Privacy notice
Responsible editor
The responsible editor of this site is Contraste Europe NV, whose registered office is located at Avenue Arianelaan N°5 – 1200 Brussels, Belgium (VAT registered under number BE 451.992.086 Company number 0451.992.086). You can contact the company by telephone on +32 (0)2 730 79 80 or by e-mail at ContrastePrivacy@contraste.com.
Privacy Policy
Contraste Europe is the Data Controller for data collected via this website. Contraste Europe’s Data Protection Officer (DPO) can be contacted by e-mail at ContrastePrivacy@contraste.com. if you have any questions regarding the protection of your Personal Data.
Contraste Europe is a group of companies offering IT services and solutions to businesses. It operates exclusively in the B2B market, and does not offer its services to private individuals.
The Group comprises the following companies: Contraste Europe, Contraste Digital, Audaxis SA, Audaxis SAS, Audaxis Maghreb and The Digital Journey.
The group is present in Belgium, France, Switzerland and Tunisia.
In this policy, we use the name Contraste to refer to all group companies.
This policy describes all Personal Data processing carried out by Contraste as Data Controller, with regard to data processing carried out via this site.
What personal data is collected about users on this Website?
Users can provide personal information to Contraste via this website by browsing, applying online or using the contact form.
For full details of the Personal Data processed in connection with online applications, please refer to the specific privacy statement for applicants, available at https://www.contraste.com/en/contraste-europe-privacy-policy-candidates.
For each request via the contact web form, Contraste Europe collects the following information:
Last name, First name, Company (not mandatory), e-mail address, Area of interest, Message.
- During browsing, our server stores information relating to your IP address and request history (such as the history of pages visited).
- In addition, some cookies on our website process certain Personal Data. If you would like more information on this subject, please read our Cookie Policy.
- When you subscribe to our newsletter, Contraste Europe will collect your e-mail address.
For what purposes does Contraste use personal data and on what legal basis?
Navigation
Contraste retains information about your browsing for the purpose of detecting intrusions and correcting bugs on the website to ensure system security.
This Processing is based on Contraste’s legitimate interest in securing its website.
Contact form
The information provided by the user via the web contact form is used solely to respond to the user’s request. With the user’s express consent, his/her personal data may also be used to send him/her mailings on work-related subjects (new service offers, participation in trade fairs, etc.).
User data is only used for these purposes.
This Processing is based on your consent to contact Contraste Europe.
Newsletters
The information provided by the user via the newsletter registration form will only be used to send these newsletters with the user’s consent.
This Processing is based on your consent to receive our newsletter.
How Contraste collects personal data
Contraste collects your data through the following information sources:
- Users send a message to the “info” address of a company in the Contrast group;
- Users send a request via the web contact form ;
- Users subscribing to the newsletter ;
- Navigation logs
Who processes users’ personal data?
Navigation
Contraste’s IT department (Data Controller) and Audaxis SAS (Host, Data Processor) are the main recipients of the log for the purposes described above. Access to the log is secure and supervised. Audaxis SAS, as Data Processor, guarantees to take all technical and organisational measures to protect data as required by the General Data Protection Regulation (RGPD).
Contact form & Newsletter
Contraste’s sales department is the main recipient of the information collected from users via the contact and newsletter registration forms for the purposes described above. Depending on the nature of the request, the user’s personal data may be passed on to other Contraste Europe departments/companies involved in the request (Recruitment, Marketing, IT, Admin…) and to certain Data Processors who need access to your data in order to provide their services (e.g. MailChimp).
The service providers with whom we work and who act as Data Processors within the meaning of the RGPD, have contractually undertaken to protect and secure your data in accordance with the requirements of Article 28 RGPD.
How Contraste collects and retains user consent
All users of our website are clearly informed of the use of their personal data as described in this privacy policy.
Consent is only required to register for the newsletter and to send us a request. Consent is stored in Contraste’s system. If Contraste does not obtain the user’s consent, the user’s data will not be stored and processed. Users may withdraw their consent at any time by contacting Contraste. For newsletters, the user has the option of unsubscribing each time he or she receives a newsletter by clicking on “unsubscribe” at the bottom of the e-mail.
