

 

For what purposes does Contraste use personal data and on what legal basis?

Navigation

Contraste retains information about your browsing for the purpose of detecting intrusions and correcting bugs on the website to ensure system security.

This Processing is based on Contraste’s legitimate interest in securing its website.  

Contact form

The information provided by the user via the web contact form is used solely to respond to the user’s request. With the user’s express consent, his/her personal data may also be used to send him/her mailings on work-related subjects (new service offers, participation in trade fairs, etc.). 

User data is only used for these purposes. 

This Processing is based on your consent to contact Contraste Europe. 

Newsletters

The information provided by the user via the newsletter registration form will only be used to send these newsletters with the user’s consent.  

This Processing is based on your consent to receive our newsletter.   

How Contraste collects personal data

Contraste collects your data through the following information sources: 

  •       Users send a message to the “info” address of a company in the Contrast group;
  •       Users send a request via the web contact form ; 
  •       Users subscribing to the newsletter ; 
  •       Navigation logs 

Who processes users’ personal data?

Navigation

Contraste’s IT department (Data Controller) and Audaxis SAS (Host, Data Processor) are the main recipients of the log for the purposes described above. Access to the log is secure and supervised. Audaxis SAS, as Data Processor, guarantees to take all technical and organisational measures to protect data as required by the General Data Protection Regulation (RGPD). 

Contact form & Newsletter 

Contraste’s sales department is the main recipient of the information collected from users via the contact and newsletter registration forms for the purposes described above. Depending on the nature of the request, the user’s personal data may be passed on to other Contraste Europe departments/companies involved in the request (Recruitment, Marketing, IT, Admin…) and to certain Data Processors who need access to your data in order to provide their services (e.g. MailChimp). 

The service providers with whom we work and who act as Data Processors within the meaning of the RGPD, have contractually undertaken to protect and secure your data in accordance with the requirements of Article 28 RGPD.  

 

How Contraste collects and retains user consent 

All users of our website are clearly informed of the use of their personal data as described in this privacy policy. 

Consent is only required to register for the newsletter and to send us a request. Consent is stored in Contraste’s system. If Contraste does not obtain the user’s consent, the user’s data will not be stored and processed. Users may withdraw their consent at any time by contacting Contraste. For newsletters, the user has the option of unsubscribing each time he or she receives a newsletter by clicking on “unsubscribe” at the bottom of the e-mail.

 

How long does Contraste keep users’ personal data and what is the legal basis? 

 

Navigation 

Logs are kept for 6 months. Log storage is justified for security purposes, such as intrusion and bug detection/resolution.

Contact form

Personal data from the contact form is kept for the time necessary to respond to the user’s request. The retention period is variable and depends on the complexity of the request. When a user submits a contact form, he or she can expect to receive a reply. 

If the request is a commercial one, Contraste keeps the data for 3 years after the last contact, in accordance with the recommendations of the privacy protection authorities and only with the candidate’s explicit consent.

Newsletter subscription 

The Personal Data required to send the newsletter is kept for as long as the user does not withdraw his consent to receive newsletters.

 

Rights of the Data Subject with regard to Personal Data 

In relation to the General Data Protection Regulation (GDPR), users have the following rights in relation to their personal data stored by Contrast: 

  •        Right to information
  •        Right of access
  •        Right to rectification
  •        Right to erasure (right to be forgotten).
  •        Right to limit Processing 
  •        Right to data portability
  •        Right to object to processing
  •        Right not to be subject to a decision based exclusively on automated Processing 
  •        Right to withdraw consent 

To exercise any of these rights, Data Subjects may send an e-mail to ContrastePrivacy@contraste.com stating the reason for the request. Contraste will provide any requested information relating to Data Subjects’ rights within one calendar month of receipt of the request. If Contraste receives a large number of requests or particularly complex requests, the deadline may be extended by up to two months. 

For security reasons, upon receipt of a request, Contraste will check the applicant’s identity. To this end, the acknowledgement of receipt will contain an invitation to perform one of the following operations: 

Send a scan of an official proof of identity (ID card, passport, etc.) or other document clearly indicating the name and address of the Data Subject, justifying his or her identity. 

The organization of a telephone conversation, during which a number of questions can be asked, the answers being compared with the personal data contained in the Contraste database. 

The request will be processed if and only if positive authentication is obtained. 

 

 

Security measures for technical information

List of safety measures

Contraste Europe uses a networked IT infrastructure, enabling its employees to communicate internally and with third parties, and to use applications and services. Contraste has implemented various security measures covering the following areas: 

  •        User awareness
  •        User authentication
  •        Authorization management
  •        Access monitoring and incident management
  •        Securing workstations
  •        Secure mobile computing
  •        Securing the computer network
  •         Server security
  •        Secure websites
  •        Store and plan for business continuity
  •        Secure archiving
  •        Data maintenance and destruction control 
  •         Outsourcing management 
  •        Secure exchanges with other organizations
  •        Protecting buildings
  •        Guide IT developments
  •        Encrypt, guarantee integrity or sign
  •        Contraste regularly tests and improves these security measures.
  •       Detecting and managing security vulnerabilities 

 

 

Definitions

Data Controller

The Data Controller is a natural or legal person (e.g. a company), public authority, department or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.  

For example, Contraste is a legal entity that is responsible for Processing the Personal Data of its employees as part of its human resources management. 

GDPR, Art.4 (7)

Data Processor 

The Data Processor is a natural or legal person, a public authority, a department or other body which processes Personal Data on behalf of the Data Controller and only on the latter’s instructions. 

An employee of the Data Controller is not considered a Data Processor. 

GDPR, Art.4 (8)

Processing of personal data

Processing of Personal Data is any operation or set of operations which is performed upon Personal Data or sets of Personal Data, whether or not by automatic means (e.g. software), such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.  

GDPR, Art.4 (2)

Personal data

Personal Data refers to any information relating to an identified or identifiable natural person, also known as a “Data Subject”. A person is considered identifiable when he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors characterizing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. 

Source: GDPR, Rec.26; Art.4 (1)

Specific Personal Data 

Particular personal data” are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data. Data relating to offences and convictions are processed separately (criminal law does not fall within the legislative competence of the EU)”. 

Source: GDPR, Rec.10, 34, 35, 51; Art.9 (1)

 

Privacy Authorities

Belgium

Data Protection Authority

Rue de la Presse, 35

B-1000 Brussels

Belgium

Telephone +32 2 274 48 00

www.autoriteprotectiondonnees.be/citoyen 

contact@apd-gba.be

 

France

French Data Protection Authority (CNIL)

3 Place de Fontenoy

TSA 80715

F-75334 Paris Cedex 07

France

Telephone +33 1 53 73 22 22

https://cnil.fr/