🚀 Help build the ErfgoedApp we are looking for a colleague! Apply here
Instagram Facebook X Mastodon Register

Privacy Policy ErfgoedApp

ErfgoedApp a product of FARO. Flemish Support Center for Cultural Heritage vzw

I. INTRODUCTION

This privacy policy explains how FARO, Flemish Support Center for Cultural Heritage, handles the personal data of its customers, users (natural persons), and all other natural persons who are in contact with FARO (hereinafter referred to as "you"). Personal data is understood to mean any form of information that allows you to identify yourself directly or indirectly as a natural person.

FARO attaches great importance to the protection of your personal data and fully respects your privacy. FARO therefore processes and protects your personal data in a lawful, proper, and transparent manner. When processing your personal data, FARO obviously complies with the law, i.e., as of May 25, 2018, European Regulation No. 2016/679 of April 27, 2016, on data protection (better known as the General Data Protection Regulation or "GDPR") or any other legislative act that amends it.

Further information on the protection of personal data can be obtained from the Belgian Commission for the Protection of Privacy, known as the Data Protection Authority since May 25, 2018.

We invite you to read this statement carefully so that you are familiar with and understand FARO's policy in this area. This statement is updated regularly. The most recent version of the statement is available on our website. We will notify you via the usual communication channels if any significant changes are made.

II. WHO IS RESPONSIBLE FOR PROCESSING?

FARO, Flemish Support Center for Cultural Heritage vzw (BE0893.863.017), Grasmarkt 105 bus 44, 1000 Brussels, dpo@faro.be, Tel. +32 (0)2 213 10 60, is responsible for processing your data.

FARO is the entity responsible to the Data Protection Authority for the processing of your personal data. FARO determines the purposes for which your personal data is processed, as well as the means used and the processing characteristics.

FARO may engage specialized service providers to process your personal data on behalf of FARO and in accordance with FARO's instructions and this privacy policy. Only personal data that is strictly necessary will be passed on to these service providers (hereinafter referred to as "FARO's processors").

III. WHAT CATEGORIES OF PERSONAL DATA DOES FARO PROCESS?

Below is an overview of the categories of personal data that FARO may process. Other data may also be processed if necessary or useful for the continuation of the contractual relationship with FARO.

This table indicates the context in which FARO obtains or processes this data. It should be read in conjunction with the description of the purposes for which FARO processes the data.

CategoryExamplesContext
Identity detailsLast name, first name, title, address, place and date of birth, nationality, landline or mobile phone number and email address, national registration numberThis information is provided by you.
Billing informationAccount numberThis information is provided by you.
Professional detailsJob title, name of the organization you work for, professional areas of interest.This information is provided by you.
Visual materialPhoto or camera imagesThese images may be taken if you participate in our activities.


FARO does not process data that reveals your race or ethnic origin, or your political opinions, religious or philosophical beliefs, trade union membership, health or life data, or data about your sexual orientation, or genetic or biometric data.

FARO will only process national registration numbers of persons who enter into a contractual relationship with us on behalf of actual associations, more specifically as customers of the lending service (https://www.uitleendiensterfgoed.be).

The ErfgoedApp does not ErfgoedApp personal data; use of the app is completely anonymous.

The ErfgoedApp permission to use the camera, location, and Bluetooth. This is only to ensure the app works properly. We only use your location briefly to operate the map and locate you in order to provide you with information about heritage sites in your area. We also use your location to sort the tours according to where you are.

The ErfgoedApp which tours and content are opened by the app. We store this data as statistics on the use of the app and to provide feedback to the creators of the tours. These statistics cannot be linked to individuals and are therefore anonymous.

We use Bluetooth for our heritage beacons to provide you with more information in an exhibition based on your location. The location cannot be linked to a person, so its use is anonymous.

IV. FOR WHAT PURPOSES DOES FARO PROCESS YOUR PERSONAL DATA?

FARO collects and processes your personal data solely for the purposes described below. FARO ensures that only data that is necessary and relevant for a specific purpose is processed. FARO processes your data in situations permitted by law, specifically:

  • to perform a contract with you or to take certain measures at your request prior to entering into this contract.
  • to represent the legitimate interests of FARO, whereby these interests are weighed against your fundamental rights and freedoms.
  • in specific cases, with your consent, following a specific and unambiguous request, preceded by clear and understandable information; you may withdraw this consent at any time in accordance with the law.
  • to comply with legal obligations or, to the extent permitted, to comply with any reasonable request from competent police services, judicial authorities, government agencies or bodies, including competent data protection authorities.

1. CONTRACTUAL RELATIONSHIPS BETWEEN FARO AND YOU AS A CUSTOMER

Before concluding contracts, FARO sometimes needs to obtain and process certain data, in particular to respond to your request or to assist you in providing information and concluding the contract.

In the context of ongoing contracts or contract management, FARO needs to process certain data, in particular to comply with administrative and accounting obligations. In this context, your data may be sent internally within FARO to various departments or employees, including employees who are not necessarily directly responsible for the relationship with you or for the performance of a specific contract.

