Privacy Statement

Privacy Policy and General Terms and Conditions for the Processing of Personal Data of IPG Group (Belgium)

Privacy policy

 General

This policy and these terms and conditions shall apply from 6 October 2020:

Company Address VAT/ Company number
IPG Holding nv Woluwelaan 158, 1831 Machelen (BE) 0865.104.792
IPG Contact Solutions nv Woluwelaan 158, 1831 Machelen (BE) 0468.082.606
IPG IT Solutions nv Woluwelaan 158, 1831 Machelen (BE) 0465.358.092
GO FORWARD BELGIUM sprl Woluwelaan 158, 1831 Machelen (BE) 0463.415.619
Koramic2engage nv Woluwelaan 158, 1831 Machelen (BE) 0879.144.256
Contact Expert nv Louizalaan 251, 1050 Brussel (BE) 0427.073.974

Hereafter called “IPG GROUP”, this group has branches in Antwerp, Leuven, Liege:

In the course of your contact with IPG Group, you may share personal information with us, so that we can identify you as an individual, an employee of a company, etc. (such as your full name, e-mail address, address and telephone number). These are your personal data.

This Privacy Policy applies to the personal data we collect about you for the purpose of providing our services to you. By using the Site or providing us with your personal information in connection with our services, you are accepting the practices described in this policy.

The processing of personal data by IPG Group as a controller:

IPG Group collects, records and processes personal data from customers and users of its services. For example, data is communicated by the person concerned when making contact or when IPG Group is providing services on behalf of its customers.

Personal data is always processed in compliance with the principles of the privacy legislation and the General Data Protection Regulation, being the European Regulation 2016/679 of 27 April 2016 on the protection of personal data. Personal data is processed lawfully, properly and transparently in accordance with the regulations for their category and for a specified and explicit purpose.

The data processing shall be limited to what is necessary and the retention period of the personal data shall be limited to the time needed to fulfil the purposes of the processing. You can request more information about this (see rights of data subject). Personal data is adequately protected by technical and organisational measures; IPG Group processes your personal data for the following purposes, among others:

  1. Customer management;
  2. Recruitment of new employees;
  3. Information about our professional and social activities, or any other subject that may interest you;
  4. To be able to contact you if this is necessary for us to be able to carry out our services;
  5. For the further implementation of agreements;
  6. To inform you about changes to our services and products;
  7. To be able to offer you our service;
  8. Processing your payment;
  9. To fulfil legal obligations;
  10. For statistical processing;
  11. When the legitimate interest of the company requires it, but it is always clear to the person concerned;

Other data are collected in an automated way by “cookies” and other systems/applications that collect information. More information can be found on our website.

In connection with these objectives, processors/subcontractors may be appointed by IPG Group in order to ensure that our services are provided in the best possible way, such as our suppliers, accountants, lawyers, insurance companies, administration, etc. Personal data may be passed on to these parties if necessary. These professional parties act in accordance with the applicable privacy legislation and in accordance with guarantees such as our terms and conditions (infra). You can obtain information about this from our Data Protection Officer.

IPG Group as Processor

In the services IPG Group provides on behalf of the customer ‘e.g. customer service’, IPG Group sometimes gets access to (personal) data of the customer. In such cases, the customer will have the role of “Controller” and IPG Group the role of “Processor”, as described in the GDPR. IPG Group has ‘Data Protection Terms and Conditions’ with its customers which can be found at the bottom of this document. In these cases, as a data subject, you will need to contact the Controller regarding your question or your question will be sent to the Controller to be answered.

Rights of the data subject

If you want to consult, transfer, amend, correct, limit or delete your data, you can send an e-mail to this effect free of charge, provided that you provide proof of your identity by means of, for example, a copy of your identity card (without a photo and national registry number) to the e-mail address at which you can reach our Data Protection Officer; [email protected] In the same way, you can also object to the processing of personal data or if you wish to terminate the communication.

You also have the right to ask not to be contacted for direct marketing purposes, either by IPG Group, in which case you can send your request to [email protected] , or by any company, in which case you can register on the ‘don’t-call-me’ register provided for by law through the following website: www.bel-me-niet-meer.be or www.ne-m-appelez-plus.be.

The data will be adjusted or deleted as far as possible and as far as the technical possibilities allow. Your request will be dealt with as quickly as possible. Your request will be met as far as possible, except if this turns out to be impossible due to the company’s interest or a legal obligation. In the event that IPG Group acts as a Processor, the question should be addressed to the Controller.

In the event of a data incident that threatens your rights and the protection of your personal data, the supervisory authority will be informed and, in the event of a high risk to the rights and freedoms of natural persons, you will be informed as a data subject.

Security and confidentiality

IPG GROUP is making considerable efforts to implement security measures, adapted at technical and organisational level, in order to avoid the destruction, loss, falsification, modification, unauthorised access or accidental communication to third parties of personal data collected on the website, as well as any other unauthorised processing of that data. In no event shall IPG be held liable for any direct or indirect damage resulting from the incorrect or illegal use by a third party of the personal data.

