1. Who are we?
- We are PAGS BV, a company incorporated under Belgian law, having its registered office at Researchdreef 10, 1070 Anderlecht, Belgium (“PAGS”, “us”, “we” or “our”) and registered with the Crossroads Bank for Enterprises (Kruispuntbank van Ondernemingen or KBO) under enterprise number 0761.801.376.
- PAGS is the psychosocial analysis tool of choice to achieve efficient communication, interaction and analysis (“Services”), while ensuring that the ultimate management of the application remains with the customer, as described on our website (https://nl.pagsprofile.com).
2. From whom do we collect data?
- In the course of our business, we may collect Personal Data from customers, users of the Services, prospects, visitors to our website, persons who provide their business card or otherwise their contact details to us, and persons who contact us by e-mail or otherwise.
3. Which personal data do we process?
- By using our website or our Services, we collect and process your data. Some aspects of these data can be qualified as personal data. We process the following categories of personal data:
- ~personal data that you enter yourself on the website;
- ~personal data entered by customers and users of PAGS;
- ~administrative data (e.g. name, address, e-mail address, phone number, login credentials, etc.);
- ~medical data (limited to disabilities and notes);
- ~behavioural data (knowledge, performance, skill data in behavioral field);
- ~cognitive data (knowledge, performance, skill data in the cognitive field);
- ~development progression metrics;
- ~data on how the Service is accessed and used (e.g. IP address, browser type, browser version, the pages of our Service that you visit, the time and data of your visit the time spent on those pages, unique device identifiers and other diagnostic data) (“Usage Data”).
4. For which purposes do we process your personal data?
- We may use the aforementioned personal data for the following purposes:
- ~to provide and maintain our Service;
- ~(1) To notify you about changes to our Service;
- ~(2) To allow you to participate in interactive features of our Service when you choose to do so;
- ~(3) To provide customer support;
- ~(4) To gather analysis or valuable information so that we can improve our Service;
- ~(5) To monitor the usage of our Service;
- ~(6) To detect, prevent and address technical issues.
- For your complete information, please find below the legal grounds relevant to these processing operations:
- ~the processing of personal data for (1), (2), (3), (4), (5) and (6) is based on the explicit consent of the data subject (art. 9.2 a GDPR);
- ~in addition, the processing of (1), (2), (3) and (4) is based on the necessity for the performance of the contract we concluded with the data subject (art. 6.1 b GDPR). This legal ground is only applicable insofar as no special category of personal data is involved.
5. For which purposes do we process your personal data?
- We may disclose your personal data to third parties. These third parties have access to your personal data only to perform tasks on our behalf and are obligated not to disclose or use it for any other purpose. We may disclose your personal data to the following parties:
- ~third parties who provide services to us or who provide services in our name on our behalf such as IT service providers, payment service providers, PR service providers, consultants,…;
- ~governmental bodies such as police and judicial authorities if PAGS is required to do so by law or in response to valid requests.
- ~employees, representatives, shareholders, (sub)contractors, affiliated companies, external advisors or consultants of PAGS.
- When transferring personal data to third parties, we always ensure that we implement appropriate technical and organisational protection measures. Where necessary, we will, for example, conclude a transfer agreement or a processor agreement, which sets out restrictions on the use of your personal data and obligations in respect of the security of your personal data.
- Your personal data will not be lent or sold to third parties for marketing purposes without your prior express consent.
- To the extent that your data is transferred in the context of this article to countries outside the European Union which do not provide an adequate level of protection for your data, PAGS will ensure that the companies to which your data is transferred do provide an adequate level of protection. In particular, we can conclude Standard Contractual Clauses (SCC) with those companies, when necessary. PAGS guarantees to always verify, on a case-by-case basis, whether an adequate level of protection is in place for transfers to third countries. Our servers are located in the Netherlands.
6. How long do we store your personal data?
- We do not keep your personal data longer than necessary for the purposes for which it is collected and processed (as described above).
- For the purposes of providing services to our customers, we will retain it for as long as necessary to fulfil the purposes set out above, unless a longer retention period is (i) necessary to cover our liability or (ii) required or permitted by law.
- PAGS will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or when we are legally obligated to retain this data for longer periods.
- All personal data purely for the purpose of scientific research or statistical purposes may be stored for longer periods.
7. How do we secure your personal data?
- We take appropriate technical and organisational measures to ensure a level of security appropriate to the specific risks we have identified.
- We thus protect your personal data as best as we can against the destruction, loss, alteration or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
- Withdraw your consent at any time: you have the right to withdraw consent where they have previously given their consent to the processing of your personal data.
- Object to processing of your personal data: you have the right to object to the processing of your personal data if the processing is carried out on the legal basis of a legitimate interest, including profiling. You also have the right to object to the processing of your personal data for direct marketing purposes. This right is absolute - we will always comply with it.
- Right to access: You have the right to obtain confirmation from us as to whether or not we are processing your personal data, to obtain access to that personal data and how and why it is being processed, as well as to receive a copy of that data.
- Right to rectification: You have the right to obtain a correction of your personal data or to request that we complete your personal data if you notice that we are processing incorrect or incomplete data about you.
- Right to erasure: You have the right to obtain data erasure in certain specific cases.
- Right to restriction: You have the right to have the processing of your personal data restricted in certain specific cases.
- Right to data portability: You have the right to obtain the personal data you have provided us with in a structured, commonly used and machine-readable form, and to transfer that personal data (or have it transferred) to another controller.
- You may exercise the above rights by sending an e-mail to email@example.com or in the case of the right to object to direct marketing also via the opt-out link included in our marketing e-mails. The exercise of these rights is in principle free of charge. Only in case of unreasonable or repeated requests may we charge a reasonable administrative fee. We always try to answer your requests or questions as quickly as possible. It is possible that we will first ask you for proof of identity in order to verify your identity. For further information and advice on the above rights, please visit the webwebsite of the Data Protection Authority: www.gegevensbeschermingsautoriteit.be. In addition to the above rights, you also have the right at any time to lodge a complaint with the Data Protection Authority in connection with the processing of your personal data by us. You can contact the authority at firstname.lastname@example.org or by mail at the following address:
8. Children's privacy
- Users must keep a signed parental consent for anyone under the age of 18 that https://pagsprofile.com is being used for/upon. User must provide these consent forms within 24 hours after PAGS request to do so.
- If you are a legal guardian and you know or suspect that we unlawfully store data of your child, please contact us immediately by email email@example.com. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.
9. Links to other websites
- We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party websites or services