Article 1 – Scope: what does this privacy notice cover?
This privacy notice provides information regarding the processing of the personal data of any User who is a visitor of the inter-oPEn.eu domain, when browsing it or using its services (the User).
This Privacy Notice explains what personal data are processed about the User; why CRESYM, as website owner and manager, is processing such personal data and for which purposes; for how long the personal data is hold for; how to access and update one’s own personal data, as well as the User’s options regarding her personal data and where to go for further information.
This Privacy Notice complies with the provisions of EU Regulation 2016/679 of 27 April 2016 in force since 25 May 2018 on data protection (“GDPR”).
Article 2 – Collection of information: what personal data does CRESYM process?
CRESYM collects and processes private contact information (first name, last name, e-mail address, postal address, phone number) only if necessary, for inter-oPEn participants or from User registering to events organised by inter-oPEn for instance.
CRESYM doesn’t collect the User’s geolocation, nor health data nor bank details. CRESYM does not store any connection-related information (IP address, device ID or unique identifier, etc.)
Article 3 – Purpose: why does CRESYM process personal data?
The personal data covered by this Privacy Notice are only processed either
- where the User and CRESYM concludes a transaction (in a broad meaning, e.g. including the deletion of the User’s personal data from CRESYM’s files; or a public event organised by CRESYM and starring the User as speaker); or
- where CRESYM undertakes fraud prevention, audits, investigations, dispute resolution or insurance purposes, litigation and defence of claims involving the User; or
- where it is necessary for CRESYM to comply with a legal obligation; or
- where it is necessary for the purposes of the legitimate interests pursued by CRESYM or a relevant partner, except where such interests are overridden by the User’s interests or fundamental rights and freedoms.
Article 4 – Consent, withdrawal of consent, opposition
The personal data covered by this Privacy Notice are only processed with the User’s consent. Th User’s consent is implicit when she voluntarily provides the personal information to CRESYM.
However, the User has the right to withdraw her consent at any time. This will not affect the validity of the processing prior to the withdrawal of consent.
Where the User choose not to provide CRESYM with personal information, the only consequence is to limit the User’s ability to complete the process where the data is collected or to take advantage from it.
Article 5 – Access: who may access personal data?
The personal data are exclusively processed for one or more purposes referred to above in §3 and will only be shared on a strict need to know basis with staff members and third-parties needing to process, or to know about, them to achieve such purposes.
In particular, CRESYM may share some information with the service providers involved in a transaction (e.g. banks concerned with a payment).
Article 6 – Liability: who is responsible for personal data?
CRESYM is responsible for processing personal data.
CRESYM’s Data Protection Manager is CRESYM’s General Manager (Sébastien Lepy to date).
Article 7 – Security: how safe are personal data?
CRESYM is committed to safeguarding personal data.
CRESYM implements technology, especially encryption, and policies, especially systematic Non-Disclosure Agreements with every contractor, member and partner of CRESYM, with the objective of protecting personal data provided to CRESYM from non-authorised access and improper use.
All personal data provided to CRESYM are stored in Belgium and/or France, where CRESYM’s IT facilities are located.
Article 8 – Duration: how long can CRESYM hold personal data for?
CRESYM holds personal data for participants to the inter-oPEn project or to an inter-oPEn event, latest 3 years after their last interaction with CRESYM.
Information may be held for (i) a longer period of time where there is a legal or regulatory reason to do so (in which case it will be deleted once no longer required for the legal or regulatory purpose); or (ii) a shorter period where the User objects to the processing of their personal data and there is no longer a legitimate business purpose to retain it.
Article 9 – Rights: how long can CRESYM hold personal data for?
CRESYM aims at keeping information as accurate as possible. Any User can require:
- access to her personal data;
- correction or deletion of her personal data (but only where it is no longer required for a legitimate business purpose such as completing a retail transaction);
- no longer to receive news about CRESYM events, projects, etc.;
- to restrict the processing of her personal data (provided it is not required by law); and/or
- to receive the personal data provided and stored by CRESYM, in a structured, digital form, if this is technically feasible;
Any request or complaint shall be sent to: email@example.com.
Article 10 – Cookies & similar technologies
CRESYM may implement cookies to learn how every User interact with its web sites content and to improve the User’s experience when visiting its web sites. By using the Site without deleting or rejecting some or all cookies, a User agrees that CRESYM can place those cookies that she has not deleted or rejected on her device.
The User can choose to reject or block all or specific types of cookies by clicking on cookie preferences panel popping up when accessing cresym.eu. The User may also visit www.allaboutcookies.org for details on how to delete or reject cookies and for further information on cookies generally.
If essential cookies are opposed by the User, CRESYM cannot ensure that the Site will work as smoothly as expected.
Article 11 – Changes to this Privacy Notice
This Privacy Notice may be changed over time.
Users are advised to regularly review this Privacy Notice for possible changes.
This Privacy Notice was last updated in October 2023.