More specifically, FARO processes your data when you purchase products and publications from FARO, when you register for our (training) activities, when you reserve a meeting room at FARO, when you subscribe to our magazine, when you borrow a publication from our library, or when you borrow other materials from FARO. FARO may process your personal data for other additional purposes in the context of its relationship with you and the performance of contracts.

2. JUSTIFIED INTERESTS OF FARO

FARO also processes your data for the realization of its legitimate interests. In doing so, FARO strives to strike a fair balance between the need to process data and respect for your rights and freedoms, including the protection of privacy. Personal data is processed for purposes including:

  • personalizing FARO's services and communications.
  • improving the quality of the services provided to you by FARO by:
  • evaluation and improvement of processes, including campaigns and sales, through statistical analysis, satisfaction surveys, and various other research methods.
  • Improvement of existing (or developing) products, based on surveys, statistics, tests, and customer feedback via social networks (e.g., Twitter, Facebook) linked to FARO.
  • monitoring and evaluation of FARO's activities, including the number of visits to the FARO website, the nature of the questions and requests for advice received, etc.
  • preparing studies and statistics, using anonymization and pseudonymization of the individuals concerned.
  • the training of our staff through the use of practical examples for illustration purposes, whereby the individuals involved are anonymized and pseudonymized.
  • the use of cookies to improve the user experience of visitors to our websites. More information about our cookie policy: https://faro.be/cookiesbeleid.
  • the storage of evidence, including in the context of establishing, exercising, defending, and preserving the rights of FARO or all persons it represents, for example for collection procedures or disputes.

3. SPECIFIC LEGITIMATE INTEREST OF FARO: CONVENTIONAL DIRECT MARKETING

FARO carries out customer segmentation—particularly according to your needs—in order to offer you services that are better suited to your professional interests, for example. To this end, FARO may, among other things:

  • analyze your search or browsing behavior across various channels (emails, websites, mobile apps) and use this to deduce your preferences in order to personalize certain information and communications for you. More specifically, we use Google Analytics and Google Tag Manager, as well as tracking pixels in our newsletters, so that we can monitor the extent to which our newsletters are read. FARO does not use social media "share buttons" on our websites, which can be used by these social media to track your browsing behavior. However, we may occasionally use social media plug-ins or "widgets" on our websites, which may be used by these social media to track your browsing behavior.
  • customize the advertisements or messages on the web pages to match the interests you have shown through your browsing behavior on our websites or social networks, or through your presence at an activity or other event where FARO was present (e.g., a trade show).
  • Simplify the process of filling out forms by pre-filling certain fields with already known information and asking you to verify the accuracy of this information and update it if necessary.

4. YOUR CONSENT TO THE PROCESSING AND SENDING OF ELECTRONIC MESSAGES (ELECTRONIC DIRECT MARKETING)

FARO may process your personal electronic contact details (e.g., your email address) to send you personalized electronic messages and invitations in order to:

  • to keep you generally informed about our range of activities, events, services, and products via newsletters, emails, social media channels, etc. However, FARO will not use your mobile phone number for direct marketing purposes.
  • to provide you with more targeted information about activities and professional developments that may be of particular interest to you, based on your professional areas of interest relating to cultural heritage, via the channels mentioned above.
  • to inform you as a donor to our organization and involve you in our activities.

By accepting this privacy policy, you consent to the processing of your personal data for electronic direct marketing purposes and the sending of electronic messages. FARO will not use your mobile phone number for direct marketing purposes.

For some newsletters, we may use external email services, specifically Sparkpost. By subscribing to these newsletters, you acknowledge that your email address will be transferred to these external email services for processing in accordance with the privacy policy and terms and conditions of these external email services.

5. LEGAL OBLIGATION

In the context of the fight against the coronavirus and in accordance with the decisions of the National Security Council, FARO may pass on your contact details (more specifically your name, email address, and/or telephone number) that FARO processes as a participant in our activities to the competent government services responsible for contact tracing.

V. TO WHOM DOES FARO DISCLOSE YOUR PERSONAL DATA?

FARO treats your personal data with the utmost care and only shares your data in order to offer you the best services in the performance of its duties. FARO may send your data to organizations with which it is directly or indirectly affiliated.

In some cases, FARO is required by law to share your data with third parties, including:

  • government agencies or supervisory authorities when there is a legal obligation to transfer information;
  • judicial investigative authorities at their express request.

FARO may also transfer your data to specific service providers to assist with:

  • designing and maintaining computer equipment and internet applications or hosting services;
  • providing communication services, including online and social network providers;
  • preparing reports and statistics, printing documents, and designing products or services;
  • the organization of events and the management of customer communications.

In the aforementioned cases, FARO will ensure that third parties only have limited access to the personal data necessary to perform the specific tasks required. FARO will also ensure that third parties undertake to use the personal data in a secure and confidential manner and in accordance with FARO's instructions and its data protection policy.

FARO only stores your personal data on servers within the European Economic Area (EEA) or in a country or company considered safe by the European Union in accordance with the Privacy Shield Framework.

