AERG's legal dispositions concerning the protection of the privacy of its members are spelled out below
Association of ERC grantees AISBL
Effective since: 15 November 2021
1. GENERAL DISPOSITIONS
1.1 The ASSOCIATION OF ERC GRANTEES AISBL incorporated in Belgium (hereafter, « AERG») respects the privacy of its users (hereinafter, the "Users").
1.2 AERG processes the personal data transmitted to it in accordance with the legislation in force, and in particular Regulation 2016/679 of 27 April 2016 on the protection of individuals with regards to the processing of personal data and the free movement of such data, applicable from 25 May 2018 onwards (hereafter the "General Data Protection Regulation").
1.3 The AERG website is available for informational purposes.
The information provided therein is of a general nature, and is not necessarily relevant to every personal or particular situation. AERG takes all the necessary measures to ensure the information on its website is accurate and updated as regularly as possible. However, AERG shall accept no liability for erroneous or inaccurate information that may persist despite its efforts. AERG may not be held liable for interruptions of service or other technical problems affecting its network. It also may not be held liable for direct or indirect damage of any kind that might result from using this website (e.g. virus, corrupt files, loss of applications or other data, etc.). AERG reserves the right to modify or update the information on its website at any moment, as well as this legal notice, without prior notice.
1.5 The User acknowledges having read the information below and authorizes AERG to process, in accordance with the provisions of the Policy, the personal data that he/she communicates on the Website.
1.6 The Policy is valid for all pages hosted on the Website and for the registration forms of this Website. It is not valid for the pages hosted by third parties to which AERG may refer, and whose privacy policies may differ. AERG cannot therefore be held responsible for any data processed on these websites or by them.
2. DATA CONTROLLER
2.1 Simply visiting the Website shall take place without having to provide any personal data, such as first name, surname, postal address, e-mail address, etc.
2.2 As part of the Service, the User may be required to provide certain personal data. In this case, the data controller is:
2.3 Any question regarding the processing of this data may be sent to the following address: email@example.com
3. DATA COLLECTED
3.1 By subscribing to the AERG newsletter, the User gives their consent to AERG to record, store and use their email address in order to enable AERG to send them the newsletter by electronic means. The User always has the right to withdraw their consent. AERG shall then delete the email address and refrain from further communication. If the User remains a member of AERG after the withdrawal, AERG shall retain its personal data in order to communicate regarding the membership.
3.2 By completing the membership form on the Website and using the Service, the User enters a contractual relationship with AERG for the completion of which AERG will record and store, for the purposes mentioned in point 4, the following information:
- identifying data, such as the surname, first name, function, organisation or institution, e-mail address, and postal address;
- invoicing information;
- communications between the User and AERG.
3.3 The User also authorizes AERG to record and store the following data for the purposes mentioned in point 4:
- additional information requested by AERG from the User in order to identify them or to prevent them from violating any of the provisions of the Policy;
3.4 In order to facilitate browsing the Website as well as to optimize technical management, the Website may use "cookies". These "cookies" record, in particular:
- the User's browsing preferences;
- the date and time of access to the Website and other data related to traffic;
- the pages visited.
3.5 When the User accesses the Website, the servers consulted automatically record certain data, such as:
- the type of domain with which the User connects to the Internet;
- the IP address assigned to the User (when connected);
- the date and time of access to the Website and other data related to traffic;
- location data or other data relating to the communication;
- the pages visited;
- the type of browser used;
- the platform and/or operating system used;
- the search engine as well as the keywords used to find the Website.
3.6 No nominative data identifying the User is collected through the cookies and servers consulted. This information is kept for statistical purposes only so as to improve the Website.
