We, Imalink NV, use your personal data to be able to offer our ICT services. In this privacy policy we have described how we collect, store and use your data. We take our responsibility to take care of that data and we are committed to protecting your privacy. You can take steps to control what we do with your data; those steps are explained in this Privacy Policy.

When we talk about data and personal information in this privacy policy, we mean personal information that identifies you or that can be used to identify you, such as your name and contact information, information about your career (C.V.) as an employee or freelancer, information about your capacity as a service purchaser (customer) or any other personal information, justified as necessary, to fulfill our services. The privacy policy may also contain information about the way you use our website.

WHAT YOU NEED TO KNOW

Who is responsible for your data

Imalink NV is responsible for your data. Our business address is: Golflaan 12 at 9830 Sint-Martens-Latem. We are registered as a company in Belgium under company number BE471.930.932. We are the data controller of the data we collect about you, and as such we control the way your personal data is collected and the purposes for which that personal data is used.

How do we get your information?

As a candidate

via our website using a contact form (if available); or

• as a result of responding to an advertisement posted by us on a job website, online resume library or through social media; or
• as a result of matching your resume, as uploaded by you to a job site, online resume library or social media site, with an internal job opening or ICT project that we wish to fill; or
• as the result of a personal recommendation; or
• through your company website(s) or
• through your business card; or
• because you contacted us on your own initiative, or
• In the course of providing our services to you as a subcontractor or employee

As a customer / supplier

• via our website using a contact form (if available); or
• as the result of personal referral; or
• through your company website(s) or
• through your business card; or
• because you contacted us on your own initiative, or
• In the course of providing services to you as a customer or customer contact or as a supplier or supplier contact.

Personal Information We Collect About You Depending on how you use our services and our website and your role with respect to Imalink NV, we may collect the following types of information about you:

Your name and contact details (email address, phone number, address, ...)	When you apply for an ICT project When you apply for an open position in our company When you use our ICT services as a POC of your company (client) When you deliver services or products to our company When you fill in forms on our website (if available)
Information about your career (C.V.)	When you apply for the adoption of an ICT project When you apply for a vacant position in our company
Information about other persons or legal entities that you use as a reference regarding your career	When you apply for the adoption of an ICT project When you apply for a vacant position in our company
More sensitive information about yourself and your health (see information below on 'Sensitive Personal Data')	When a contract is established and this information appears to be necessary in the process If you are involved in an accident during the execution of a contract
The communication we have with you (emails, letters, phone calls, messages through an online chat service, messages sent through our social media platforms, feedback)	When you contact us When you respond to our requests for feedback During the performance of a contract

Sensitive personal data

Certain types of personal data, such as data about your racial or ethnic origin, physical or mental health, religious beliefs, or suspected commission or conviction of criminal offenses, are special categories of personal data that require additional protection under the law. We try to limit the circumstances in which we collect this type of sensitive personal data. We collect and process this data only when necessary; such as:

• You have requested a special type of meal that refers to or suggests your religion (e.g., a kosher meal) or a health issue (e.g., a gluten-free meal).
• You become involved in an accident while performing a contract.
• By providing sensitive personal information by yourself, you expressly agree that we may collect and use it to provide you with services.

How we use your personal data

We may use your personal information only if we have a good reason for doing so. By law, we may only use your information for one or more of the following reasons:

• To fulfill a contract we have with you, or
• if we have a legal duty to use your data for a particular reason, or
• when you consent, or
• because of vital interests, or
• because of public authority or in the service of the public interest
• When it is in our legitimate interest.

Legitimate interests are our business or commercial reasons for using your data, but we will nevertheless not place our legitimate interests unfairly above your interests. In the table below we have set out the different ways in which we use your personal data and the reasons we rely on for using it. If we rely on our legitimate interests in using your personal data, we will explain this to you.