VI. HOW LONG WILL YOUR PERSONAL DATA BE STORED?

FARO will not retain your personal data for longer than is necessary to achieve the purposes for which the data is collected.

This period is linked to FARO's legal and tax obligations, as well as the legal requirement to retain your data beyond the retention period for evidence purposes or to respond to requests for information from the competent authority, which is 10 years in the context of FARO's contractual liability.

Outside this period, your personal data will be deleted or anonymized.

VII. HOW IS YOUR PERSONAL DATA PROTECTED?

FARO applies strict standards to protect the personal data under its control against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

FARO therefore takes technical and organizational measures such as encryption, antivirus firewalls, access controls, and strict selection of employees and suppliers to prevent and detect inappropriate access, loss, or disclosure of your personal data.

In particular, all persons who may access your data on behalf of FARO have been informed of the importance of protecting personal data and are aware of its confidential nature. FARO applies a password policy to its CRM and database systems and makes backups of personal data so that it can be restored in the event of physical or technical incidents.

In the unlikely and unfortunate event that your personal data under FARO's control is compromised by an information security breach, FARO will act immediately to identify the cause of such breach and take action through appropriate measures. If necessary, FARO will notify you of this incident in accordance with applicable law.

VIII. WHAT ARE YOUR RIGHTS WHEN IT COMES TO THE PROCESSING OF YOUR PERSONAL DATA?

1. RIGHT OF ACCESS, CORRECTION, RESTRICTION, ERASURE, DATA PORTABILITY, AND OBJECTION

For the purposes mentioned above, you have:

  • a right to access your personal data held by FARO. This means that you can ask FARO whether it processes your personal data, for what purposes this data is processed, which categories of data are processed, and to whom it is disclosed.
  • a right to rectification if you find that your personal data is inaccurate or incomplete.
  • a right to restriction if, for example, you dispute the accuracy of your personal data and this is for a period that allows FARO to verify this.
  • the right to erasure of your personal data. When your contract with FARO has ended, you can ask FARO to erase your personal data if it is no longer necessary for the purposes for which it was collected. You also have the option of requesting the erasure of personal data processed by FARO on the basis of your consent, unless FARO has another legal basis or a legitimate interest in processing it. In any case, FARO may retain this personal data if it is required for evidentiary purposes in the context of legal proceedings.
  • a right to the portability of data that you have provided to FARO if your personal data is processed on the basis of an agreement or on the basis of your consent to send electronic communications and this personal data is processed using automated processes. Under this right, you can ask FARO to send your personal data to you or directly to another data controller, insofar as this is technically possible for FARO.
  • the right to object to the processing of your data for the purposes stated. However, in certain cases, FARO may continue to process personal data if there are compelling legitimate grounds for the processing, or if there are grounds related to the establishment, exercise, or defense of legal claims.

You can exercise your rights by sending a written request, dated, signed, and accompanied by a copy of your identity document, by mail to FARO, Grasmarkt 105 bus 44, 1000 Brussels, or by email to dpo@faro.be.

2. RIGHT TO OBJECT TO THE SENDING OF ELECTRONIC MESSAGES (DIRECT MARKETING)

Previously, your consent was requested to process and use your electronic contact details for direct marketing campaigns or electronic newsletters. This applies in particular to communications sent to your email address. FARO will not use your mobile phone number for direct marketing purposes.

You have the right to object to the processing of your personal data for electronic direct marketing and to object to the future receipt of such messages. You can notify us of this in the following ways:

  • by sending a signed letter by post, enclosing a copy of your identity card, to FARO, Grasmarkt 105 bus 44, 1000 Brussels;
  • by sending a (scan of the) signed letter and your identity card to dpo@faro.be;
  • by clicking on a link or button at the bottom of an email or electronic newsletter sent to you by FARO to unsubscribe or opt out of this mailing or newsletter so that you no longer receive it.

However, exercising your right to object does not prevent FARO from contacting you for any other purpose, including a legal obligation or the performance of a contract, in accordance with this statement.

3. RIGHT TO USE YOUR IMAGE

If you participate in FARO activities, you may be depicted in a photograph or video footage. You agree that we may use these images on our websites, in our newsletters, social media channels, and in our publications, such as our magazine. If you believe that your image is being used by FARO without your consent, you can notify us by sending a written, dated, and signed request by mail to FARO, Grasmarkt 105 bus 44, 1000 Brussels, or by email to dpo@faro.be. We will then remove the image if possible.

4. RIGHT TO FILE A COMPLAINT

If you have any complaints regarding the processing of your personal data, you can contact us by mail at FARO, Grasmarkt 105 bus 44, 1000 Brussels, or by email at dpo@faro.be.

You can also submit a complaint to the Belgian Data Protection Authority, by mail to Drukpersstraat 15, 1000 Brussels, or by email to commission@privacycommission.be, or to the Flemish Supervisory Committee.

See also:
cookie policy
general terms and conditions of use for websites and apps
terms and conditions of sale and registration