All data will always be treated confidentially.

If you have the impression that your data is not properly secured or there are indications of misuse, please contact us at [email protected]

Accuracy of your data

Anyone who provides data to IPG guarantees that this data is correct and complete. The communication of incorrect data or data belonging to third parties may result in the user being temporarily or permanently denied access, in whole or in part, to the products and services of the IPG Group.

Concerning minors

Our website and/or service is not intended to collect information about website visitors who are under 16 years of age unless they have permission from their parents or guardian. However, we cannot control whether a website visitor is over 16 years of age. We therefore recommend that parents be involved in the online activities of their children in order to prevent data being collected on children without parental permission. If you are convinced that we have collected personal data on a minor without such consent, please contact us at [email protected] and we will delete this information.

Intellectual property rights

The contents of this site, including brands, logos, drawings, data, product or company names, texts, images, etc. are protected by intellectual rights and belong to IPG or entitled third parties.

Information on the website

By using this website, you undertake to comply with and accept the following terms and conditions of use. IPG Group owns the exclusive copyright and intellectual property rights to this website, its design and entire contents. Use of this website, or parts thereof, in any form whatsoever, is prohibited without IPG Group’s prior written consent.

It is prohibited without prior written consent to store (other than necessary to view the website), reproduce, modify, publish, distribute or transmit, sell or otherwise transfer or grant any rights to third parties in respect of the information provided on and through this website.

The information on the website is of a general nature. The information is not adapted to personal or specific circumstances, and therefore cannot be considered as personal, professional or legal advice to the user.

The website may contain hyperlinks to websites or pages of third parties, or refer to them indirectly. The placing of links to these websites or pages in no way implies any implicit approval of their content.

IPG expressly declares that it has no control over the content or other characteristics of these websites and cannot under any circumstances be held liable for their content or characteristics or for any other form of damage resulting from their use.

Other provisions

 This Privacy Statement can be amended from time to time, taking into account, among other things, the new laws and regulations or developments in this regard. The amendments will automatically take effect after publication.

If any of the foregoing provisions regarding the processing of personal data or any other provision should be invalid, all parties agree that it will be replaced by a provision that will approximate as closely as possible the underlying purpose of the provision in question.

The Privacy Policy at IPG Group is governed by Belgian law and was originally written in Dutch; in the event of interpretation, the Dutch version must be used.

The Belgian Authorities (e.g. the Data Protection Authority) and the courts competent for the registered office are, to the exclusion of all others, competent to take cognisance of disputes and complaints that might arise with regard to this website or its use or with regard to the processing of personal data or any other dispute.

For compliance with applicable laws, about rights and obligations arising from the General Data Protection Regulation or for the follow-up of a possible information security incident, please contact [email protected];

 

IPG GROUP

General Data Protection Conditions for the Professional Relationships of IPG GROUP

 General

IPG GROUP and Parties with which IPG has professional relationships (Customers/Suppliers/…) comply with all legal obligations, including the EU General Data Protection Regulation (EU 2016/679 – hereinafter GDPR) when processing personal data. Personal data is processed in a lawful, proper and transparent manner and for a specified and explicit purpose. The data processing is limited to what is necessary in relation to professional performance and the retention period of the personal data is limited to as long as necessary in relation to the realisation of the purposes of the processing.

Personal data is appropriately protected by technical and organisational measures. IPG Group, the customer, their employees, affiliated companies and their processors all handle the personal data in a confidential manner. IPG makes efforts to provide appropriate administrative, physical and technical security measures to protect personal data against accidental or unlawful destruction, accidental loss, falsification, unauthorised disclosure and unauthorised access.

Personal data will not be transferred outside the European Economic Area (EEA) unless adequate safeguards are provided in accordance with the GDPR.

The Customer expressly authorises IPG Group to appoint Processors in order to carry out the processing activities that are the subject of the agreement/relationship in force between the Parties. IPG Group shall conclude a Processing Agreement or other legal act with these Processors that shall contain protective provisions at least equivalent to those set out in this document.

The Customer/Supplier will ensure that all Personal Data provided to IPG Group by or on behalf of the Customer has been collected fairly and transparently and in compliance with applicable regulations. IPG Group will, taking into account the nature of the processing, through appropriate technical and organisational measures, provide assistance in responding to requests concerning the rights of the Data Subject to the extent possible. The Customer will reimburse these assistance services.

At the Customer’s request, a list of active and systematic Processors of the Customer’s personal data shall be provided. The Customer shall, upon request, be informed of changes concerning the addition or replacement of Processors relating to the processing of personal data provided by the Customer and may object to those Processors within 7 days. If no objection is received within this period, IPG Group will assume that the use of those other Processors has been approved. The Customer accepts that this concerns Processors that actively and systematically process personal data and that no approval is needed for occasional services such as the provision of technical maintenance. IPG Group and the Customer acknowledge and accept that this article is a summary and that IPG Group’s privacy policy applies in its entirety.

