+
Search
Primaire tabs
ATTENTIA Privacy Policy - English
Nederlandse Versie
Version Français
Attentia is firmly committed to the protection of your personal data.
Within Attentia, a program has been set up and developed under the direction of the Data Protection Officer (DPO) for the purpose of processing the personal data of our customers’ employees (customers are the companies that engage the services of Attentia) and of our own employees in accordance with the applicable data protection legislation at European and national level.
The purpose of this privacy statement is to inform you how Attentia collects and processes your personal data.
This privacy statement applies to the personal data processed by the various entities of Attentia and applies to the processing of personal data in the context of all (potential) customer relationships and the use of our websites, applications and offices.
1. What is the legal framework?
3. What personal data about you does Attentia process?
4. For which purposes does Attentia process personal data?
5. On what legal grounds does Attentia base its processing of personal data?
6. Does Attentia qualify as a data controller or a data processor?
7. With which third parties is personal data shared?
9. How long does Attentia keep your personal data?
10. How does Attentia secure your personal data?
13. Latest update of this privacy statement
1. What is the legal framework?
Attentia processes personal data in accordance with the legal requirements laid down in the General Data Protection Regulation (“GDPR”) and the Belgian law on the protection of natural persons with regard to the processing of their personal data.
Since all Attentia legal entities are established within the European Economic Area (“EEA”), the GDPR applies to all personal data processing activities that take place in the context of our services.
2. Attentia legal entities
Attentia offers a wide variety of services within which personal data is collected and processed. Below, you will find an overview of our legal entities:
| Entity | Address | Company number | VAT number |
|---|---|---|---|
| ATTENTIA nv | Keizer Karellaan 584 1082 Sint-Agatha-Berchem |
462.975.357 | BE 0462 975 357 |
| ATTENTIA preventie & bescherming vzw |
Keizer Karellaan 584, bus 1 1082 Sint-Agatha-Berchem |
409.440.463 | BE 0409 440 463 |
| ATTENTIA corporate vzw | Keizer Karellaan 584, bus 4 1082 Sint-Agatha-Berchem |
406.633.995 | BE 0406 633 995 |
| ATTENTIA sociaal secretariaat vzw | Keizer Karellaan 584, bus 2 1082 Sint-Agatha-Berchem |
406.607.271 | BE 0406 607 271 |
| Krekelbergh - ATTENTIA sociaal kantoor nv | Hoogleedsesteenweg 348 8800 Roeselare |
421.457.179 | BE 0421 457 179 |
| Brussels Aviation Medical bv | Luchthaven Brussel Nationaal gebouw 26 1930 Zaventem |
886.963.545 | BE 0886 963 545 |
3. What personal data about you does Attentia process?
By “personal data”, Attentia means all information about an identified or identifiable natural person (“the data subject”), as defined in Article 4 of the GDPR.
Depending on the specific service, Attentia mainly collects the following categories of personal data.
- Identification details
Data that enables Attentia to identify you as part of the delivery of our services. Examples: surname, first name, title, national registration number…
- Contact details
Data that enables Attentia to contact you. Examples: telephone number, email address, address…
- Financial details
Data relating to your financial situation. Attentia mainly uses these types of personal data as part of the payroll calculation and related activities, as well as activities relating to bonus optimisation. Examples: salary details, bank account number…
- Family composition
Data about your family situation. Attentia mainly uses these types of personal data as part of the payroll calculation and the calculation of tax returns. Examples: dependants, marital status…
- Personal characteristics
Examples of such personal details are age, gender, date of birth, place of birth, nationality…
- Education and training
Data relating to the education and training courses that you have completed. Examples: degrees, qualifications, certificates…
- Profession and job
Data relating to your job and position. Examples: career, professional aptitude, current profession, professional experience…
- Medical details
Data relating to your health. These types of personal data are collected mainly as part of our services as an external service for prevention and protection at work.
- Details relating to your surfing behaviour
These are details providing insight into how website visitors navigate the Attentia website. Examples: cookies and other tracking technologies.
4. For which purposes does Attentia process personal data?
Attentia collects and uses personal data only for specific, expressly defined and justified purposes and will not use personal data in a manner incompatible with these purposes.
The main purposes of processing personal data are:
- Organising and performing our wide range of services..
For the performance of the various services, Attentia undertakes large-scale processing of the personal data of its customers’ employees, both in the context of its service as a social secretariat and in the context of its provision of an external service for prevention and protection at work. Attentia needs these types of personal data to be able to provide the requested services and the amount of types of data are always limited to the minimum required data.
- Optimising the services provided by Attentia..
