COPRO considers the protection of privacy important and would like to ensure you have as much information, respect and control as possible with regard to your personal data.
This document informs you what data are collected, why and how long COPRO stores the data, what your privacy rights are and how to exercise these rights.
2. What does ‘data processing’ mean and who is responsible for this?
The ‘processing of personal data’ means all the processing of data through which a natural person can be identified.
These data are included under item 3 below “What personal data are processed?”. The term ‘processing’ is broad and, among other things, covers collecting, recording, sorting, storing, updating, modifying, retrieving, consulting, using, distributing or making available in any way, combining, archiving, deleting or ultimate destroying the data.
The impartial institution for the inspection and verification of construction products
registered with KBO (companies register) under number 0424.377.275, is the controller of the personal data.
3. What personal data are processed?
COPRO processes personal data that are obtained via a person him/herself or via his or her organisation.
- organisation (name, address, telephone, fax, email, company number, account number)
- first name
- telephone number
- email address
- capacity within the organisation
4. What does COPRO use these personal data for?
COPRO processes personal data for various purposes, recording only the data necessary to achieve the intended purpose.
This means that COPRO uses personal data if these are necessary:
- in the context of preparing, executing or terminating a commitment or undertaking;
- in the context of preparing, executing an event;
- to comply with statutory and regulatory provisions to which we are subject.
If the processing of your data is not necessary for one of these reasons, COPRO will always request your permission to process your personal data.
5. How are personal data protected?
COPRO does everything in its power to protect personal data and privacy.
COPRO’s staff are trained to deal with confidential data and are bound by professional secrecy.
COPRO makes every effort to ensure compliance with the technical and organisational security measures regarding the processing of personal data.
All kinds of technical measures are used to protect your personal data against unauthorised access, unauthorised use and loss or theft, including: password security, hard disk encryption software, firewalls and antivirus.
If a data breach should occur with adverse consequences for your personal data, you will be personally informed in the circumstances provided for by law.
6. Are personal data passed on?
COPRO does not pass on any personal data to third parties unless:
- this is necessary for the provision of our services. We make some of our databases accessible to third parties working on our behalf, who assist us in providing services. Your personal data are only passed on for the purposes for which COPRO processes your data itself, and this is limited to the data they need to perform their assignment on our behalf. COPRO ensures that they also manage your data securely, respectfully and with due care and diligence, providing adequate contractual guarantees in this regard.
- you give COPRO permission to do so. If COPRO needs to provide third parties with personal data in other situations, this is done so with explicit notification, by providing information about the third parties, as well as the purposes behind the passing on and processing. Where required by law, COPRO will request your explicit consent.
7. What privacy rights apply and how can these be exercised?
7.1 Right of inspection
You have the right to find out at any time whether COPRO is processing your personal data or not and, if you wish, to inspect the data and receive additional information concerning:
- the purpose behind the processing
- the recipients
- if possible, the storage period or, if that is not possible, the criteria for determining the period
- the right to lodge a complaint with the supervisory authority
You have the right to receive a free copy of the processed data in an understandable form, subject to proof of identity. COPRO may request reasonable compensation to cover its administrative costs for any additional copy requested by you.
7.2 Right to improvement
You have the right to have incomplete, incorrect, inappropriate or outdated personal data rectified immediately.
In order to keep your data up to date, we ask you to notify us of any change, providing proof of identity at the same time.
7.3 Right to deletion
You have the right to have your personal data removed:
- if your personal data are no longer needed for the purposes for which they were originally collected or otherwise processed by COPRO;
- if you withdraw your previous consent to the processing, and there is no other legal reason on which COPRO can rely for the (further) processing;
- if you object to the processing of your personal data, and there are no more justifiable grounds for (further) processing by COPRO;
- if your personal data are processed unlawfully;
- if your personal data have to be deleted in order to meet a statutory obligation.
Subject to proof of identity, COPRO can only refuse the request to delete personal data if this is justified, such as when exercising or substantiating a legal claim or because there is a statutory obligation to keep certain data.
7.4 Right to limitation
You can ask COPRO – subject to proof of identity – to limit the processing of personal data if the accuracy of these data is disputed, the processing is unlawful, or COPRO no longer needs the data for processing purposes.
7.5 Right to transferability
You have the right to ‘recover’ your personal data, subject to proof of identity. This is only possible when the personal data with which you have provided COPRO are based on consent or obligation.
COPRO can be requested:
- to recover the personal data concerned in a structured, conventional and machine-readable form;
- to pass on the personal data concerned directly to another controller. In this regard, you are personally responsible for the correctness and security of the (email) address provided for the transfer. COPRO has the right to refuse this if the transfer is not technically possible.
7.6 Right to lodge an objection
You have the right to object to the processing of your data, on the basis of your individual situation and subject to proof of identity, if the processing is in COPRO’s legitimate interest or in the general interest.
In that case, COPRO will cease to process your personal data, unless it can demonstrate compelling and legitimate grounds for the processing that outweigh your own reasons, or if the processing of the personal data is related to the establishment, exercise or substantiation of a legal claim (e.g. filing a request to a court).
8. What is the retention period for personal data?
Processed personal data are stored for as long as necessary to enable COPRO to function properly.
9. How can COPRO be contacted?
10. Escalation with the supervisory authority
For complaints relating to the processing of your personal data by COPRO, you can contact:
Data Protection Authority