What we use your personal data for	Legal grounds for its use	Our legitimate interests
To provide you servicesTo communicate with you and send you information about our possible collaboration	Fulfilling contractsOur legitimate interests	Keeping our records up to date, finding out which of our services might be of interest to youICT- Providing services and what we charge for themIdentifying or determining types of candidates and/or customers for new services or productsEffective about how we fulfill our contracts, provide our services and meet our legal obligations
To communicate with you and manage the relationship with youTo personalize and improve your customer experienceTo personalize and improve your supplier experienceTo understand your preferencesTo inform you about our evolving services that we think might interest you	Fulfilling contractsOur legitimate interests	Keeping our records up to date, finding out which of our services might be of interest to youICT- Providing services and what we charge for themIdentifying or determining types of candidates and/or customers for new services or productsEffective about how we fulfill our contracts, provide our services and meet our legal obligations
To meet our health and safety responsibilities	Fulfillment of contractsOur legitimate interestsOur legal obligation	Being efficient about how we fulfill our contracts, provide our services and meet our legal obligations
Comply with laws and regulations that apply to usRespond to complaints and attempt to resolve them	Fulfillment of contractsOur legitimate interestsOur legal obligation	Being efficient about how we fulfill our contracts, provide our services and meet our legal obligations
To run our business efficiently and properlyTo accomplish our administrative purposes, including personnel administration, accounting, billing and auditingTo improve our servicesTo manage how we work with other companies that provide services and/or goods to us and our customersTo protect our business interests	Fulfillment of contractsOur legitimate interestsOur legal obligation	Being efficient about how we fulfill our contracts, deliver our services and meet our legal obligationsIdentifying opportunities to improve the way we deliver our services to our customers
To develop and manage our brand, services and/or productsFor testing new services and/or products	Fulfillment of contractsOur legitimate interestsOur legal obligation	Being efficient about how we fulfill our contracts, provide our services and meet our legal obligationsIdentifying opportunities to improve the way we deliver products and services to our customers

Cookie usage?

Cookies are text files containing small amounts of information that are downloaded to your computer or mobile device when you visit a website. Cookies perform many different tasks, such as letting you navigate pages efficiently, remembering your preferences and goods and services you want to purchase, and sending you content that is relevant to you and your interests.

During a visit to our website, cookies may be placed on the hard drive of your computer. This only happens to better tune the site to the needs of the returning visitor. These mini files or cookies are not used to track the surfing habits of the visitor on other websites. Your Internet browser allows you to prevent the use of cookies, to receive a warning when a cookie is installed or to remove the cookies from your hard disk afterwards. Please consult the help function of your internet browser.

You can also find more information about cookies at:

www.allaboutcookies.org
www.aboutcookies.org
http://www.youronlinechoices.com/nl/

Marketing: how can you manage the messages you receive?

We may send you messages by email if you have indicated that you would like to receive such emails. Our marketing communications include information about our new and existing services, specific ICT projects that we think will interest you. We may also send you information with details of networking events to which you are invited.

Subject to applicable local laws and requirements, we will obviously not seek your consent when sending messages related to the above, but we will always give you the opportunity to opt-out of such emails.

Where we have previously engaged with you (for example, where you have provided us with a letter of application or a CV) or where you have placed your details on a job site, we will assume that you have given us permission to contact you with details of ICT projects which we believe will be of interest to you. You always have the right to withdraw this consent at any time.

Please note that if you tell us you do not want to receive marketing emails, you may still receive emails for us that are necessary to fulfill the potential contract we have with you.

If you ask us to stop sending you marketing emails, we will retain your personal information and your request so that we can ensure that you are excluded from the emails when they are sent.

How long do we keep your data?

We will only keep your data for as long as we need it. How long we need data for depends on what we use it for; whether that is to provide you with services, for our own legitimate interests (described above) or to comply with the law.

We will actively review the information we retain and when there is no further legal, regulatory or business need for us to retain it, it will be securely deleted or in some cases anonymized.

How do we protect your data?

