Skip to content
Navigate to homepage - Cerba Research

Privacy Policy Cerba Research

Last modified: 25-June-2024

This is the privacy notice of Cerba Research NV (hereinafter “Cerba Research”, “we” or “us”). Your privacy is of great importance to us. This Notice applies in the context of Cerba Research’s personal data processing activities linked to our websites and only to the extent the activities are subject to data protection requirements in the European Economic Area (EEA), the United Kingdom (UK), and/or Canada. Therefore, Cerba Research has committed to comply with :

  • The General Data Protection Regulation N°EU 2016/679 (hereinafter, the “GDPR”);
  • The General Data Protection Regulation as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 (hereinafter the “UK GDPR”) and the UK Data Protection Act 2018 (amended 2020) (hereinafter the “Data Protection Act”);
  • The Federal Personal Information Protection and Electronic Documents Act S.C. 2000 (“PIPEDA”), c. 5 as last amended on 2019, June 21 and any applicable provincial laws (altogether referred as “Canadian Privacy Laws”)
    Collectively referred as “Applicable Data Protection Laws”.

With this privacy notice, we want to ensure that you understand our privacy practices when we process personal data affecting you as individuals in the EU or UK. This Notice explains the types of personal data we collect, why we collect it, how we use and share it, how we keep it safe, and your rights as data subjects.

Scope Of This Privacy Statement

This privacy notice applies to the processing of personal data by Cerba Research of users visiting our website. Access to the Website implies the User’s full and unreserved acceptance of this Privacy Notice (hereinafter the “Notice”), as well as its general terms of use and the Cookies Notice https://cerbaresearch.com/cookie-policy/. The User acknowledges having read the information below.

This Notice is valid for all pages hosted on our website. It is not valid for the pages hosted by third parties to which Cerba Research may refer and whose privacy policies may differ. Cerba Research cannot, therefore, be held responsible for any data processed on these websites or by them. This Notice also applies to any other website that Cerba Research may operate, including our Cerba Research pages on LinkedIn, Twitter, and Facebook.

Please note that we will be joint-controlling with LinkedIn, Instagram, Facebook, and X for using social media only for accessing and processing statistical aggregate data provided by LinkedIn, Instagram, Facebook, and X in relation to Cerba Research’s Page. For any other processing on the platform, the social media platform shall be considered the sole data controller.

LinkedIn and Facebook, including Instagram, have created an “addendum” to their user agreements for company pages regarding processing for which they are joint controllers with us. Twitter/X does not currently provide such an agreement.

From Whom Do We Process Personal Data?

This privacy notice applies to the following categories of individuals:
• Individuals who visit our website, www.cerbaresearch.com (hereinafter: “website visitors”) and our social media pages;
• Users of our website also include Individuals who apply for a job at Cerba Research through the Recruitee applicant tracking platform (hereinafter: “applicants”);
• Individuals who are clients of Cerba Research or who work at one of our clients (hereinafter: “clients”);
• Individuals from whom Cerba Research purchases products or services or who work for a supplier of Cerba Research (hereinafter “suppliers”).

Who Is Responsible for the Data Processing and How Can I Contact Them? 

Cerba Research NV in Belgium is the data controller responsible, under Applicable Data Protection Laws, for determining the purposes and means of the personal data processing discussed in this Notice.

If you have any questions about this Notice or our data processing practices, please contact our Data Protection Officer at the address or email noted below, and specify that your inquiry concerns Cerba Research’s processing of personal data, your country of residence, and the nature of your question.

Cerba Research contact details:
Cerba Research NV
Industriepark 3
9052 Zwijnaarde
Belgium
T: +32 93 292 329

Our Data Protection Officer (DPO) is:
MyData-TRUST SA, Boulevard Initialis 7/3, 7000 Mons, Belgium
Email: [email protected]

For Cerba Research Canada specifically:

In case you have a privacy inquiry, comment, or complaint in relation to the processing of your personal data by Cerba Research Canada, we kindly ask you to submit your inquiry in writing to the local privacy officer at the following email address: privacy-ca@cerbaresearch. We also invite you to consult Cerba Research Canada’s policies and practices regarding the governance of personal information.

Pour Cerba Research Canada: Si vous avez une question, un commentaire ou une plainte concernant le traitement de vos renseignements personnels par Cerba Research Canada, nous vous demandons de bien vouloir soumettre votre demande par écrit au responsable local de la protection des renseignements personnels à l’adresse électronique suivante: [email protected]. Nous vous invitons également à consulter les politiques et pratiques de Cerba Research Canada encadrant la gouvernance des renseignements personnels.

