This privacy notice provides information to individuals whose data are collected through the website www.mic-brussels.be and other websites controlled and/or operated by the non-profit ASBL Microsoft Innovation Center Brussels (hereinafter “MIC”), and those individuals whom MIC encounters in conducting its activities, such as participants to MIC events, representatives of MIC Members, MIC contacts and other people with whom MIC has a relationship (hereinafter each referred to as an “Individual”), regarding how their personal information is collected and processed by MIC or within its affiliated entities, in compliance with the applicable data protection laws, in particular the European Regulation 2016/679 of 27 April 2016 called the General Data Protection Regulation (hereinafter “GDPR”).
This privacy notice explains why and how personal information about Individuals (hereinafter “Personal Data”) is collected, what Personal Data is processed, who has access to Personal Data, how Personal Data is protected, how long Personal Data is retained, the rights of the Individuals and who to contact for further information. This notice is without prejudice to specific provisions set out in other related documents or any contract entered into between MIC and the Individuals concerned.
- Why MIC Brussels processes personal data?
MIC, whose registered offices are located at rue Montoyer 51, 1000 Brussels, Belgium and registered with the Crossroads Bank for Enterprises under the number BE0837.285.291, keeps and processes Personal Data, whether or not in electronic form, for administrative, marketing and customer/supplier management purposes, especially in light of the following non-exhaustive activities:
- responding to any communication, inquiry or request which an Individual submits to MIC;
- managing relationships and maintaining contact with the Individuals;
- negotiating and executing agreements;
- processing information relating to a proposed or actual purchase or sale of products or services by MIC, including sending statements and invoices;
- improving MIC’s products and/or services;
- providing the Individuals with newsletters and marketing communications (including promotions and special offers) and/or any other information relating to the activities of MIC, and/or conducting surveys and market research;
- legal and/or regulatory compliance, including dispute resolution.
- What are the legal grounds for processing the PERSONAL data?
These data are processed on one or more of the following legal grounds:
- The consent of the Individuals concerned (e.g. for responding to a survey);
- In view of the entering into and the performance of a sales contract or another contract with the Individuals or his/her organization, including the invoicing process;
- To comply with legal obligations applicable to MIC (e.g. regarding tax matters, etc.);
- In the framework of the legitimate interests of MIC and/or a third party, but MIC believes also beneﬁt the Individuals, such as, but not limited to, direct marketing and data analytics.
- Which categories of personal data are processed?
Personal Data is all personal information relating to an identified or identifiable natural person who is an Individual.
For the abovementioned purposes, the processing of personal data may include the following categories:
- Personal identification data, such as the name and the address;
- Electronic identification data, such as the email address and the phone number;
- Personal details, such as the date and place of birth, language, nationality, and gender;
- Professional details, such as the organization/employer name and his/her function/position/role;
- Financial data (bank account number, etc.);
- Images and video footage;
- Consumption habits (sales history, etc.);
- Information collected through cookies and similar technology;
- Survey data.
- Where do the PERSONAL data come from?
When an Individual contacts MIC, Personal Data will likely come directly from the Individual concerned. MIC may also contact an Individual for prospecting purposes if initial contact information has not been obtained directly from such Individual, including receiving such information from publicly available sources or from other persons who have transmitted this data to MIC. During the course of the relationship, the Individual concerned, or another representative of his/her organisation, will provide MIC with further information for the management of the relationship.
MIC may also receive or generate data relating to an Individual from other individuals or organizations, or those to whom such Individuals communicates by email or other systems.
The Personal Data collected directly or indirectly by MIC is required to fulfil legal requirements and/or to enter into a contract and maintain contact for the duration of the relationship. Failure to provide MIC with required information will negatively affect MIC’s ability to communicate with the Individual concerned (including the ability to provide any applicable electronic newsletters if an Individual does not wish to share his/her email address) or to enter into a contract with the Individual or his/her organisation or to continue the performance of a contract once entered into without access to necessary Personal Data.