Attentia occasionally collects feedback from its customers about the services provided in order to further optimise its service provision in the future.
- Providing information in response to queries and enquiries..
Attentia uses the data that you provide (collected using the contact forms on the website, among other things) to provide you with the information that you have requested as effectively and quickly as possible.
- Organising sales and marketing campaigns..
Attentia uses your personal data for the organisation of sales and marketing campaigns, ensuring of course that the necessary permission has been obtained to contact you as part of any such campaigns or can be justified by the legitimate interest of Attentia.
- Recruiting professionals to strengthen our team..
Attentia uses the information you provide (mainly identification data and contact details) as part of an application process to evaluate whether you are a good match with the company and to ensure that the application process progresses well.
- Guaranteeing the reliable provision of services..
Attentia processes your personal data to organise access security to the office buildings, to optimise the security of our IT and network environment and to offer a secure and smooth-running service.
- Fulfilling legal obligations, both as a service provider and employer..
Attentia processes certain personal data in order to comply with its legal obligations, among others as an employer, as a social secretariat and as an external service for accident prevention & protection at work.
5. On what legal grounds does Attentia base its processing of personal data?
The legal basis on which Attentia processes personal data may vary depending on the specific scenario in which personal data is collected and processed by Attentia.
For the ordinary categories of personal data (the categories of personal data that do not belong to the categories listed in Articles 9 and 10 of the GDPR):
Grounds for processing |
Examples |
|
Consent (Article 6(1)(a) of the GDPR) |
|
|
Necessary for the performance of a contract (Article 6(1)(b) of the GDPR) |
|
|
Necessary for the fulfilment of our legal obligations (Article 6(1)(c) of the GDPR) |
|
|
Based upon legitimate interests (Article 6(1)(f) of the GDPR) |
|
For the special categories of personal data (the categories of personal data that are listed in Articles 9 and 10 of the GDPR):
Grounds for processing |
Examples |
|
Necessary for the purpose of carrying out obligations in the field of employment law, and social security and social protection law (Article 9 (2)(b) of the GDPR) |
|
|
Necessary for the purposes of preventive or occupational medicine, for the assessment of the employee’s working capacity, and medical diagnoses (Article 9 (2)(h) of the GDPR) |
|
6. Does Attentia qualify as a data controller or a data processor?
In the context of its various activities, Attentia is qualified as a controller or as a processor of personal data, depending on the situation and the specific service.
As an accredited social secretariat, Attentia always qualifies as a data processor for the processing of personal data of customers’ employees.
As an external service for prevention & protection, Attentia always qualifies as a data controller for the processing of personal data of customers’ employees.
In the context of its other services, depending on the specific processing activity, Attentia qualifies either as a data controller or as a data processor.
7. With which third parties is personal data shared?
Attentia only passes on your personal data to third parties in the following cases:
- If the transfer of personal data is necessary for the performance of our services;
- If there is a legal obligation on Attentia to pass on personal data;
- If an explicit mandate has been given by our customers and/or individuals concerned for a specific transfer of their personal data.
The main recipients of personal data are listed below.
7.1. Other Attentia legal entities
If an employer uses the services of a legal entity of Attentia in connection with which the personal data of its employees are processed, and this employer also wishes to use the services of another legal entity of Attentia, this employer can instruct the relevant legal entity from which it purchases services to pass on the personal data of its employees to the other legal entity of Attentia. This with a view to provide a smoother service.
7.2. Service providers
In turn, Attentia engages a number of service providers to support certain aspects of the provision of services. One example of this is the IT infrastructure supplier. Personal data that is shared with these service providers in this context shall only be used by them for the purposes for which Attentia processes it on behalf of its customers.
7.3. Government institutions
In the context of various services offered by Attentia, Attentia is obliged to pass on personal data to public authorities. Examples include Social Security and Federal Government Department of Finance institutions (FOD Financiën).
7.4. Other third parties
In other cases, Attentia will exclusively transfer personal data of customer employees to third parties if an explicit mandate has been given by the customers and/or individuals concerned for a specific transfer of their personal data.
7.5. Transfers outside the European Economic Area (EEA)
In the event that personal data is to be transferred to a third party outside the EEA, Attentia shall apply the rules governing the international transfer of personal data in accordance with the provisions of the GDPR.
8. What are your rights?
Under the GDPR, individuals have various rights for controlling the use of their personal data. Listening to people who exercise these rights contributes to a healthy and well-structured data protection policy and to a high level of trust on the part of our customers and their employees in the privacy program of Attentia .