    What Personal Data Do We Process And Why?

    Website Visitors

    To answer your queries either by email or through the contact form.

    We process the following personal data of our website visitors: data obtained through contact forms or e-mails that you send us, including your name, company name, e-mail address, phone number, subject, and the content of your question or information request, including through our LinkedIn page, and IP address. Except for Canadian users whose consent will be legally required, we process this personal data based on our legitimate interests to communicate with you in response to any inquiry or request you make of us.

    We process data obtained through subscription to our newsletter, such as your name, e-mail, the country where you live, your job title, and the company you work for. We will process your data until you unsubscribe to the newsletter or when we have addressed your request.

    Use cookies and similar techniques to function and manage our website.

    In certain circumstances, cookies and similar techniques on our website may store personal data, including your IP addresses, browser type, location, and operating system.

    For more specific information about the data collected by means of cookies and similar techniques, as well as the legal basis and the period of retention of this data, please refer to our cookie notice at https://cerbaresearch.com/cookie-policy/.

    For statistical purposes – Aggregate Data

    We may process aggregate statistical data (e.g., coming from Cerba Research’s page on LinkedIn, X, and social media pages *). Some information related to follower’s visits are collected in an aggregate way by LinkedIn, Facebook and X, Instagram for Cerba Expert. We can access statistics provided by those social media in order to have information on the way our page is consulted. In addition, we are also using a social media management platform to analyze the performance of our social network pages through aggregated data (how many persons saw our posts, shared them, traffic on our pages,…).

    For job applications- applicants

    On a regular basis, we publish job advertisements on our website and/or on external vacancy websites, job boards, and the like. During the application process, we may process through our Recruitee platform the following personal data from applicants:

    • Contact details such as name and address details, telephone numbers and e-mail addresses, date of birth, place of birth, nationality and gender;
    • Completed education, courses and internships;
    • Data relating to the nature and content of the current employment and any termination thereof;
    • Other information that may be relevant to the performance of the position one has applied for, such as information contained in a resume or letter of application, and references; and
    • Where applicable, bank details (bank account number and account holder name).
    We process the aforementioned information to establish the applicant’s identity, contact the applicant regarding the application procedure, assess the applicant’s suitability for a vacant position, and reimburse any travel expenses and other costs incurred by the applicant as part of the application process.

    This processing activity is based on a legitimate interest in administering and appraising job applications as part of our recruitment process. We understand that processing these data is also beneficial to you to the extent that it enables you to get a job by responding to an offer.

    We will process your data for the time necessary to manage your application, and We will delete it four weeks after the end of the application process unless the applicant will take up employment or gives us authorization and consent that We keep your data for a longer period of time with a maximum of one year;

    To assist you and facilitate the use of our website

    Our Chatbot allows website users/visitors to ask questions and get answers from a ‘bot’ (or automated service). Except for users located in Canada for whom consent is legally required, this processing will be based on our legitimate interest in guiding users to our content and relevant pages.

    The bot will collect and process the interactions it has with you; i.e. the content of the chat together with the date and time of the interactions. Other personal data that are collected are the following: IP address, statistical data, location (entity). Please do not share any personal and/or sensitive data in the chat.

    The company Chatbot also uses the chatbot for training purposes, and the chatbot uses therefore Artificial Intelligence technology.
    For more information, please refer to the Privacy Notice on the chatbot website: https://www.chatbot.com/legal/privacy-policy/

    Publication Reference – Author of Publication

    If you wrote an article that has been published and that is of interest in relation to Cerba Research’s activities (scientific publication in the area of Cerba Research’s expertise), we may quote your name and the title and references of your publication on our websites.

    We collect those personal data based on your consent, which will be retained until you withdraw it.

    With Whom Do We Share Personal Data?

    We may provide your personal data to one of our affiliates if this is necessary for one of the purposes as described in this Privacy Notice.

    Services Providers

    Cerba Research has contracted with the following Services Providers to manage the Website and the chatbot that may have access to your personal data:

    • for the company managing the website

    Other third parties – to protect Ourselves and Others

    In order to protect our own rights and those of others, it is sometimes necessary to disclose information to governmental authorities, investigative bodies, or other parties.

