This privacy statement is applicable on the website www.agentschapmdk.be (hereinafter referred to as the ‘website’).
The website is managed by the Staf, with registered office at Koning Albert II-laan 20 bus 5, 1000 Brussels.
The Staf is responsible for the processing of your personal data and attaches great importance to the protection of your personal data. In this privacy statement, we will use the personal pronoun "us" or "we" to refer to the Staf.
In this privacy statement, we want to give information on how we handle your personal data in a clear and transparent way. We do everything we can to ensure your privacy and therefore deal very careful with personal data.
The Staf will comply in all cases with the applicable laws and regulations. We always process the data in accordance with the provisions of the General Data Protection Regulation (GDPR), and with the provisions of the federal and Flemish legislation on the protection of individuals with regard to the processing of personal data.
In any case, this means that we:
process your personal data in accordance with the objective for which they are provided; these objectives and type of personal data are described in this privacy statement;
limit the processing of the personal data to the only data that is necessary for the purposes for which it is processed;
request your explicit consent if we need it for the processing of your personal data;
have taken appropriate technical and organisational measures so that the security of your personal data is ensured;
don’t pass on personal data to other parties unless it is necessary for the implementation of the objectives for which it has been collected;
are aware of your rights regarding your personal data, we point them out to you and we respect them.
When do we collect and process your personal data?
We collect and process your personal data if you request one of our services or make contact with us within the framework of the services we provide.
We can also process your personal data if you ask us a general question.
Which categories of personal data do we process?
Personal data that you provide us directly by filling out the form.
For the objectives in paragraph 3 we can ask and process the following personal data:
Personal identity information: name, forename, address, telephone number, e-mail;
We use the collected data only for the purposes for which we have obtained the data.
Through your preferences, you can indicate specifically what types of communication you wish to receive from the Staf. You can change these preferences at any time.
We do not identify any persons with these cookies but computers.
Why do we process your personal data?
3.1. Personal data that you provide us directly by filling out the form.
We will process your personal data that you provide us directly by filling out the form for the following purposes and legal bases:
•to be able to take part in our activities (tasks of general interest),
• to send newsletters, thematic mailings and invitations (with the permission of the person concerned)
• to manage complaints (legal obligation)
• to send orders
The Staf has as prime principle not to use automated decision-making for the purposes as described above.
Automated decision-making is defined as decisions about individuals that are based solely on the basis of automated data processing and to which legal consequences are attached or that touches the individuals involved, to an appreciable extent.
We hereby make a distinction between functional and non-functional cookies:
• Functional cookies are necessary for the website to work properly. They also make sure, for example, that on your next visit to our website you are recognised as a user;
• Non-functional cookies are not necessary for the website to work properly. As such, for example, we place analytical cookies. As a result, we know which website features are popular and in what areas we can improve our website.
4. Who do we share your personal data with?
Your personal data is primarily processed internally by our staff.
To maintain and improve our services we sometimes call on third parties, such as developers and IT service providers. We can provide your personal data to third parties if this is necessary for the implementation of the purposes described above. As such, we make use of a third party for:
Provide the internet environment (webhosting);
Provide the IT-infrastructure (including IT network, ticket software …);
Provide (and distribute) newsletters and invitations.
With these third parties, we conclude a processing agreement, or we provide the specifications of the necessary provisions to ensure that they process your personal data in accordance with our instructions and thereby have the same level of security and confidentiality as us. We remain responsible for the processing by third parties.
At the request of the government or to comply with other legal obligations, some personal data may be forwarded to the competent authorities, for example, in the context of a threatening or pending legal proceedings or in the course of judicial investigations and information.
Of course, we make the necessary arrangements with these parties to ensure the security of your personal data. We do not pass on any personal data to other parties with whom we do not have concluded a (processors) agreement unless this is required by law and is allowed. An example of this is that the police in the context of an investigation asks us for (personal) data. In such a case, we are obliged to cooperate and let them have this data.
We can also share personal data with third parties if you provide us with a written and explicit permission to do so. You have the right to withdraw this consent at any time, without prejudice to the lawfulness of the processing for the repeal of such measures.
We do not provide any personal data to parties who are established outside the European Union or international organisations. These are countries or organisations established outside the territory of the European Economic Area (European Union + Iceland, Norway and Liechtenstein).
5. How long do we keep your personal data?
We will retain your personal data no longer than is strictly necessary in order to achieve the objectives for which the data was collected or is required on the basis of the law.
