When do we collect personal data, what personal data do we collect, why and how long do we retain them?

Below you will find a list of processing activities in which we collect personal data, which personal data, why we collect them and how long we keep them.

1. Source: Your application

Category of personal data: Identification data, contact data and all other information you supply

Why? Necessary to contact you (necessary in order to take steps at the request of the data subject prior to entering a contract)

Retention period?

• 1 year in case we don’t start a job hiring procedure.

• 1 year after the job hiring procedure is finished and we don’t hire you.

• 3 years after your last working day in case we would hire you, unless the law requires us to store it longer.

2. Source: Your submissions for internship

Category of personal data: Your question. To apply we need your name, email address and book (as a link or as a pdf file).

Why? Necessary to contact you (necessary in order to take steps at the request of the data subject prior to entering a contract)

Retention period? No longer than 2 years maximum, unless the law requires us to store it longer.

3. Source: Your request for a newsletter

Category of personal data: Identification data and contact data

Why? With your consent we will send you interesting information about us by e-mail or post.

Retention period? Until you withdraw your consent. At any time you can send us an e-mail stating that you no longer wish to receive information about us or you can unsubscribe via the unsubscribe link at the bottom of every e-mail.

4. Source: You reading the mail with our newsletter (Sharpspring – read more about Sharpspring)

Category of personal data: For instance whether you opened the email or clicked on items in the newsletter, and which email program you use. Also when and where you’ve opened the email.

Why? We have a legitimate interest to analyze and improve our newsletters

Retention period? Until you withdraw your consent. At any time you can send us an e-mail stating that you no longer wish to receive information about us or you can unsubscribe via the unsubscribe link at the bottom of every e-mail.

5. Source: You agreeing to the cookies on our website

Category of personal data: For more information see our cookies policy

Why? Only with your consent we use your personal data to analyse how our website and newsletter is being used.

Retention period? For more information see our cookie policy

6. Source: Your submission of the contact document

Category of personal data: Identification data, Contact data & All additional information or personal data that you would enter into the contact form.

Why? We need to be able to contact you to respond to your questions and we need to understand why you contact us.

Retention period?
Dependent on the reason why you contact us:

General information request:

o   Up to 3 months after we’ve answered the question and no activities follow.

o   In case of subsequent activities, e.g. a service contract, we keep the information for as long as the contractual relationship lasts.

A job application / internship application: information mentioned above.

A complaint: up to 3 months after the complaint is closed unless there is a legal requirement to keep it longer.

What is Sharpspring, why and when do we use it?

We use Sharpspring to send our newsletters. Sharpspring is an online platform for sending automated newsletters. Sharpspring has their own privacy policy and uses your data for advertising purposes.

By subscribing to our newsletter, you agree to the Sharpspring privacy policy. If you don’t agree to the Sharpspring privacy policy, please don’t subscribe to our newsletter.

What are your rights?

You have the right not to provide us with your personal data. If you are just visiting our website for instance. If you want us to reply at your request, we have to make use of the personal data you provide us.

As a data subject you have certain rights.

These are not absolute rights. They can only be exercised to the extent that they don’t override the rights and freedoms of other data subjects and the legal obligations of the controller (that’s us in this case)

Right of information: This privacy policy is designed to inform you about our privacy practices.

Right of access: You can send us a request by sending an e-mail to dpo@62MILES.be and we will provide you the information we might have on you:

o   the categories of data we’re processing

o   the purposes of data processing

o   the categories of third parties to whom the data may be disclosed

o   how long the data will be stored (or the criteria used to determine that period)

o   your other rights regarding our use of your data

We will provide you with the information within one month of your request or you will be invited into our office, unless doing so would adversely affect the rights and freedoms of other (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.

Right of rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you.

Right to erasure: You can do this by asking us to erase any personal data we hold about you. Just send us an e-mail by sending a mail to dpo@62MILES.be.