    For example, we may disclose personal data to third parties, including lawyers: (i) to respond to claims from third parties, whether in connection with legal proceedings or otherwise; (ii) to comply with a court order or a request or demand from a supervisory, investigative, or other governmental authority; (iii) to protect our own and others’ (intellectual property) rights and safety; and (iv) to cease or prevent activities that we deem to be unlawful, unethical, or criminal, such as fraud and cybercrime.

    These processing activities are primarily based on a legal obligation or a legitimate interest.

    Sale Of Our Business Assets

    Your personal data may be considered a business asset. If we face bankruptcy, merger, acquisition, reorganisation, sale of assets, or similar situation, your personal data may be sold and transferred to a third party as part of that transaction.

    These processing activities will usually be based on a legitimate interest.

    Do We Transfer Personal Data To Countries Outside The EEA, The Uk Or Canada?

    Your personal data may sometimes be transferred to organizations or countries outside the European Economic Area (EEA), the UK, and/or Canada. If your personal data is transferred to a country that does not offer an adequate level of protection and recognized as such competent authority, we will put in place appropriate safeguards to protect your personal data, such as the conclusion of the EU Standard Contractual Clauses with the recipient of the personal data.

    If you want more details about the mechanism supporting data transfer, you can contact our Data Protection Officer, hereinafter the DPO (see contact details above).

    How do we protect your information?

    Cerba Research treats your personal data confidentially and provides a sufficient level of protection for it. Your personal data are contained behind secured networks and are only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.

    How Long Do We Keep Your Personal Data?

    In principle, we do not keep your personal data any longer than necessary for the purposes it was originally collected unless the data must be kept for a longer period in order to comply with legal obligations, such as a statutory retention period.

    What Rights Do You Have?

    According to the GDPR, the UK GDPR, and/or the Federal Personal Information Protection and Electronic Documents Act S.C. 2000 (“PIPEDA”), you have the right to request access, rectification, and erasure of your personal data or restriction of processing. You also have the right to object to the processing, and under certain circumstances, you have the right to data portability. All of these rights are not absolute and can be exercised under certain circumstances. Our DPO will assess them on a case-by-case basis.

    If your personal data is processed based on consent, you can withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before your withdrawal.

    If you would like to exercise any data subject right in line with the EU General Data Protection Regulation (GDPR) and/or the UK GDPR, please forward your request in writing to:

    • If you are a supplier, please forward your request to:
    • For any other enquiries, please forward your request to our DPO at the following email address: [email protected]
    Circumstances may arise where we may not be able to respond fully or at all to your request. Please make sure that you send your request from the e-mail address that you are known to us so that we know who you are and can access, modify, or delete the correct information. To prevent abuse, we may ask you to identify yourself before we handle your request.
    We will, in principle, respond to your request within one month after receipt thereof.

    If you have a question, comment, or complaint about processing your personal data, we kindly ask you to submit your inquiry in writing to: [email protected]. In case you are not satisfied with how we handle your inquiry, you may file a complaint with your national supervisory authority.

    If you are an EEA resident, you can lodge a complaint with the Supervisory Authority in the Member State of the European Union regarding your habitual residence, place of work, or place of the alleged infringement.

    EU Data Protection Authorities contact details
    https://edpb.europa.eu/about-edpb/about-edpb/members_en

    If you are a UK resident, you may file a complaint with the Information Commissioner’s Office (“ICO”), the Supervisory Authority of the UK, following the instructions available in the service channels.

    “ICO” contact details
    Tel: +55 (0)3 03 12 31 11 3
    Website: https://ico.org.uk/global/privacy-notice/your-right-to-complain/
    We provide our services on a global scale. If applicable, we comply with local privacy regulations. Our company is based in Europe (Belgium). The framework of this privacy notice is, therefore, based on the GDPR.

    If you are not satisfied with the way we have addressed your request or complaint, you may also contact the Privacy Commissioner to report your complaint.

    Privacy Commissioner contact details
    Website: https://www.priv.gc.ca/en/report-a-concern/leg_info_201405/

    Si vous n’êtes pas satisfait de la manière dont nous avons traité votre demande ou votre plainte, vous pouvez également contacter le Commissaire à la Protection de la vie privée pour lui signaler votre plainte.

    Coordonnées du Commissariat à la protection de la vie privée
    Site web : https://www.priv.gc.ca/en/report-a-concern/leg_info_201405/

    Modifications

    We may modify this privacy notice from time to time. The most recent version can always be found on this website. At the top of this privacy notice, you can see when it was last modified. We advise you to consult this privacy notice regularly to be aware of any relevant changes.

    Still have questions? Reach out to our team here