Privacy policy

NOVE PRIVACY POLICY

NOVE’s commitments as to privacy and data protection

At NOVE, we take the privacy and the protection of the personal data very seriously.

We are therefore committed to protecting the fundamental right to privacy and data protection in every step of our actions. At NOVE, transparency is our priority. We aim to protect any personal data we hold and to manage personal data in a responsible and transparent way.

This privacy policy explains what data, for what purposes, on what legal grounds, for how long and more fundamentally how NOVE manages your personal data from a privacy perspective in accordance with privacy and data protection laws, most notably EU Regulation 2016/679 (hereafter “General Data Protection Regulation” or alternatively “GDPR”).

Who controls the processing of personal data?

NOVE S.A., a public limited company incorporated under the laws of Belgium under number 0502.966.180, with registered offices in 1000 Brussels (Belgium), Rue Paul Emile Janson 6 is responsible for the processing of personal data. It generally acts as (co-)controller under the GDPR which means that NOVE determines the purposes (why?) and/or the means (how?) of the processing of your personal data, as the case may be, jointly with another controller. As a data controller, NOVE is responsible for ensuring that the processing of personal data complies with applicable data protection law, especially the GDPR.

On certain occasions, we may also act as processor of other controllers, mostly our clients.

NOVE may appoint processors who will be responsible for processing personal data on its behalf. We commit to appoint and use only processors capable of guaranteeing a sufficient level of protection of your personal data.

What personal data do we collect and process?

The range of personal data that we collect depends on the purposes of our processing activities.

Generally speaking, we may collect and process the following categories of personal data:

Personal and financial identification data: such as name, (e-mail) address, phone number, date of birth, gender, business and education data and other financial identification data (notably bank account);
Electronic identification data: such as IP address and other browsing data;
Data necessary for the administration and management of personnel;
Data necessary for the development and improvement of our products and services;
Data about interests or affiliations or publicly stated positions on political matter, corporate matters and similar;

We may also collect and further process personal data indirectly, i.e. personal data not directly collected from data subjects. We may collect and process personal data from third parties or otherwise publicly available data.

For what purposes do we collect personal data?

We collect and process your personal data for varying purposes. We may collect and further process personal data for the following purposes, in particular:

To provide high-quality services to our clients;
To develop and improve our products and services;
To market new products or services;
To administer and manage our personnel and workforce;
To communicate information to our clients and to manage registration and/or subscription to our communication tools (newsletter, etc.) and social events.

In general, NOVE undertakes to use personal data it collects for the purposes described above. However, NOVE may also process personal data for other purposes that are not incompatible with the purposes set out in this privacy policy, such as archiving purposes in the public interest, scientific or historical research purposes or statistical purposes) if and where this is permitted by applicable data protection laws.

On what grounds do we process personal data?

The legal basis relied on by NOVE to process personal data varies according to the purposes for which it is processed and the categories of data concerned.

For instance, we process the personal data of our clients in order to perform the services they entrusted us with because it is necessary for the performance of the contract we entered into with them. This is also the case in respect of NOVE’s employee personal data.

On other occasions, processing activities with a view to performing the services contracted with our clients will rely on NOVE’s legitimate interests to operate its business. The personal data we may process on those occasions includes, notably, contact details, e-mail addresses, etc. Other instances of processing activities carried out to pursue NOVE’s legitimate interests entail, notably, the performance of market research, the further development of our products and services. We always make sure data subjects’ interests and/or fundamental rights and freedoms are not overridden by NOVE’s legitimate interests.

On limited occasions, certain processing activities may be required by law. In this case, NOVE processes your personal data in order to comply with its legal obligations.

NOVE may also rely on the consent of data subjects to process their personal data for certain purposes. This is the case for marketing purposes, for example, for the purpose of circulating NOVE’s newsletter or when questionnaire and other surveys or polls are being sent out to data subjects. The use of cookies (see below for more information on cookies) on NOVE’s website equally relies on data subject’s consent.