However, in the context of specific services, Attentia often acts as a data processor of personal data under the GDPR, while the customer itself acts as a data controller. Where this is the case, Attentia will refer your request with regard to your personal data to the relevant controller.
IIf you wish to exercise one of the following rights, you can contact the DPO by emailing privacy@attentia.be or by letter via:
|
ATTENTIA For the attention of the Data Protection Officer Sluisweg 1 bus 2, 9000 Gent België |
PLEASE NOTE! As Attentia wishes to avoid disclosing your personal data to the wrong person in all instances, Attentia will always ask you to provide proper identification upon each request. That’s why Attentia asks you to include a copy of the front of your identity card with your request. In this copy, please make your passport photo, machine readable zone (the strip with numbers at the bottom of the passport), passport number and national registry number unreadable.
8.1. Right of access
You are entitled to ask Attentia whether Attentia processes your personal data and, if so, to view that data and receive further details about:
- the purposes for which Attentia processes your personal data;
- the categories of personal data processed;
- the recipients of your personal data (if applicable);
- the retention period or, failing that, the criteria for determining the retention period;
- the information that Attentia has about the source of the data, if Attentia obtains personal data from a third party;
- • whether automated decisions are made using your personal data.
Upon request, you will receive a free copy of the data being processed. An administrative fee will be charged for each additional copy applied for.
8.2. Right to correction
If you determine that the personal data processed by Attentia is incomplete, incorrect or out of date, you have the right to have this data rectified.
8.3. Right to erasure of data (the ‘right to be forgotten’)
The GDPR also provides the right to request Attentia to erase your personal data. You may submit a request to this end in the following cases:
- Your personal data is no longer required for the purposes for which it was collected or processed by Attentia;
- You withdraw your prior consent to the processing and there is no other legal basis that Attentia can invoke for (continued) processing thereof;
- You object to the processing of your personal data and there are no more compelling, legitimate grounds for (continued) processing by Attentia;
- Your personal data is being unlawfully processed;
- Your personal data needs to be erased in order to comply with a legal obligation;
- Your personal data was collected when you were under age.
Please note! When the processing of your data is necessary as part of a judicial investigation, your request to have your data erased cannot be fulfilled. Attentia shall provide additional information about this, if desired.
8.4 Right to restrict processing
You have the right to restrict the processing of your personal data if one of the following applies:
- You dispute the accuracy of your personal data: its use is restricted until Attentia is able to verify the accuracy of the data;
- Your data is being processed unlawfully, in which case you can request to restrict its use instead of having it erased;
- Provided no decision has been made on exercising your right to object to the processing, you may request that the use of your personal data is restricted;
8.5. Right to data portability
You have the right to request your personal data and to obtain it in a structured, commonly-used and machine-readable format. This is only possible for the personal data you yourself have provided to Attentia, based on consent or pursuant to an agreement. In all other cases, this right does not apply, for example if your data is processed by Attentia based upon a legal obligation.
8.6. Right to object to the processing of your personal data
You have the right to object to the processing of your personal data if the processing is in the legitimate interests of Attentia or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
This is the case, for example, if Attentia sends you direct marketing communications based upon legitimate interests for equivalent products or services that you have already purchased from Attentia and you no longer wish to receive this information.
9. How long does Attentia keep your personal data?
Both in the context of the services as a social secretariat and in the context of the services as an external service for prevention & protection at work, Attentia must comply with the legal provisions on the storage of personal data.
The specific legal obligations regarding the storage of personal data as a certified social secretariat can be found in Article 48 of the Royal Decree of 1 July 2006.
The specific legal obligations regarding the storage of personal data as an external service for accident prevention and protection at work can be found in the Well-Being at Work Code (codex over het welzijn op het werk).
As part of our other services, Attentia applies the general principle and only keeps personal data for as long as necessary to achieve the objectives for which the personal data was collected.
10. How does Attentia secure your personal data?
Attentia puts in place appropriate technical and organisational measures to properly protect all personal data that is processed against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.
Within Attentia, both the Data Protection Officer and an Information Security Officer have been engaged to monitor and further optimise the level of security of personal data. More information about the specific security measures that Attentia takes to protect personal data is available to customers on request.
11. Links to other websites
The Attentia website may contain links to websites managed by other companies that are not part of Attentia. Attentia is under no circumstances responsible for the content of these websites, nor for any processing of personal data by third parties who manage these websites.
12. Contact us
For all questions about the processing of personal data by Attentia, you can contact us by emailing privacy@attentia.be. The Data Protection Officer will look at your question with the necessary level of attention and, where possible, provide you with the requested information.
13. Latest update of this privacy statement
December 2021
