top of page

BANTS Privacy Statement

Last Date of Revision: 19 August 2021

1. Who does this privacy notice apply to?

1.1.  This Privacy Notice applies to BANTS Consulting BV (hereinafter referred to as: “BANTS”, company number BE0699.984.365).

1.2.  BANTS (“We”) is a Belgian and European company supporting businesses, public organizations, and civil society organizations to safeguard lives, assets, and deliverables by providing strategic security and pragmatic risk management solutions, globally.

1.3.  BANTS is a separate and independent legal entity that processes personal data. We act as data controller for the processing of your personal data.

1.4.  We are committed to protect and process personal data entrusted to us in a correct and transparent manner, in particular in accordance with the applicable legislation and, in particular, the General Data Protection Regulation 2016/679 of 27 April 2016 (“AVG” or “GDPR”).

2. What is covered by this privacy notice?

2.1.  With this Privacy Notice We would like to inform you about how and why We process your personal data as a data controller when We perform our activities or when you use the Site and any of the forms and applications offered thereon, who We give that information to, what your rights are and who you
can contact for more information.

2.2.  When We refer to “the Site”, We mean the webpages that start with the following url: www.bants.be 

2.3.  The Sites may contain links to other websites. Whilst We try to link only to websites that share our high standards regarding data protection, We are not responsible for the content or policy regarding data protection of those websites. This Privacy Notice only relates to data collected by us.

2.4.  When linking to other websites, We strongly recommend you to first review the Privacy Notices on these websites, before disclosing any personal information.

2.5.  Please be aware that, when you visit our page on LinkedIn (https://www.linkedin.com/company/bantsconsulting/) or Twitter (https://twitter.com/BantsConsulting), whether or not using the shortcut on our website, cookies are used by LinkedIn and Twitter. In this way, We can obtain more information - in a complete anonymized way - about the public that visits our LinkedIn and Twitter pages.

2.6.  For more information about why and how personal data are processed in this respect, We refer to the privacy and cookie policies of both LinkedIn and Twitter:

3. For what purposes do we process personal data?

3.1.  I am a website visitor.

3.1.1.   
We only process your personal data for legitimate business reasons. These purposes include, but are not limited to dealing with enquiries, requests and complaints sent to general contact addresses or via online forms.

3.2.  I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

3.2.1.   
We process your personal data for legitimate business reasons. These purposes include, but are not limited to:

  • customer and supplier management;

  • consumer management; 

  • business contacts management; 

  • orders and supply management;

  • invoicing and accounting;

  • providing information on our company, products, services and special offers;

  • the good organization of our services;

  • background screening of suppliers and sub-contractors;

  • direct marketing and sales;

  • marketing purposes;

  • event management;

  • outreach activities;

  • dealing with enquiries, requests and complaints;

  • dispute management;

  • public relations;

  • statistics and market research;

  • safety;

  • access control; 

  • respecting our legal obligations.

3.3.  I am a job applicant.

3.3.1.   
The purpose for processing your personal data, is to register your application for a job in our company and, if this application leads to the start of a selection procedure, to make your profile, meaning that We will process all the necessary data that is required to assess your job application in view of a potential recruitment. This evaluation can also imply an evaluation by a third party (‘assessment’).

3.3.2.   
In case of a positive evaluation and decision to hire you, We will also use your personal data to prepare an employment contract.

3.3.3.   
In case of a decision not to hire you, We will also store your personal data for a specified period, i.e. in order to be able to contact you in the future if any future opportunities would seem to match your profile or in order to be able to defend ourselves if you were to take legal action against us on the basis of the recruitment procedure.

4. On what legal grounds do we process your personal data?

4.1.  I am a website visitor.

4.1.1.   
When you contact us via a general contact address or via an online contact form your personal data will in principle be processed for the purposes of our legitimate interests (namely the interest to handle your enquiries, requests and customers in the best possible way).

4.1.2.   
In this respect We will always determine case by case whether our interests outweigh your interests,
fundamental rights and freedoms. If you want more information about this, you can always contact us.

4.1.3.   
For sending electronic direct marketing, We will always ask your explicit consent, unless We have obtained your e-mail address in the context of the sale of related products or services and you have not opposed to such use of your data. You may unsubscribe at any time by clicking ‘Unsubscribe’ at the bottom of the direct marketing message.

4.2.  I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

4.2.1.   
We process your personal data on the abovementioned legal grounds:

  • for the purpose of concluding and performing contracts concluded with you, including (but not limited to) accounting, invoicing and deliveries;

  • for complying with legal obligations, including background screening for contracts that require
    government clearance;

  • for the purpose of the legitimate interests of our company and/or a third party, including (but not
    limited to) the smooth running of our business activities, customer and supplier management, access control, etc. and after conducting a balancing test. If you want more information about this, you can always contact us. 

4.2.2.   
If We have the legal obligation to obtain your free, informed, specific and unambiguous consent to process your personal data for certain purposes (e.g., very specific direct marketing and
market research activities, audio and video recordings, photographs), We will only process your data for such purposes to the extent that We have obtained such consent from you.

  • For example, We will always ask your explicit consent for sending direct marketing, unless We have obtained your e-mail address in the context of the sale of related products or services and you have not opposed to such use of your data. You may unsubscribe at any time by clicking unsubscribe at the bottom of the direct marketing message.