Where processing activities are based on consent, data subjects are always entitled to withdraw such consent. Withdrawing consent shall not affect the lawfulness processing activities which occurred before your withdrawal.

Who and where do we transfer personal data to?

When we share or otherwise disclose personal data, we make sure we only do so with organisations capable of guaranteeing an equivalent level of protection to the one we apply to our processing activities.

Personal data will not be shared or otherwise disclosed other than as described in this privacy policy. We may be compelled to share personal data when it is required by law or government and law enforcement authorities.

We may share personal data with our agents, partners, clients, contractors, professional advisors or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions and performing our contracts; (b) fulfilment of requests for information, receiving and sending communications, updating marketing lists, analysing data; (c) provision of IT and other support services; (d) to facilitate the operation and effective management of our group of businesses; (e) comply with a legal obligation or in connection with a legal claim or dispute or to otherwise protect our legal rights; (f) assistance in other ancillary to the operation of tasks, from time to time

NOVE may process personal data outside the European Economic Area (EEA). In this case, NOVE endeavours to transfer personal data concerning data subjects only to third countries demonstrating an adequate level of protection with appropriate safeguards as to data protection and privacy.

For instance, personal data processed by NOVE as data controller or, as the case may be, as data processor are stored on a server located in Switzerland, i.e. outside the EEA. This international transfer of personal data is legitimate in light of European Commission Decision 2000/518/EC of 26 July 2000 on the adequate protection of personal data in Switzerland.

Where NOVE transfers personal data outside the EEA to third countries which cannot benefit from an adequacy decision of the European Commission, such transfers will only occur on the basis of standard contractual clauses adopted by the European Commission under Decisions 2010/87/EC of 5 February 2010 or 2004/915/EC of 27 December 2004, or on the basis of other mechanisms as provided in Chapter 5 of the GDPR.

Do we use cookies and other tracking technologies?

We may also collect personal data through the use of cookies and other tracking technologies.

There are different categories of cookies:

Essential/necessary cookies: which a website cannot run smoothly without;
Functional cookies: which help to perform certain functionalities (like sharing the content of a website on social media platforms, collect feedbacks, etc);
Preference cookies: which augment the browsing experience of users by gathering their browsing preferences (language, region, etc.);
Analytics cookies: which are used to aggregate statistical data;
Third party cookies: which intend to improve the interactivity of a website;
Marketing cookies: which gather information and data with a view to creating advertising profiles and tracking users across the internet.

NOVE does not use or otherwise place marketing cookies onto terminals of data subjects without their consent. Other types of cookies may however be placed onto data subjects’ terminals. Cookies are developed in a manner that they will only be placed on terminals after a positive action from data subjects consenting on their placement, except as essential/necessary cookies are concerned. This is because without these cookies, our website cannot run smoothly.

How long do we store personal data?

When a minimal storage period is imposed by law, we have no other choice but to store personal data for this period. This is notably the case as far as so-called ‘social documents’, like employment contracts, and ‘fiscal documents’, like 281.10 forms as well as billing information. The law imposes that the former must be retained for 5 years while the latter must be retained for 7 years. Beyond that time and where the law does not set a minimal storage period, we endeavour not to store personal data for a period longer than what is necessary for the purposes for which personal data were initially processed.

In determining the storage period of personal data we notably take into account both the interests of data subjects as well as ours on the understanding that your interests will always prevail over ours, the nature of the data concerned and the purposes of the processing. In any event, NOVE shall always store your personal data only for the time reasonably necessary to enable the purposes for which they are processed to be fulfilled.

We may process and store personal data for longer periods, in particular for statistical purposes. Where such processing activities occur, NOVE makes sure that appropriate organisational and technical measures are in place to safeguard your rights.

Automated decision-making and profiling

NOVE does not process personal data using automated decision-making processing means, i.e. situations where decisions are taken automatically without human intervention, which produce legal effects concerning data subjects or which significantly affect data subjects.