How long does Contraste keep users’ personal data and what is the legal basis?
Navigation
Logs are kept for 6 months. Log storage is justified for security purposes, such as intrusion and bug detection/resolution.
Contact form
Personal data from the contact form is kept for the time necessary to respond to the user’s request. The retention period is variable and depends on the complexity of the request. When a user submits a contact form, he or she can expect to receive a reply.
If the request is a commercial one, Contraste keeps the data for 3 years after the last contact, in accordance with the recommendations of the privacy protection authorities and only with the candidate’s explicit consent.
Newsletter subscription
The Personal Data required to send the newsletter is kept for as long as the user does not withdraw his consent to receive newsletters.
Rights of the Data Subject with regard to Personal Data
In relation to the General Data Protection Regulation (GDPR), users have the following rights in relation to their personal data stored by Contrast:
- Right to information
- Right of access
- Right to rectification
- Right to erasure (right to be forgotten).
- Right to limit Processing
- Right to data portability
- Right to object to processing
- Right not to be subject to a decision based exclusively on automated Processing
- Right to withdraw consent
To exercise any of these rights, Data Subjects may send an e-mail to ContrastePrivacy@contraste.com stating the reason for the request. Contraste will provide any requested information relating to Data Subjects’ rights within one calendar month of receipt of the request. If Contraste receives a large number of requests or particularly complex requests, the deadline may be extended by up to two months.
For security reasons, upon receipt of a request, Contraste will check the applicant’s identity. To this end, the acknowledgement of receipt will contain an invitation to perform one of the following operations:
Send a scan of an official proof of identity (ID card, passport, etc.) or other document clearly indicating the name and address of the Data Subject, justifying his or her identity.
The organization of a telephone conversation, during which a number of questions can be asked, the answers being compared with the personal data contained in the Contraste database.
The request will be processed if and only if positive authentication is obtained.
Security measures for technical information
List of safety measures
Contraste Europe uses a networked IT infrastructure, enabling its employees to communicate internally and with third parties, and to use applications and services. Contraste has implemented various security measures covering the following areas:
- User awareness
- User authentication
- Authorization management
- Access monitoring and incident management
- Securing workstations
- Secure mobile computing
- Securing the computer network
- Server security
- Secure websites
- Store and plan for business continuity
- Secure archiving
- Data maintenance and destruction control
- Outsourcing management
- Secure exchanges with other organizations
- Protecting buildings
- Guide IT developments
- Encrypt, guarantee integrity or sign
- Contraste regularly tests and improves these security measures.
- Detecting and managing security vulnerabilities
Definitions
Data Controller
The Data Controller is a natural or legal person (e.g. a company), public authority, department or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
For example, Contraste is a legal entity that is responsible for Processing the Personal Data of its employees as part of its human resources management.
GDPR, Art.4 (7)
Data Processor
The Data Processor is a natural or legal person, a public authority, a department or other body which processes Personal Data on behalf of the Data Controller and only on the latter’s instructions.
An employee of the Data Controller is not considered a Data Processor.
GDPR, Art.4 (8)
Processing of personal data
Processing of Personal Data is any operation or set of operations which is performed upon Personal Data or sets of Personal Data, whether or not by automatic means (e.g. software), such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
GDPR, Art.4 (2)
Personal data
Personal Data refers to any information relating to an identified or identifiable natural person, also known as a “Data Subject”. A person is considered identifiable when he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors characterizing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
Source: GDPR, Rec.26; Art.4 (1)
Specific Personal Data
Particular personal data” are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data. Data relating to offences and convictions are processed separately (criminal law does not fall within the legislative competence of the EU)”.
Source: GDPR, Rec.10, 34, 35, 51; Art.9 (1)
Privacy Authorities
Belgium
Data Protection Authority
Rue de la Presse, 35
B-1000 Brussels
Belgium
Telephone +32 2 274 48 00
www.autoriteprotectiondonnees.be/citoyen
contact@apd-gba.be
France
French Data Protection Authority (CNIL)
3 Place de Fontenoy
TSA 80715
F-75334 Paris Cedex 07
France
Telephone +33 1 53 73 22 22
https://cnil.fr/