Privacy policy

NOVE PRIVACY POLICY

NOVE’s commitments to privacy and data protection

At NOVE, we take privacy and the protection of personal data seriously and make transparency our priority.

We are therefore committed to protecting the fundamental right to privacy and data protection in every step of our actions and to manage personal data in a responsible and transparent way.

This privacy policy explains what data, for what purposes, on which legal grounds, for how long and more fundamentally in which manner NOVE manages your personal data in accordance with privacy and data protection laws, most notably EU Regulation 2016/679 (General Data Protection Regulation or GDPR).

Who controls the processing of personal data?

NOVE S.A., a public limited company incorporated under the laws of Belgium under number 0502.966.180, with registered offices in 1000 Brussels (Belgium), Rue Paul Emile Janson 6 is responsible for the processing of personal data. It generally acts as (co-)controller under the GDPR which means that NOVE determines the purposes (why?) and/or the means (how?) of the processing of your personal data, as the case may be, jointly with another controller. As a data controller, NOVE is responsible for ensuring that the processing of personal data complies with applicable data protection law, especially the GDPR.

On certain occasions, we may also act as processor of other controllers, mostly our clients.

NOVE may appoint processors who will be responsible for processing personal data on its behalf. We commit to appoint and use only processors capable of guaranteeing a sufficient level of protection of your personal data.

What personal data do we collect and process?

The range of personal data that we collect depends on the purposes of our processing activities.

Generally, we may collect and process the following categories of personal data:

Personal and financial identification data: such as name, (e-mail) address, phone number, date of birth, gender, business and education data and other financial identification data (notably bank account);
Electronic identification data: such as IP address and other browsing data;
Data necessary for the administration and management of personnel;
Data necessary for the development and improvement of our products and services;
Data about interests or affiliations or publicly stated positions on political matter, corporate matters and similar;

We may also collect and further process personal data indirectly, i.e. not directly collected from data subjects, but from third parties or otherwise publicly available.

For what purposes do we collect personal data?

We collect and process your personal data for varying purposes. We may collect and further process personal data for the following purposes, in particular:

To provide high-quality services to our clients;
To develop and improve our products and services;
To market new products or services;
To administer and manage our personnel and workforce;
To communicate information to our clients and to manage registration and/or subscription to our communication tools (newsletter, etc.) and events.

In general, NOVE undertakes to use personal data it collects for the purposes described above. We may also process personal data for other purposes that are compatible with the purposes set out in this privacy policy, such as archiving purposes in the public interest, scientific or historical research purposes or statistical purposes if and when this is permitted by applicable data protection laws.

On what grounds do we process personal data?

The legal basis NOVE relies on to process personal data varies according to the purposes for which it is processed and the categories of data concerned.

For instance, we process the personal data of our clients to perform the services they entrusted us with because it is necessary for the performance of the contract we entered into with them. This is also the case in respect of NOVE’s employees’ personal data.

On other occasions, processing activities with a view to performing the services contracted with our clients will rely on NOVE’s legitimate interests to operate its business. The personal data we may process on those occasions includes, notably, contact details, e-mail addresses, etc. Other instances of processing activities carried out to pursue NOVE’s legitimate interests entail, notably, the performance of market research and further development of our products and services. We always make sure data subjects’ interests and/or fundamental rights and freedoms are not overridden by NOVE’s legitimate interests.

On limited occasions, certain processing activities may be required by law. In this case, NOVE processes personal data to comply with its legal obligations.

NOVE may also rely on the consent of data subjects to process their personal data for certain purposes. This is the case for marketing purposes, for example, for the purpose of circulating NOVE’s newsletter or when questionnaire and other surveys or polls are being sent out to data subjects. The use of cookies (see below for more information on cookies) on NOVE’s website equally relies on data subject’s consent.

Where processing activities are based on consent, data subjects are always entitled to withdraw such consent. Withdrawing consent shall not affect the lawfulness of processing activities prior to such withdrawal.

Who and where do we transfer personal data to?

When we share or otherwise disclose personal data, we make sure we only do so with organisations capable of guaranteeing an equivalent level of protection to the one we apply to our processing activities.

Personal data will not be shared or otherwise disclosed other than as described in this privacy policy. We may be compelled to share personal data when it is required by law or government and law enforcement authorities.

We may share personal data with our agents, partners, clients, contractors, professional advisors or government or regulatory bodies for the following purposes: (a) to provide our services to clients or otherwise receive assistance in processing transactions and performing our contracts; (b) to fulfil requests for information, receiving and sending communications, updating marketing lists, analysing data; (c) to provide of IT and other support services; (d) to facilitate the operation and effective management of our businesses; (e) to comply with a legal obligation or in connection with a legal claim or dispute or to otherwise protect our legal rights; (f) to assist in other ancillary to the operation of tasks, from time to time

NOVE may process personal data outside the European Economic Area (EEA). In this case, NOVE endeavours to transfer personal data concerning data subjects only to third countries demonstrating an adequate level of protection with appropriate safeguards as to data protection and privacy.

For instance, personal data processed by NOVE as data controller or, as the case may be, as data processor are stored on a server located in Switzerland, i.e. outside the EEA. This international transfer of personal data is legitimate in light of European Commission Decision 2000/518/EC of 26 July 2000 on the adequate protection of personal data in Switzerland.

Where NOVE transfers personal data outside the EEA to third countries which cannot benefit from an adequacy decision of the European Commission, such transfers will only occur on the basis of standard contractual clauses adopted by the European Commission under Decisions 2010/87/EC of 5 February 2010 or 2004/915/EC of 27 December 2004, or on the basis of other mechanisms as provided in Chapter 5 of the GDPR.