However, the ’right to erasure’ is not an absolute right. It can affect the rights and freedoms of others or conflict with a legal obligation of our organisation.

E.g.

- we shall not erase your personal data if we have a legal obligation to retain the data and the legally defined retention period is not over yet.

- we shall not erase your personal data unless the retention period we set up has ended

If you withdraw your consent for the processing of personal data we received consent for previously, we will stop that processing activity. Just send us an e-mail by sending a mail to dpo@62MILES.be.

On the other hand we have a legitimate interest not to erasure personal data for the establishment, exercise or defense of legal claims.

Right of restriction of processing: In certain cases (e.g. contestation of the accuracy of the personal data) your personal data will no longer be processed until the restriction is lifted.

Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on legitimate interest including profiling. 62MILES shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing.

In case data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data, which includes profiling to the extent that it is related to such direct marketing.

Right of portability: Were the processing of personal data is carried out by automated means, you have the right to receive the personal data which you have provide, in a structured, commonly used and machine-readable format.

Right to lodge a complaint: If you consider that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgium Authority: Gegevensbeschermingsautoriteit (GBA), Drukpersstraat 35, 1000 Brussel.

Who has access to your personal data and do we transfer your personal data?

Internal

Only employees authorised by 62MILES have access to your personal data in order to execute their task and for the good of the service.

External

Certain processing activities are carried out by processors on our behalf and under our instructions. Processing by a processor is governed by a processing agreement so your privacy is guaranteed.

Outside these situations we will not dispose your personal data to third parties or allow third parties to access your data without your consent. Only if we are legally obliged or when agreed upon in a contract we will provide your personal data to third parties. In no case your personal data is sold, rented or made available by any other means to third parties without your consent.

We use Sharpspring to send our newsletters. Sharpspring is an online platform for sending automated newsletters. Sharpspring has their own privacy policy (which you can read here), and uses your data for advertising purposes.

By subscribing to our newsletter, you agree to the Sharpspring privacy policy. If you don’t agree to the Sharpspring privacy policy, please don’t subscribe to our newsletter. If you want to delete all data Sharpspring stores about you, you can contact Sharpspring directly (look for the paragraph ‘Access’ on this page).

International transfer

In case personal data are internationally transferred to countries outside the EEA your privacy is guaranteed. 62MILES makes sure that the appropriate safeguards are provided (countries that provide the necessary guarantees concerning the protection of personal data and are on the white list of the European Commission, binding corporate rules, standard contractual clauses, approved code of conduct…) so your rights and legal remedies are guaranteed.

What are cookies? Does 62MILES use cookies?

Cookies are small files which are stored on a user's computer when visiting a website. For more information read our cookie policy.

How do we protect your personal data?

Because we fully understand the importance of keeping your information secure, we have taken various technical and organisational measures to protect your information against loss or improper use. Our systems and applications are protected according to the applicable standards for information protection.

How can you contact us?

If you have any questions regarding personal data we collect from you and how we use that data, you can contact us by sending a mail to dpo@62MILES.be.

Definitions

GDPR: General Data Protection Regulation (EU) 2016/679)
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing of personal data: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Cookies: small files which are stored on a user's computer when visiting a website. Cookies may collect personal data e.g. your IP-address.
Controller: 62MILES
Data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;
Processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
Processor agreement: a binding written agreement, which states that the processor shall only act on the controller's instructions; and that it provides sufficient guarantees to protect the personal data that it processes;
Retention period: the duration of time for which the information should be maintained or retained. We will not keep your personal data longer than necessary for the purpose for which it was collected.

Links to other services and platforms

For your convenience and information our website provides links to other websites. These websites and platforms operate independently from 62MILES and have their own privacy policies, which we strongly suggest that you read. These websites and platforms are not controlled by 62MILES.

Updates of the privacy policy

This privacy policy is prone to change. If you want to keep updated on changes, we advise you to read this privacy policy regularly.