If, for some reasons, we decide to make use of such methods, we endeavour to inform data subjects of the implementation of such methods of processing. They will be able to object to the processing of their personal data via such means.

How do we protect personal data?

NOVE understands that the security of personal data is paramount. We make our best efforts to protect personal data from misuse, interference, loss, unauthorised access, modification or disclosure. We have implemented various technical and organisational measures to best ensure the security and integrity of personal data, such as multi-levels access control, firewalls, anti-virus or encryption of data. When contracting with suppliers, NOVE makes sure that these suppliers provide at least an equivalent level of security of personal data as the one it applies to its processing activities.

What are data subject’s rights regarding NOVE’s processing activities of personal data?

Where NOVE processes personal data, data subjects whose data are being processed are entitled to exercise certain rights the GDPR empowers them with.

If data subjects wish to exercise any of these rights, they are invited to send a motivated request to info@NOVE.eu. NOVE endeavours to react to a request to exercise any of the rights listed hereunder without undue delay and in any event within one month from receipt of said request.

Right of access

Data subjects have the right to obtain the confirmation from us that personal data concerning them are being processed and to access those data together with basic information relating to the processing of this data, such as the purposes of the processing, the categories of data concerned, the recipients or categories of recipient to whom the data have been or will be disclosed, the envisaged retention period of the data, the right to lodge a complaint with the competent supervisory authority, etc.

Right to rectification

Data subjects have the right to request from NOVE the correction and rectification of any inaccurate personal data.

Right to erasure

Where applicable, data subjects have the right to request the erasure of your personal data, when:

Personal data is no longer necessary in relation to the purposes for which we collected it for;
They withdraw the consent that they had previously granted us to process personal data provided we cannot rely on another legal ground for processing your personal;
They object to NOVE’s processing of your personal data for direct marketing purposes;
The personal data are not being processed lawfully; or
Personal data needs to be deleted to comply with the law.

Right to restriction

Where applicable, data subjects also have the right to restrict NOVE’s processing of your personal data, when:

They do not believe the personal data we have about them is accurate;
Their personal data is not being processed lawfully and instead of deleting this data, they would rather restrict our processing of this data instead;
We no longer need their personal data for the purposes we processed it initially but they require the data in order to establish, exercise or defend legal claims;
They have objected to the processing of their personal data and are awaiting verification on whether their interests related to that objection outweigh our legitimate grounds for processing your data.

Right to data portability

Personal data is portable. Data subjects can request to receive from us your personal data in a structured, commonly used and machine-readable format so you can transmit it to another controller. They can only exercise this right where the processing:

is based on their consent;
is necessary for the performance of a contract; and
is carried out by automated means.

Right to object

Where applicable, data subjects may be entitled to object to the processing of their personal data at any time.

The right to lodge a complaint with a supervisory authority

Data subjects have the right to lodge a complaint directly with the supervisory authority in case of doubt as to NOVE’s processing activities.

The Belgian Data Protection Authority (Autorité de Protection des Données or Gegevensbeschermingsautoriteit) is the competent supervisory authority to monitor Gimber’s data processing activities. It can be contacted via e-mail: contact@apd-gba.be.

Updates to this privacy policy

NOVE may update this privacy policy from time to time in response to changing legal, technical or business developments. When NOVE updates its privacy policy, it will take appropriate measures to inform data subjects of the changes brought to the privacy policy.

Would you like to contact NOVE?

In case of queries and comments regarding NOVE’s privacy and data protection policies, please send an e-mail to info@NOVE.eu.

This privacy policy was last updated on 19/03/2021.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_gat_gtag_UA_108363404_1	1 minute	No description
CONSENT	16 years 9 months 24 days 9 hours 5 minutes	No description

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.

Cookie	Duration	Description
_gat_gtag_UA_108363404_1	1 minute	No description
CONSENT	16 years 9 months 24 days 9 hours 5 minutes	No description