Do we use cookies and other tracking technologies?

We may also collect personal data through the use of cookies and other tracking technologies.

There are different categories of cookies:

Essential/necessary cookies: without which a website cannot run smoothly;
Functional cookies: which enable certain functionalities (like sharing the content of a website on social media platforms, collect feedbacks, etc);
Preference cookies: which enhance the browsing experience of users by gathering their browsing preferences (language, region, etc.);
Analytics cookies: which aggregate statistical data;
Third party cookies: which improve the interactivity of a website;
Marketing cookies: which gather information and data with a view to creating advertising profiles and tracking users across the internet.

NOVE does not use or otherwise place marketing cookies onto terminals of data subjects without their consent. Other types of cookies may however be placed onto data subjects’ terminals. Cookies are developed in a manner that they will only be placed on terminals after a positive action from data subjects consenting on their placement, except as essential/necessary cookies are concerned. This is because without these cookies, the website cannot run smoothly.

How long do we store personal data?

When a minimal storage period is imposed by law, we obviously make sure not to store personal data beyond this period. This is notably the case as far as so-called ‘social documents’, such as employment contracts, and ‘fiscal documents’, like 281.10 forms as well as billing information. The law imposes that the former must be retained for 5 years while the latter must be retained for 7 years. Beyond that time and where the law does not set a minimal storage period, we endeavour not to store personal data for a period longer than what is necessary for the purposes for which personal data were initially processed.

We may process and store personal data for longer periods, in particular for statistical purposes. Where such processing activities occur, NOVE ensures that appropriate organisational and technical measures are in place to safeguard your rights.

Automated decision-making and profiling

NOVE does not process personal data using automated decision-making processing means, i.e. without human intervention, which produce legal effects concerning data subjects or which significantly affect data subjects.

If, for some reasons, we decide to make use of such methods, we endeavour to inform data subjects of the implementation of such methods of processing, enabling them to object to the processing of their personal data in such a way.

How do we protect personal data?

NOVE understands that the security of personal data is paramount. We make our best efforts to protect personal data from misuse, interference, loss, unauthorised access, modification or disclosure. We have implemented various technical and organisational measures to best ensure the security and integrity of personal data, such as multi-levels access control, firewalls, anti-virus or encryption of data. When contracting with suppliers, NOVE makes sure that these suppliers provide at least an equivalent level of security of personal data as the one it applies to its processing activities.

What are data subject’s rights regarding NOVE’s processing activities of personal data?

Subjects whose personal data NOVE processes are entitled to certain rights guaranteed by the GDPR.

If data subjects wish to exercise any of these rights, they are invited to send a motivated request to policy@nove.eu. NOVE endeavours to react to a request to exercise any of the rights listed hereunder without undue delay and in any event within one month from the receipt of such request.

Right of access

Data subjects have the right to obtain the confirmation from us that personal data concerning them are being processed and to access those data together with basic information relating to the processing of this data, such as the purposes of the processing, the categories of data concerned, the recipients or categories of recipient to whom the data have been or will be disclosed, the envisaged retention period of the data, the right to lodge a complaint with the competent supervisory authority, etc.

Right to rectification

Data subjects have the right to request from NOVE the correction and rectification of any inaccurate personal data.

Right to erasure

Where applicable, data subjects have the right to request the erasure of their personal data, when:

Personal data is no longer necessary in relation to the purposes for which we collected it for;
They withdraw the consent that they had previously granted us to process personal data provided we cannot rely on another legal ground for processing;
They object to NOVE’s processing of personal data for direct marketing purposes;
The personal data are not being processed lawfully; or
Personal data needs to be deleted to comply with the law.

Right to restriction

Where applicable, data subjects also have the right to restrict NOVE’s processing of personal data, when:

They do not believe the personal data we have about them is accurate;
Their personal data is not being processed lawfully and instead of deleting this data, they would rather restrict our processing of this data instead;
We no longer need their personal data for the purposes we processed it initially, but they require the data in order to establish, exercise or defend legal claims;
They have objected to the processing of their personal data and are awaiting verification on whether their interests related to that objection outweigh our legitimate grounds for processing the data.

Right to data portability

Personal data is portable. Data subjects can request to receive from us their personal data in a structured, commonly used and machine-readable format so you can transmit it to another controller. Data subjects can only exercise this right where the processing:

is based on their consent;
is necessary for the performance of a contract; and
is carried out by automated means.

Right to object

Where applicable, data subjects may be entitled to object to the processing of their personal data at any time.

The right to lodge a complaint with a supervisory authority

Data subjects have the right to lodge a complaint directly with the supervisory authority in case of doubt as to NOVE’s processing activities.

The Belgian Data Protection Authority (Autorité de Protection des Données / Gegevensbeschermingsautoriteit) is the competent supervisory authority to monitor NOVE’s data processing activities. It can be contacted via e-mail: contact@apd-gba.be.

Updates to this privacy policy

NOVE may update this privacy policy from time to time in response to changing legal, technical or business developments. When NOVE updates its privacy policy, it will take appropriate measures to inform data subjects of the changes brought to the privacy policy.

Would you like to contact NOVE?

In case of queries and comments regarding NOVE’s privacy and data protection policies, please send an e-mail to policy@nove .eu.

This privacy policy was last updated on 20/04/2021.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_gat_gtag_UA_108363404_1	1 minute	No description
CONSENT	16 years 9 months 24 days 9 hours 5 minutes	No description

Cookie	Duration	Description
_gat_gtag_UA_108363404_1	1 minute	No description
CONSENT	16 years 9 months 24 days 9 hours 5 minutes	No description

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.