4. PURPOSES OF PROCESSING THE DATA
4.1 The Website collects, stores and uses its Users’ data for the following purposes, in particular:
- to establish, carry out and conduct the contractual relationship with the User in the case the User is a member of AERG;
- to enable payment of the membership fee;
- to analyze, adapt and improve the content of the Website;
- to allow the User to receive messages regarding his membership;
- to allow the User to receive the newsletter he subscribed to;
- to facilitate the availability and use of the Website;
- to personalize the User's experience on the Website;
- to respond to requests for information;
- for any marketing activities and promotions proposed by AERG to Users who have given their consent;
- to inform them about any changes on the Website and its features;
- for any other purpose to which the User has expressly consented.
5. RIGHTS OF THE PERSON CONCERNED
5.1 Provided the User shows proof of its identity, the User may exercise the following rights:
- obtain a copy of all his/her personal data processed by AERG and, if applicable, all information available regarding its origin, destination, and purpose;
- rectify any inaccuracy in his/her personal data, and add to any incomplete data;
- have his/her personal data erased, subject to regulatory requirements;
- restrict the processing of his/her personal data, subject to regulatory requirements;
- obtain a copy of the personal data the User has provided to AERG, in a structured and commonly used format;
- oppose the processing of his/her personal data, subject to regulatory requirements and for reasons related to your particular situation;
- lodge a complaint with the Data Protection Authority - contact(at)apd-gba.be
The conditions under which the rights referred to under in paragraphs 3, 4, and 6 above are described in the Appendix I.
5.2 The User may, at any time, exercise its rights, by
- sending an e-mail to: firstname.lastname@example.org
- sending postal mail to:
Association of ERC Grantees AISBL
℅ Université libre de Bruxelles
Avenue Franklin D. Roosevelt, 50
B1050 Bruxelles, Belgium
5.3 AERG will then take the necessary steps to satisfy this request as soon as possible. In accordance with the law, a response will be provided within 30 days of the request being made.
6. DURATION OF STORING THE DATA
6.1 AERG will keep the personal data of its Users for the duration necessary to achieve the objectives pursued, as long as the User is a member of AERG or as long as the User has not expressed the with to terminate his/her membership. (see point 4).
6.2 AERG may also continue to keep personal data concerning the de-registered User, including all correspondence or request for assistance sent to AERG in order to be in a position to address any questions or complaints that may be sent to it, and in order to comply with all applicable laws.
6.3 AERG will keep the personal data of its Newsletter subscribers until the latter express the will to unsubscribe.
7. COMPLAINT WITH THE SUPERVISORY AUTHORITY
The User is informed that he has the right to lodge a complaint with the Belgium Data Protection Authority (contact(at)apd-gba.be). In such a case, AERG would like to have the opportunity to answer to the User’s complaint prior to its submission to the Data Protection Authority.
8.1 AERG has taken the appropriate organizational and technical measures to ensure a level of security adapted to the risk and that, to the extent possible, the servers hosting the personal data processed prevent:
- unauthorized access to or modification of this data;
- improper use or disclosure of such data;
- unlawful destruction or accidental loss of such data.
8.2 In this respect, employees of AERG who have access to this data are subject to a strict confidentiality obligation. Nevertheless, AERG may in no way be held liable in the event that this data is stolen or hijacked by a third party despite the security measures adopted.
COMMUNICATION TO THIRD PARTIES
8.4 AERG processes personal data as confidential information. It will not communicate them to third parties under any condition other than those specified in the Policy, such as to achieve the objectives set out and defined in point 4, or under the conditions in which the law requires it to do so.
8.5 AERG may communicate its Users’ personal information to third parties to the extent that such information is necessary for the performance of a contract with its Users. In such cases, these third parties will not communicate this information to other third parties, except in one of the two following situations:
- the communication of this information by such third parties to their suppliers or subcontractors to the extent necessary for the performance of the contract;
- where such third parties are obliged by the regulations in force to communicate certain information or documents to the competent authorities in the field of combating money laundering, as well as, in general, to any competent public authority.
The list of third parties concerned by the above is available in the Appendix II
8.7 The communication of this information to the aforementioned persons shall, in all circumstances, be limited to what is strictly necessary or required by the applicable regulations.
