Cookie policy
General
This privacy policy (“Cookie Policy”) regulates the processing of your personal data as a part of your use of our Website (the “Website”) and the accompanying services (jointly referred to hereinafter as “Services”). This processing is performed by Royal Institute for Cultural Heritage as data controller, with registered office at Parc du Cinquantenaire, 1, B-1000 Brussels ("we”, “our"), listed with the CBE (Crossroads Bank for Enterprises) under number BE0356463617 in accordance with the applicable legislation relating to the protection of personal data.
Cookies are small text files that are filed on the hard drive of a device and that contain certain information, which sometimes includes personal data. When you use our Website and/or Services, we then also collect and process other personal information by way of cookies and similar technologies. Read our Privacy Policy if you want to know more.
By continuing to use our Website and/or Services or by clicking “Accept” after you have been notified of the use of cookies and similar technologies, you acknowledge that you have carefully read this Cookie Policy and that you unreservedly agree with it. As explained in this Cookie Policy, you can change your cookie preferences at all times.
We reserve the right to change, supplement or replace this Cookie Policy from time to time. Your attention will be drawn to such changes, additions to or replacements through our Website and/or Services. If you do not agree with these changes, additions or replacements, we request you to send an email to dpo@kikirpa.be. If we have not received any notification of this within three (3) working days after you have been notified of the changes, supplements or replacements through our Website or Services, you will be presumed to have accepted any changes, supplements or replacements.
Which cookies and why?
- When you visit and/or use our Website, we place cookies or use similar technologies with which we collect and process personal data about you. Such cookies and similar technologies consist of the following, for example:
NAME
Type:
Aim:
Store period:
NAME
Type:
Aim:
Store period: - You can prevent cookies from being stored or remove cookies already stored by adjusting the settings in your browser. You find help to adjust these settings on the website of the browser that you use. Remember that disabling cookies when visiting the Website may cause some or all of the functions of the Website not to work properly.
- Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Microsoft Edge: http://windows.microsoft.com/en-gb/windows-10/edge-privacy-faq
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
- Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Safari: https://support.apple.com/kb/PH21411?locale=nl_BE&viewlocale=en_U
With whom do we share data?
We do not send your personal data to third persons in a way that you can be identified without your express permission to do so if this is not necessary to provide the Services.
We can rely on external processors to offer the Website and/or Services to you. We ensure that third-party processors may only process your personal data on our behalf and pursuant to our written instructions. We guarantee that all external processors are selected with the necessary care, so that we can rest assured of the security and integrity of your personal data.
We can transmit anonymised and/or aggregated data to other organisations that can use these data to improve products and services, and to organise bespoke marketing, presentation and the sale of products and services.
Where we process data
We and our external processors will only process your identifiable personal data in the EEA.
We can transfer our anonymised and/or aggregated data to organisations outside the EEA. If such transfer is made, we shall ensure that there are appropriate guarantees to warrant the security and integrity of your personal data, and that all personal data rights that you might enjoy under applicable mandatory law are guaranteed.
How we process data
We will do our utmost to process only the personal data necessary to achieve the objectives stated in this Privacy Policy. We will process your personal data lawfully, honestly and transparently. We will do our utmost to keep the personal data accurate and up to date.
Your personal data will only be processed as long as necessary to achieve the objectives stated in this Privacy Policy or until the moment at which you withdraw your processing permission. Remember that withdrawing the permission can imply that you will no longer be able to use all or part of the Website and/or Services. If you have registered on our Website, we will remove your personal data if you remove your profile, unless a statutory or regulatory obligation or a judicial or administrative order prevents us from doing so.
We will take appropriate technical and organisational measures to keep your personal data secure from unauthorised access or theft and from unintentional loss, manipulation or destruction. Our personnel or the personnel of our external controllers will only be able to gain access on a need-to-know basis and this is subject to strict obligations of confidentiality. However, you should understand that the care for security and protection consists only of an obligation of means according to best efforts, which can never be guaranteed.
Your rights
You have the right to request access to all the personal data that we process about you. However, requests for access that are clearly submitted with a view to causing us inconvenience or damage will not be dealt with.
You have the right to request that any personal data about you that is incorrect or inaccurate be corrected free of charge. If you have registered on our Website, you can personally correct much of such data through your profile. If such a request is submitted, you must also enclose proof showing that the personal data for which you request correction is incorrect.
You have the right to withdraw previously granted permission for the processing of your personal data. You can withdraw your permission at all times by sending an email to dpo@kikirpa.be, or by removing your profile (if applicable).
You have the right to request that personal data relating to you be removed if this is no longer needed in the light of the objectives that are outlined in this Privacy Policy or if you withdraw your processing permission. However, you must consider that a removal request to us will be assessed in the light of statutory or regulatory obligations or administrative or judicial orders, which may prevent us from removing the respective personal data.
Instead of requesting removal, you can also request that we restrict the processing or your personal data if (1) you dispute the correctness of such data, (2) the processing is unlawful or (3) the data is no longer necessary for the objectives stated but you need it to defend yourself in judicial proceedings.
You have the right to object to the processing of personal data if you can show that there are serious and justified reasons regarding special circumstances warranting such an objection. However, if the envisaged processing is noted as direct marketing, you have the right to object to such processing free of charge and without giving any reason for this.
If your personal data is processed on the basis of permission or on the basis of a contract where the data is processed automatically, you have the right to receive the personal data provided to us in a structured manner and in a generally used format that can be read by a machine and, if technically possible, you have the right to directly transmit such data to another service provider. We will be the only persons to assess the technical viability of this.
If you wish to submit a request to exercise one or more of the above-mentioned rights, you can send an email to dpo@kikirpa.be. Such request must clearly state what right you wish to exercise and why. It must also be dated, signed and accompanied by a digitally scanned copy of your valid identity card showing your identity. We will notify you immediately when such request has been received. If it appears that the request is founded, we will grant the request as quickly as is reasonably possible and no later than thirty (30) days after the request has been received.
If you have a complaint regarding our processing of your personal data, you can always contact us at the following email address dpo@kikirpa.be. If you are still dissatisfied with our answer, then you are at liberty to file a complaint with the competent data protection authority, the Gegevensbeschermingsautoriteit. For more information, go to www.dataprotectionauthority.be.