We protect your personal data from unauthorized access, unlawful use, accidental loss, damage or destruction. We use technical measures such as encryption and strong password protection to protect your data and the systems in which it is stored. We also use operational measures to protect the data, for example by limiting the number of people who have access to the databases in which your data is kept. We continue to monitor these security measures and refer to industry security standards to stay abreast of current best practices

If you suspect any misuse or loss or unauthorized access to your personal information, please let us know immediately by sending an email to DPO@imalink.be

When do we share your data

Share within Imalink NV

We share your data internally only with employees who are authorized to have access to it. All employees are subject to confidentiality.

Sharing with our customers (clients)

We share your data as a candidate with our clients. When introducing candidates to our (potential) clients, we use an "Imalink CV" that was prepared by us on the basis of the application data, this with a view to establishing a contract.

Sharing with processors

We engage suppliers who process personal data on our behalf as processors. We conclude processing agreements with all these processors of personal data. We assess the security measures and compliance with privacy regulations in advance and monitor this periodically, as well as strict compliance with the concluded processing agreements.

Sharing with other responsible parties

We work with external parties who offer services whereby personal data may be exchanged. For example, these are parties who provide training or book business trips. We make agreements with these parties regarding the careful handling of your data.

We only provide personal data at the request of the police and judicial authorities if there is a legal obligation to do so.

Do we transfer your data outside the European Economic Area (EEA)?

No we do not transfer data to countries outside EEA.

However, should this be necessary in the future due to one of our legitimate interests (for example, a customer who would be outside the EEA), we will ensure that they are protected in the same way as if they were used in the EEA. We will use one of the following security measures to ensure that they are protected:

• transmit the data to a non-EEA country that has privacy laws at least as protective as those within the EEA
• enter into an agreement with the recipient of the data, which means that the recipient must protect the data to the same standards as apply within the EEA, or
• Send data to organizations that are part of the Privacy Shield. The Privacy Shield is a framework that sets standards for data sent between the United States and European countries. The Privacy Shield ensures that data is protected to the same standards as those used within the EEA.

Your rights

You have the right to access copies of all personal data we hold, and to modify, correct or delete such data. You can also restrict, reject or object to the processing of this data.

If you have given us permission to use your data, for example to send you marketing emails, you can withdraw that permission. Information on how to stop receiving marketing communications can be found above under the heading "Marketing: how to manage the messages you receive. Please note that even if you withdraw your consent, we can still rely on the consent you previously gave as the legal basis for processing your data before you withdrew consent.

You can object to the use of your data when we rely on our legitimate interests. We have explained the legitimate interests we rely on in the table above under the heading 'How we use your personal data'.

To object or exercise your rights, please email us at DPO@imalink.be or write to Imalink NV, Attn. Data Protection, Golflaan 12, 9830 Sint-Martens-Latem, Belgium.

When you contact us, you will receive a response as soon as possible and, where possible, within one month. If your request is more complicated, a response may take a little longer, but we will respond within two months of your request. Most requests are free of charge, but if you ask us to provide a significant amount of data, for example, we may ask you to pay a reasonable administration fee. We will also ask you to prove your identity thoroughly before we provide any information.

If Imalink NV decides to change this privacy policy, the changes will be posted on this page.

Complaints

If you have complaints about Imalink NV's processing of your personal data, you can send an e-mail to DPO@imalink.be, or you can write to Imalink NV, Attn. Data Protection, Golflaan 12, 9830 Sint-Martens-Latem, Belgium.

You have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data in the country where you live or work, or if you believe that a breach of data protection legislation has occurred.

For Belgium, you can contact the Commission for the Protection of Privacy by phone at +32 (0)2 274 48 00 or via the online contact form available on the Commission's website at: www.privacycommission.be.

Contact Us

You can write to: Imalink NV, Attn. Data Protection, Golflaan 12, 9830 Sint-Martens-Latem, Belgium.