According to the general rule, we may only store your personal data during the period in which it is necessary to provide certain services and to achieve the objectives for which the personal data is collected. We keep your data as long as you use our services. Then we keep your data during the period in which we should be able to account for the services rendered. As a general rule, we do not keep your personal data longer than five (5) years.
For a summary of the retention periods used by Flemish Government, click here Https://overheid.vlaanderen.be/aan-de-slag/geadviseerde-bewaartermijnen.
After the expiry of the anniversary period, the data will be deleted, unless they are of historical, cultural or general interest.
With the retention, a distinction is made between the period in which your file is active and the period in which it becomes passive. Your file is active as long as you use the service. All employees who need to know your data in order to be able to carry out their duties, have access to your data. Afterwards, your file becomes passive and only a limited number of employees of the competent service has access to your data.
Unless otherwise determined by law, we delete your data without unnecessary delay when you request us to do so.
6. The withdrawal of your consent and other rights with respect to your personal data
You have the right at any time to withdraw, whether or not partially, the permission for the processing of personal data which you have granted:
o by withdrawing one, several or all the specified preferences to receive communications by MDK;
You also have the right to access for review and the right to make correction or deletion of personal data which we have received from you.
You can also object to the processing of your personal data (or any part of it) by us or by one of our processors.
You also have the right to request to transfer the information you provided to you (or with your direct order to another party).
To do so, you can contact stafdienstMDK@mow.vlaanderen.be
We may ask you to show proof of identity before we respond to the above-mentioned requests, in order that your information will not be disclosed to someone who is not entitled to it.
The Staf will make every effort to work with you to find a solution. If this is not possible then you have the right to file a complaint with the Belgian Data Protection Authority (formerly known under the name of 'Privacy Commission').
You can find the contact details here https://www.privacycommission.be/nl/contact.
7. The security of your personal data
The Staf does everything in its power to prevent abuse, loss, unauthorised access, and other unwanted actions with your personal data.
We implement the appropriate technical and organisational measures to protect your personal data against unlawful processing, including:
• all those persons who, on behalf of MDK can access your data are bound to secrecy;
• our employees are informed about the importance of the protection of personal data;
• we use a user name and password policy on all our systems;
• we make back-ups of the personal data in order to recover them in the event of physical or technical incidents;
• we anonymise and encrypt personal data as necessary;
• we test and evaluate our measures on a regular basis;
Our Data Protection Officer ensures that these measures are regularly monitored and adjusted as necessary.
8. Photos (portrait right)
During public events overview photos may be taken in the framework of our services.
Thus persons may be recognisable on pictures. When a picture actually clearly focuses on one or a few persons, you can rely on the right to privacy and the right to being pictured. The right to being pictured (or portrait right) is the right of a portrayed person to, in certain cases, oppose the publication of his or her portrait. You can object to the use of your photo. For this purpose, please contact stafdienstMDK@mow.vlaanderen.be
These pictures can be published in the newsletter, on social media, on the website, etc.
The persons present at public events shall be informed timely about the fact that pictures could be taken of them and for what purposes and publications these images are used. In addition, the contact information shall be communicated to file objections against the publication of the photos.
If necessary, the people attending will be asked for the required consents and the publishing of the pictures for the specific purposes.
9. Changes in the privacy statement
We may change this privacy statement from time to time. All updates and changes take effect immediately after their publication. We therefore encourage you to consult this privacy statement regularly so that you are aware of changes that are likely to have an impact on you. Significant changes will be notified to you by way of a notification via current communication channels.
When we intend to further process the personal data for another purpose other than that for which the personal data have been obtained, we provide - before that further processing - information about that other purpose and all relevant further information via such communication channels.
10. Contact details of the Staf and of the data protection officer
10.1. Contact details of the Staf acting on behalf of the person responsible for the processing of personal data
If you wish to enforce your rights as stated in the privacy statement and wish to contact us, you can do this with the following information:
Koning Albert II-laan 20 bus 5
10.2. Contact data of the data protection officer
If after reading our privacy statement, or more generally, you have any questions or a complaint about the processing of your personal data, please contact us directly through the following details:
Data Protection Officer MDK
Koning Albert II-laan 20, bus 5
You also have the right to file a complaint with the Belgian Data Protection Authority
The last change has taken place on 18/08/2021.