“The protection of Individuals with regards to the processing of Personal Data is a key element for Diabatix”
Controller: Our Company determining the purpose and means of the processing of Personal Data.
Personal Data: any information relating to an identified or identifiable Individual meaning any data that makes it possible to identify anIndividual, directly or indirectly (e.g. by name, telephone number, address, license plate, email address, IP-address, identification numbers)
Which Personal Data do we speak about?
We will not process specific categories of Personal Data such as personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, data concerning an Individual’s sex life or sexual orientation.
Processing of Personal Data of customers inscribing to use the ColdStream Platform
- customer administration: subscription information, creation of user profile.
- operating the ColdStream Platform: help with functionalities of ColdStream Platform
- administer the ColdStream Platform: monitoring the usage and performance of the ColdStreamPlatform
- help incase of problems with the use of the ColdStream Platform
- additional expert services to increase the customer experience
- compliance with applicable laws and regulations
Legal Basis: License Agreement to use the ColdStream Platform
Information: name of customer (name of employees using the ColdStreamPlatform), contact information of customer (address, email, phone number, job titles), information received from feedback and communication through the ColdStreamPlatform, usage information of the ColdStream Platform.
Retention: 5 years after the termination of the LicenseAgreement to use the ColdStream Platform
Rules with regards to the way we process Personal Data?
Diabatix will always take care that there is a balance between our legitimate interest and the rights and interest of the Individual.
Diabatix will respect the principles of data protection by design and data protection by default. And we will ask the same from our (ICT-)suppliers. The ColdStream Platform is assessed thoroughly on data protection from the start throughout the this project. And we will install as a standard option, the most privacy-friendly option.
Rights of Individuals
As an individual you have the following rights with regards to your Personal Data.
- Right to withdraw consent at anytime: however withdrawal of consent shall not affect the lawfulness of the processing based on the consent before its withdrawal
- Right of access to the PersonalData: to obtain information as to the purpose of processing, the categories ofPersonal Data, third parties to whom the Personal Data is disclosed, retention period
- Right to rectification of incomplete, inadequate or excessive Personal Data
- Right to erasure of inaccurate, erroneous or incomplete Personal Data, of Personal Data that is no longer necessary in relation to the purpose, when the consent has been withdrawn or any Personal Data which does not comply with the provisions of the current legislation
- Right to restriction of processing in case of inaccuracy, processing is unlawful, there is no longer need of the processed Personal Data, of a pending procedure of verification of legitimate grounds. The restriction means that it can only be processed with the consent of the Individual, can be stored, can be used for legal claims, can be used for protection of the rights of another individual or for reasons of important public interests.
- Right to data portability: to receive your Personal Data or have it transmitted in a structured, commonly used and machine-readable format when the processing is based on the consent of the Individual or based on a contract and is carried out by automated means
- Right to object (e.g. for direct marketing purposes, part of automated decision such as profiling related to such direct marketing)
The application to exercise any of the rights mentioned above should be done to email@example.com
Each application must contain all information we need to define the identity of the Individual requesting any of the rights such as:
- name and surname of the Individual, and a photocopy of both side of the identity card
- nature of the request
- data of the application and signature of Individual.
Diabatix will reply at the latest within 30 days as of the date of receipt of the application.
Security, technical and organizational measures
Diabatix has taken and will take all the necessary measure for the security of the processing of Personal Data, the necessary technical and organizational measure are in place. All Personal Data are stored in a secured place behind the necessary domain security and the necessary policies are in place.
The processing of Personal Data will only be executed by the members of the relevant department and each employee has a secrecy clause in his/her employment agreement.
We, as a company, expect our customers and suppliers to follow the GDPR as well. We strive to work only with those customers and suppliers who demonstrate compliance with GDPR. Any arrangement Diabatix makes with customers and suppliers will be subject to clear contractual terms with regards to data privacy, confidentiality and code of conduct and specific provisions that require customers and suppliers to comply with the GDPR.
In case of a Personal Data breach which will result in a risk for the rights and freedoms of the Individual (e.g.personal financial loss, identity theft) involved, Diabatix shall, where feasible, at the latest within 72 hours after becoming aware of it, notify thePersonal Data breach to the supervisory authority and shall inform theIndividual as soon as reasonably possible. This notification does not need to be executed in case the breach is unlikely to result in a risk to the rights and freedoms of the Individual. This procedure will be followed up by our legal advisor/Managing Director.
Transfer of Personal Data
Our Company will not transfer any PersonalData outside the European Union (to a third country or an international organization). In case a transfer of Personal Data needs to be done outside theEuropean Union, we will follow the procedure as defined in the GDPR. This will be followed up by our legal advisor/Managing Director.
What is a cookie?
A cookie is a text file containing small amounts of information, which is downloaded to your device when you (first) visit our website (including the ColdStream Platform). That cookie is then sent back to the website of origin on each subsequent visit, or to another website which recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device, and they provide you with a more efficient and personalised experience of our website (including ColdStream Platform).
What types of cookie are used?
Cookies can be distinguished on the basis of their origin, their function and their lifespan.
First-party cookies are cookies that are placed by Diabatix during your visit to one of our websites(included ColdStream Platform). Third-party cookies are cookies that are placed by a third party that is not part of one of our websites. Facebook, LinkedIn,Twitter and YouTube are examples of such third parties. Technical cookies are essential for the website to function properly. These cookies enable you to navigate between the various sections of our website and to use specific functionalities. Session cookies are temporary cookies that enable you to navigate quickly and easily through the website during your browsing session.Persistent cookies or ‘tracking cookies’ outlast an individual session and remain in your browser for a specific period after the session (unless you delete the cookie). Functional cookies monitor the correct operation of the website and allow the website to remember the choices you make (e.g. your language preference, your user name, or your region). They provide enhanced and more personal features, sparing you from having to specify your choices every time you visit the website. Performance cookies collect anonymous and aggregated information about your online behavior (such as your browser type, your Internet Protocol (IP) address, the operating system used, the domain name of the website that you have visited even when you abandon such site, the date and time of your website visit, etc.) for statistical purposes and for generating visitor’ profiles.
Diabatix uses all the cookies mentioned above. The cookies we use do not collect data that reveal your personal identity and therefore, do not make it possible for us to identify you. Our website(s) may contain links to other websites not owned/managed by Diabatix (third-party’ content, links and plugs-in). Diabatix is not responsible for the privacy practices of these websites.
How to give your consent?
How to reject our cookies?
You may withdraw your consent at any time by deleting cookies in the settings of your Internetbrowser. These settings are usually found in the 'options' or 'preferences' menu of your Internet browser.
Please note that changing your browser settings to reject cookies may impact your visit to our website/Coldstream Platform and deny you access to all or parts of our website and/or ColdStream Platform. You can change your Internet browser settings at any time.
ColdStream Platform is owned by Diabatix NV
Interleuvenlaan 62, bus 29
VAT number BE 0648.660.180
Company number: 0648.660.180, RPR Leuven
Update: Version March 2021