- Who has access to the personal data?
For the abovementioned purposes, Personal Data will be shared on a need to know basis with:
- the Individuals themselves or other individuals employed by or representing their organisation,
- MIC’s personnel,
- MIC members,
- government, regulatory bodies and/or public authorities where it is necessary to comply with legal or regulatory obligations which MIC is subject to or as permitted by applicable law,
- authorized third party, service providers, professional advisors and/or subcontractors of MIC such as for website maintenance, assistance with promotional campaigns, etc.
Also, MIC’s websites contain social media buttons or links to other websites of interest (such as Meetup, Eventbrite, etc.) allowing the user to share content with third parties. When using such buttons or links, some information (e.g. IP address) may be accessed by the social media operator or a third party. MIC does not control which information is accessed and how that information is processed by such operators/third parties. Please see the applicable privacy policies to check how they use this information.
- Are the PERSONAL data transferred INTERNATIONALLY?
MIC operates in Belgium and the information that MIC collects is in principle processed and stored on its secure servers located within the European Economic Area (hereinafter “EEA”).
That being said, it may be necessary in limited circumstances to transfer Personal Data abroad or to an international organization to process and/or store this information to comply with our legal or contractual requirements. For transfers of data outside the EEA, MIC has implemented appropriate safeguards in line with GDPR requirements. To ensure an appropriate level of protection for Personal Data, MIC will either use a data transfer agreement with the third-party recipient based on standard contractual clauses approved by the European Commission, or ensure that the transfer is to a jurisdiction that is the subject of an adequacy decision by the European Commission or to the United States under the EU-US Privacy Shield framework.
- How long are the PERSONAL data retained?
The Personal Data are retained no longer than necessary for the purposes described in this privacy notice. As a rule, and unless otherwise stated in other related documents for specific categories of Data, the Personal Data are retained during the term of the contract as well as following the expiration or termination of the contract for as long as MIC can have legal liability for which the use of these Data can be relevant, taking into account the applicable statutory periods of limitation and legal retention obligations. For marketing purposes, the applicable data will be retained as long as the Individuals concerned do not object.
That being said, information may be retained for a shorter period of time where an Individual objects to the processing of his/her Personal Data and there is no longer a legitimate purpose to retain such information.
- How is PERSONAL data protected?
MIC is committed to ensuring that the information of Individuals are secure and has therefore implemented adequate technical and organizational measures to protect Personal Data and keep it as safe and secure as reasonably possible, protecting it against unauthorized, accidental or unlawful destruction, loss, alteration, misuse, disclosure or access and against other unlawful forms of processing. These security measures have been implemented taking into account the state of the art of the technology, their cost of implementation, the risks presented by the processing and the nature of the Personal Data in question.
- What are the INDIVIDUAL’S rights and who can they contact?
Individuals who have Personal Data collected and processed have the right at any time to contact MIC to access their Personal Data and, by providing enough proof of their identity, to request a correction of any incorrect or incomplete information.
Subject to and in accordance with applicable law, Individuals may also have the right to:
- request the deletion of their Personal Data;
- request restrictions or object to the processing of their Personal Data;
- data portability, allowing the Individuals concerned to copy or transfer their Personal Data;
- withdraw their consent at any time where consent was provided to process their Personal Data, provided this will not affect the validity of the processing prior to such withdrawal of consent; and
- receive more information about the safeguards in case of international data transfers.
Individuals have also a right to lodge a complaint with the Belgian Data Protection Authority or another EU supervisory authority if they think MIC has not acted in line with any applicable data protection laws in respect of dealing with their Personal Data.
For any further information about these rights or to make a request, please contact MIC by email at firstname.lastname@example.org
- COOKIES AND SIMILAR TECHNOLOGY
- Changes TO PRIVACY NOTICE
This privacy notice may be updated from time to time as needed, notably to comply with changes in any applicable laws, regulations or requirements introduced by data protection authorities.
This privacy notice was last updated on 24 January 2019.