LEGAL

PRIVACY POLICY PANIS nv

Panis nv attaches great importance to your personal data. Therefore, we treat personal data in a safe and confidential way.  This Privacy Policy explains which personal data we process, on which basis and why we process such data.  We also inform you about the security measures we take to protect your personal data.

We use your data first of all to provide professional services and secondly to inform you about our activities through our newsletter and/or other mailings.

Panis is liable for the processing of your data.  If you prefer not to receive the newsletter and/or other mailings, you can unsubscribe at any time by sending an e-mail to info@panisgroup.com

You can ask information about the stored data to receive a copy, to correct or delete the data by sending a mail to info@panisgroup.com.

Your data will not be transferred to third parties, except if the transfer is based on a legal obligation or if you give your consent.
 

1. Who to contact in case of questions?

Panis nv, with registered office at 40 box 2 Hovenierstraat, 2018 Antwerp (Belgium), company number  BE 0429.618.740, is the controller of your personal data. Panis nv declares that as controller it complies with the Belgian privacy legislation and with the provisions of the General Data Protection Regulation from the date the Regulation came into force.
 

2. What are personal data?

The General Data Protection Regulation defines personal data as follows:

any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

If this Privacy Policy refers to personal data, reference is made to the definition used in the Regulation.

No special categories of personal data are processed. The processing of special categories means:

The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
 

3. Which personal data are processed?

We collect and process several personal data.  Depending on the services provided by us, we process the following personal data:

Accountancy and tax matters:

  • national register number, address, marital status, bank account number, family composition, number of children, date of birth;
  • contact information such as address, telephone number, e-mail address;
  • wages/remuneration and pay slips.

HR and social secretariat:

  • curriculum vitae, motivation letters, notes made during the job application;
  • photos and videos;
  • payroll information such as national register number, address, seniority, marital status, bank account number, family composition, number of children, date of birth;
  • contact information such as your address, your telephone number, your e-mail address;
  • wages/remuneration and pay slips;
  • the name of a contact person in case of emergency;
  • evaluation forms.
     

4. Why are these personal data processed and what is the legal basis for the processing?

The data are collected to comply with our engagement letter and the wage administration and with the execution of an agreement as legal basis.

The name of a contact is recorded so that in case of emergency we can contact a family member or next of kin, with the necessity to protect the employee’s vital interests as legal basis.

Your curriculum vitae, motivation letter and notes made during the first conversation as well as the evaluation forms and test results will be processed in the context of the job application with our justified interests as legal basis.

Your marital status and dependent children are necessary to make calculations for tax and social purposes.
 

5. Duration of the processing

Your personal data are kept in accordance with the specific legislation and the prescription periods which oblige us to keep your personal data longer.

Depending on the use of the personal data, the data are kept:

  • up to 10 years after the termination of the business relation in the context of the anti-money laundering legislation;
  • up to 2 years after the internal closure of the job applications;
  • up to 5 years after the termination of the employment contract.
     


6. What are your rights?

a) Right of access and right to examine

You have the right to examine your personal data, at any time and free of charge, and also our use of your personal data in accordance with the provisions applicable in the sector.

b) Right to rectification, erasure and restriction

You always have the right to ask us to rectify, supplement or erase your personal data.

You are not entitled to object to the processing of personal data required for our payroll administration and the data we are legally required to keep and process.

You may also ask to restrict the processing of your personal data.

Right to object

You may exercise the right to object to the processing of your personal data for serious and legitimate reasons.

Right to data portability

You may exercise the right to receive your personal data processed by us in a structured, commonly used and machine-readable format and/or transfer the personal data to other controllers, all this in accordance with the provisions applicable in the sector.

Right of revocation of the consent

To the extent the processing is based on your prior consent, you have the right to revoke your consent.

Exercise your rights

You may exercise your rights by sending an e-mail to info@panisgroup.com.

Complaints

You may lodge a complaint with the Belgian Privacy Committee.

 

7. Transfer to third parties

Certain personal data processed by us may be transferred to third parties, inter alia in the context of our wage administration, our legal obligations and to award meal vouchers and/or eco vouchers.

Some third parties process personal data on behalf of our organization to carry out a specific task.  We  enter into processing agreements with all these organizations, which act as controllers and we will do everything in our power to make sure that they protect your personal data in an adequate manner.

Your personal data will not be sold, leased, distributed or in any other way put at the disposal of third parties for commercial use.
In rare cases, it is possible that we have to disclose your personal data pursuant to a court order or to comply with other compulsory laws and regulations.
 

8. Security and confidentiality

We have developed technically and organizationally appropriate security measures to avoid the destruction, loss, falsification, change, access by unauthorized persons or the erroneous disclosure to third parties of the personal data collected or any other unauthorized processing of such personal data.

1. Technical measures

  • use of virus scans, firewalls, …;
  • the use of a password policy, i.e. unique login codes and personal password that is changed regularly;
  • systematic secure backups to prevent data loss;
  • protected hard discs;
  • encrypted e-mails;
  • data access protection;
  • data encryption;
  • secure backups;
  • work on protected hard discs.

2. Organizational measures

  • specific persons have access;
  • procedure for incident management;
  • policy for employees & co-workers;
  • training programmes for employees & co-workers;
  • data breach incident management;
  • organize recurrent training programmes & awareness for the personnel on how to deal with personal data;
  • establish internal procedures for the recruitment and dismissal of employees who manage personal data;
  • establish non-disclosure clauses with employees who manage personal data;
  • establish an internal policy and instructions with respect to the confidential treatment of personal data;
  • apply personal registration and identification systems to monitor the access to the buildings so that unauthorized persons do not have access to the company premises;
  • apply a clean desk policy so that confidential information is protected as much as possible against unauthorized persons;
  • apply fixed procedures for the deletion of personal data stored on waste equipment and storage devices (such as laptops and smart phones) and on appliances returned by employees who leave the company.