9. TRANSFER TO A NON-EU COUNTRY OR COMPANY
AERG transfers data to a non-EU country or company only when that country provides an adequate level of protection within the meaning of the legislation in force, and, in particular the Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, applicable from 25 May 2018 (hereinafter the "General Data Protection Regulation"), and the Belgian Law of 30 July 2018 on the protection of natural persons with regard to the processing of their personal data, or within the limits permitted by the legislation in force, for example by ensuring the protection of data by appropriate contractual provisions.
10. DIRECT MARKETING
10.1 The personal data will not be used for direct marketing purposes for information or services other than those to which the User has already subscribed, unless the User has previously explicitly consented to such use by ticking the boxes provided for this purpose ("opt-in"). On the basis of the preferences the User has expressed, we may also send you information about related activities and services.
10.2 When the User has given his/her consent to the use of this information for direct marketing purposes, the latter retains the to withdraw his/her consent at any time, upon request and free of charge. The User may use the Unsubscribe link provided in all our emails or simply communicate his/her request by writing to the following address: email@example.com
11. NOTE CONCERNING MINORS
11.1 Persons under the age of 18 and persons who do not have full legal capacity are not permitted to use the Website. AERG asks them not to provide their personal data.
12. UPDATES AND CHANGES TO THE POLICY
12.1 By informing Users through the Website or email, AERG may modify and adapt the Policy, in particular to comply with any new legislation and/or regulations applicable, the recommendations of the Data Protection Authority as well as the guidelines, recommendations and best practices of the European Data Protection Board and the decisions of the courts and tribunals on this issue.
13. VALIDITY OF THE CONTRACTUAL CLAUSES
13.1 Failure by AERG to invoke - at any given time - a provision of this Policy, may not be interpreted as a waiver to subsequently make use of its rights under the said provision.
13.2 The invalidity, expiration or the unenforceable nature of all or part of one of the above or below mentioned provisions shall not give rise to the invalidity of all the Policy. Any fully or partially invalid, lapsed or unenforceable provision shall be deemed not to have been written. AERG undertakes to substitute this provision with another which, to the extent possible, fulfils the same objective.
14. APPLICABLE LAW AND COMPETENT COURT
14.1 The validity, interpretation and/or implementation of the Policy are subject to Belgian law, to the extent permitted by the provisions of applicable private international law.
14.2 In the event of a dispute relating to the validity, interpretation or implementation of the Policy, the courts and tribunals of Brussels have exclusive jurisdiction, to the extent permitted by the provisions of applicable private international law.
14.3 Before taking any step towards the judicial resolution of a dispute, the User and AERG undertake to attempt to resolve it amicably. To this end, they shall first contact each other before resorting, where appropriate, to mediation, arbitration, or any other alternative method of dispute resolution.
Appendix I : rights subject to requirements
Right to erasure (article 17 of the GPDR)
A person may exercise their right to erase their personal data if:
- the personal data are no longer necessary in relation to the purposes for which they were collected;
- the data subject withdraws consent on which the processing is based and there is no other legal ground for the processing;
- the data subject objects to the processing and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing for direct marketing purposes;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Belgian law;
- the personal data have been collected in relation to the offer of information society services.
Right to restriction (article 18 of the GPDR)
A person may exercise their right to restrict the processing of their personal data if:
- the accuracy of the personal data is contested by the data subject, for a period enabling the University to verify the accuracy of the personal data;
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the University no longer needs the personal data for the purposes of the processing, but they are still required by the data subject for the establishment, exercise, or defence of legal claims;
- the data subject has objected to processing pursuant, pending the verification whether the legitimate grounds of the University override those of the data subject
Right to object (article 21 of the GPDR)
The data subject shall have the right to object, on grounds relating to his or her particular situation, to processing of personal data concerning them which is based on the performance task carried out in the public interest or legitimate interest, unless AERG demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
Appendix II : third parties processing personal data for AERG