IPG Group as Controller

IPG Group processes personal data in accordance with the preceding privacy policy as published on this website.

IPG Group as Processor

In the course of the services IPG Group provides for the Customer, IPG will sometimes have access to personal data of the Customer. In such situations, the Customer will have the role of “Controller” and IPG the role of “Processor”, as described in the GDPR.

IPG Group will process these personal data according to the Customer’s instructions and/or in accordance with the provision of the services from the agreement between IPG Group and the Customer, or as required by law, regulatory body or competent authority. In the latter case, IPG Group will inform the Customer in advance to the extent possible, unless prohibited by the relevant law, regulatory body or competent authority. The foregoing determines the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and the categories of data subjects.

The Customer accepts that it is the primary controller of the processing of Personal Data. IPG shall, taking into account the nature of the processing and the information available to it, assist the Customer to the extent possible in enforcing its obligations under Articles 32 to 36 GDPR. The customer shall reimburse all such assistance services.

  1. Assistance with security of processing (Article 32 GDPR).
  2. Assistance with data incidents (Articles 33 and 34 GDPR) – IPG shall inform the customer without unreasonable delay as soon as it becomes aware of a breach related to Personal Data.
  3. Assistance regarding a Privacy Impact Assessment (Articles 35 and 36 GDPR) – Where a type of processing presents a high risk to the rights and freedoms of natural persons, the customer shall carry out an assessment of the impact of the intended processing activities on the protection of personal data in accordance with Articles 35 and 36 GDPR prior to the processing.

Upon written request from the Customer, IPG Group shall make available the information necessary to demonstrate compliance with the obligations set out in Article 28 GDPR and, in addition, to enable audits, inspections or checks. In addition, IPG Group shall notify the customer if an instruction is manifestly in breach of the GDPR and IPG Group is aware of this. The customer shall reimburse all such assistance.

Upon the termination of this Agreement, IPG GROUP shall, if requested by the Customer, return or destroy the Personal Data and/or existing copies, as far as reasonably possible. IPG GROUP will confirm that it has done so (except where a relevant law or Authority requires IPG GROUP to retain a copy of the Personal Data).

For the avoidance of doubt, nothing in this point obliges IPG Group to destroy copies of data that it holds on its own behalf as Controller.

Liability

General liability

IPG Group’s total liability shall in any event not exceed the total amount of costs paid by the Customer as specified in the agreement with the Customer, up to a maximum of 2.500 euros unless otherwise agreed. For any other damage, there is a maximum of €1000. This general provision also applies to the following provisions regarding liability in this document, unless otherwise agreed between the parties. The liability of IPG Group is in any case always limited to direct damage caused by serious fault or fraud.

Liability due to use of website

However, IPG Group cannot be held liable for direct or indirect damage resulting from the use of the information on this site. If you discover any inaccuracies in the information provided via the site, please contact the site administrator. The content of the site (including links) may be adapted, modified or supplemented at any time without notice or notification. IPG Group does not guarantee the proper functioning of the website and cannot be held liable in any way for the poor functioning or temporary (un)availability of the website or for any form of damage, direct or indirect, which may arise from access to or use of the website. IPG Group may not, under any circumstances, be held liable to anyone, directly or indirectly, in any specific or other way, for damage resulting from the use of this site or of any other site, in particular as a result of links or hyperlinks, including, without limitation, any loss, work interruptions, damage to programmes or other data on the computer system, to equipment, software or other items owned by the user.

Liability for data protection as Processor

The liability of IPG GROUP shall always be limited to those cases specifically provided for in the GDPR within the framework of the capacity with regard to the professional relationship. IPG GROUP shall only be liable for damage caused by processing if, during processing, the obligations of the GDPR specifically addressed to Processors were not fulfilled or were acted upon outside or contrary to the instructions of the Controller. IPG’s liability is in all cases limited to direct damage and in the event of gross negligence or fraud. The Customer will indemnify IPG at all times against all claims from third parties.

Other provisions

If any of the foregoing provisions regarding the processing of personal data or any other provision should be invalid, all parties agree that it will be replaced by a provision that will approximate as closely as possible the underlying purpose of the provision in question.

These Terms and Conditions at IPG Group are governed by Belgian law and were originally written in Dutch; in the event of interpretation, the Dutch version must be used.

The Belgian Authorities (e.g. the Data Protection Authority) and the courts competent for IPG Group’s registered office are, to the exclusion of all others, competent to take cognisance of disputes and complaints that might arise in relation to this website or its use or with regard to the processing of personal data or any other dispute.

For compliance with applicable laws, about rights and obligations arising from the General Data Protection Regulation or for the follow-up of a possible information security incident, please contact [email protected];

IPG GROUP