Last updated: November 2022
The Committee Linking Agriculture-Entrepreneurship-Development (COLEAD) attaches great importance to responsible and transparent management of personal data and is committed to protecting personal data and ensuring that organisational and technical security measures are in place.
COLEAD processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the France Data Protection Act. Below we provide users with information as to :
- Who they can contact at COLEAD on the subject of data protection
- What data is processed when they visit the website
- What data is processed when users contact us, subscribe to newsletters, or use other COLEAD online services
- How they can opt out of the storage of data
- What rights they have with respect to us
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
The GDPR protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.
COLEAD does not require personal data to obtain access to any part of the website that is open to the public.
Regardless of your purpose, we recommend that you do not disclose sensitive personal data (such as, for instance, ethnic origin, religion, trade union membership, sexual orientation, health, genetic or biometric data, etc.) to us.
COLEAD may receive personal data about you from other data controllers for the purpose of providing or assisting with services or requests to or from you as the end beneficiary of a particular service.
Upon your request, COLEAD can at all times provide you with the identity of these parties.
Data collection and processing on the website
Some data are collected when you provide it to us (for instance, for the registration to the newsletter mailing list). Other data are collected automatically by our IT systems when you visit the website. This data is primarily technical data such as the browser and operating system you are using or when you accessed the page.
These data is collected automatically as soon as you use our website. COLEAD itself processes only the data that is technically required in order to display the website correctly and to ensure its stability and security. Each time the website is accessed, the data stored includes, but is not limited to, the page that is viewed, the IP address of the accessing device, the page from which the user was redirected, as well as the date and time of access. The data in the log file is deleted after five days .
Each time the website is accessed, the data stored includes, but is not limited to, the page that is viewed, the IP address of the accessing device, the page from which the user was redirected, as well as the date and time of access. A detailed list of the data stored is shown here.
We process your personal data to send you public newsletters from the association and to engage into bilateral exchanges on areas of interest for you. When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using analytics. The analysis of your surfing behavior is anonymous.
COLEAD only processes personal data to the extent that is necessary to fulfil a precise purpose related to our tasks as an organisation. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which the data is required.
The processing of personal data carried out with these features are described in the relevant entries of the COLEAD’s data protection records and central register. We do not keep your personal information for longer than necessary for the purposes for which we collected it. However, we may keep your information for a longer period for historical, statistical, or scientific purposes with the appropriate safeguards in place.
The IT services of Brussels DC data centre, where the COLEAD’s website and other digital platforms are hosted, may process website – connection data for information security purposes, including the IP address of the web client and the requested web resource.
The security of our website and of the data collected is protected by adequate technical and organisational measures. We protect data in transit between your device and our website by using the SSL secure protocol, which ensures the confidentiality and integrity of your personal data.
Data collection and processing on the social media
These online presences are operated in order to interact with the users that are active on these sites and platforms and to inform them about projects/programmes and activities. By clicking on a social network’s logo, the user is redirected to the COLEAD presence on the respective network.
When users visit the platforms, personal data is collected, used, and stored by the operators of the respective social network, but not by COLEAD. This is also the case even if the users themselves do not have an account with the respective social network.
The individual data processing operations and their scope differ depending on the operator of the respective social network. COLEAD has no influence on the collection of data or its further use by the social network operators. We are not fully aware of the extent to which, where and for how long the data is stored; to what extent the networks comply with existing obligations regarding erasure; what analyses are conducted and links established with the data; and to whom the data is disclosed.
Data collection and processing while contacting us
The website includes multiple digital contact forms (e.g., subscription to the newsletter, application for support to our different programmes, joining the association as a member, job opening application form, other contact forms, etc.). When users contact us, the data provided is processed depending on the way in which information is provided and always with the intent to be able to respond to the underlying type of inquiry. In addition to the multiple digital contact forms, the following contact options are available: (i) e-mail, (ii) phone and (iii) letter. Please refer to the section “Contact us” in our website for further information.
Duration and record keeping
User data will not be kept any longer than is necessary for the purpose for which it is processed or as required by law.
Data controller and data protection officer
Excelsiorlaan 15 – 1930 Zaventem
Data processing is the responsibility of COLEAD.
3, Avenue du Viaduc, Bât B3A – CP 90761 – 94550 Chevilly Larue – France
Please contact COLEAD’s data protection officer if you have questions specifically about how your data are protected: firstname.lastname@example.org
To enable the processing of your personal data, we allow our employees, associates and agents access to said personal data. We guarantee a similar level of protection by imposing contractual obligations upon these employees, associates and agents that resemble those described in the data protection notice.
In general, COLEAD does not share information with any third parties except for contracted service providers and advisors. In some circumstances it may, however, be necessary for COLEAD to transfer or share data with particular third parties.
Such circumstances may include transfers necessary for COLEAD under the terms of an injunction or in order to fulfil a specific legal obligation, a partial or comprehensive reorganization of our organisation, to protect the rights, property, and safety of COLEAD or others, if it is necessary and proportionate for lawful and specific purposes.
In such an event, we shall do all we can to provide you with advance notice of this transfer to third parties. You will however recognize and understand that in certain circumstances, this is not technically and commercially feasible, and that legal restrictions may also apply.
In addition, transfer or share data with other third parties is always possible with the prior consent from the underlying individuals.
We shall not under any circumstances sell your personal data and nor shall we make them available to direct marketing companies or to the providers of similar services.
In compliance with, and according to, the conditions laid down by French legislation on data protection and the provisions of the general data protection regulations, we hereby inform you that you have the following rights:
- Right to access: you have the right to examine, free of charge, the data that we hold regarding yourself and to verify the purposes for which they are being used.
- Right to rectify: you have the right to obtain rectification (correction) of inaccurate personal data concerning you, as well as the right to add to incomplete personal data.
- Right to be forgotten or to limitation of data: you have the right to ask us to delete the personal data concerning you and to restrict the processing of these data under the circumstances and conditions stipulated in the general data protection regulations. We may refuse to delete or restrict data that we require for the processing of salaries, the fulfilment of a legal obligation, the execution of an employment contract, or the furthering of our legitimate interests, provided these data are required in order to achieve the objectives for which they were collected.
- Right to data portability: you have the right to obtain the personal data concerning you and provided by you, in a format that is structured, widely used and machine-readable. You have the right to transfer these data to another process controller.
- Right to object: you have the right to object on serious and legitimate grounds to the processing of your personal data. You cannot however object to the processing of data that we require for the fulfilment of a legal obligation, the execution of an employment contract, or the furthering of our legitimate interests, provided these data are required in order to achieve the objectives for which they were collected.
- Right to withdraw consent: while the processing of personal data is based upon prior consent, you have the right to withdraw this consent. In such an event, these personal data will only be processed if we have another legal basis for this.
- Automated decisions and profiling: we confirm that the processing of personal data does not include profiling, and that you will not be subject to fully automated decisions.
Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority.
The data protection competent authority is the
Commission Nationale de l’Informatique et des Libertés
3 Place de Fontenoy – TSA 80715
75334 Paris Cedex
Phone: +33 (0)1 53 73 22 22
Any consent that you may have provided during the process may be withdrawn at any time: simply contact us using the contact details provided below.
We implement various technical and organisational measures in order to process the data with an adequate level of security and to protect the personal data against destruction, loss, falsification, unauthorised access and inadvertent notifications to third parties, and against any unauthorized processing. These measures are updated accordingly based on technical developments and adapted continuously in line with the risks. Under no circumstances may COLEAD be held liable for any direct or indirect loss caused by inadvertent or illicit use of the personal data by a third party.