4.3.  I am a job applicant.

4.3.1.   
The processing of your personal data is necessary to take measures prior to the conclusion of an employment agreement and it is in our legitimate interest i.e., the interest to assess you before making you an employment offer, which to us also seems to be in your interest (or at least not outweighed by our interest). 

4.3.2.   
Keeping your data during a certain period of time in order to contact you in case of future opportunities or to be able to defend ourselves with regard to the recruitment procedure, is also within our legitimate interest.

5. What are your rights?

5.1.  You have several rights concerning the personal data that We process about you. In particular, you have the right to:

  • gain access to your personal data and receive a copy thereof;

  • ask that We update or correct your personal data when you believe they are incorrect or incomplete;

  • ask that We delete your personal data, or restrict the way in which We use such personal data when you believe that We have no (longer a) lawful ground to process it;

  • withdraw consent to the processing of your personal data (to the extent such processing is based on your consent);

  • receive your personal data in a structured, commonly used and machine-readable format and to transmit such data to another party (to the extent the processing is based on consent or on the execution of a contract);

  • object to the processing of your personal data for which We use legitimate interest as a legal ground, in which case We will cease the processing unless We have compelling legitimate grounds for the processing.

5.2.  You also have the right to object at any time to the processing of personal data for direct marketing by contacting us (see below) or by clicking the unsubscribe link in the direct marketing messages We sent. In that case, We will no longer process your personal data for direct marketing purposes. 

  • In order to exercise any of the abovementioned rights, you can send an e-mail to privacy@bants.be.

5.3.  You may also use these contact details if you wish to make a complaint relating to the processing of personal data.

5.4.  If you are unhappy with the way We handle your personal data, you have the right to complain to the supervisory authority of the Member State in which you usually reside.

6. How do we obtain personal data?

6.1.  I am a website visitor.

6.1.1.   
We may obtain your personal data when you use the Sites and the applications offered thereon (e.g., contact button). We may also obtain your data when you contact us via the contact details mentioned on the Sites.

6.2.  I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

6.2.1. 
We may obtain your personal data in the framework of the execution of our business activities.

6.2.2.
We may obtain such personal data because you give it to us (e.g., by contacting us etc.), because others give it to us (e.g. third party service providers that We use in the framework of our activities) or because they are publicly available (e.g. on social media).

6.2.3.
We may also obtain your personal data through the way you interact with us.

6.2.4.   
When We obtain your personal data from external parties, We make reasonable efforts to enter into
contractual clauses with these parties obliging them to respect the relevant data protection legislation. This can for example be done by obliging this party to provide you with all necessary information or - if necessary - to obtain your consent for processing the personal data as described in this Privacy Notice.

6.3.  I am a job applicant.

6.3.1.   
We will first obtain your personal data because you provide them to us in the context of your
application.

6.3.2.   
During the application process We can also generate or obtain personal data relating to you from others (e.g., references).

7. Which personal data do we collect?

7.1.  I am a website visitor.

7.1.1.   
We may collect all your personal data that you yourself provide to us when you contact us via the contact details mentioned on the Site or when you us the applications on the Site.

7.2.  I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

7.2.1.   
The personal data that We collect may include the following:

  • standard identification and contact data (e.g., name, address (private/work), telephone number (private/work), e-mail address (private/work);

  • personal characteristics (e.g., age, gender, date of birth, place of birth, nationality, language, ...);

  • financial data (e.g., bank account number, …);

  • copy of your ID and/or passport;

  • employment data (e.g., organization you work for, job title, …);

  • the information you provide us in forms (e.g., contact forms) and to all possible services and communication channels that We offer;

  • data about how you use our products and services;

  • camera images;

  • audio recordings, video recordings and photographs of meetings;

  • meeting records;

  • information about delivered products and/or services;

  • data about how you interact with us and other similar information;

  • for contracts that require government clearance, private information including criminal records, history
    of employment, financial information, and details of past contracts may be requested.

7.3.  I am a job applicant.

7.3.1.   
The personal data that We collect may include the following: 

  • standard data related to your identity (surname, name(s), address, …);

  • personal data (date and place of birth, nationality, gender, phone number, e-mail address, …);

  • your picture if you give it to us on a voluntary basis (e.g., included in your CV);

  • data with regard to your professional experience (profile, data on previous employers, termination of last employments and work carried out, special projects, …), including reference checks if you have given references in your CV;

  • data with regard to your education (diploma’s, certificates, internships, special trainings, …);

  • language skills;

  • if applicable, whether you possess a work and/or residence permit in the European Economic Area (EEA);

  • any other personal data that share with us during your application, in your CV or motivation letter, related to the exercise of the function;

  • digital assessment through the internet (social media presence), insofar as this presence is open for us to see;

  • any other personal data (than mentioned above) that require processing by virtue of the law.

7.3.2.   
You are not obliged to provide us with these data. However, not doing so might adversely affect your chances of recruitment.

8. Which personal data do we collect?

8.1.  I am a website visitor OR I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

8.1.1.   
We may disclose your personal data to affiliated companies or third parties who reasonably require access to such data in order to fulfill one or more of the abovementioned purposes. The following external parties may for instance be involved: 

  • external service providers the Company relies on for various business services;

  • law enforcement authorities and public authorities in accordance with the relevant legislation;

  • external professional advisors (e.g., attorneys or consultants of the Company).

8.1.2.   
With your explicit consent, We may transfer personal data to third parties (e.g. marketers) for direct marketing purposes, including targeted advertising. 

8.1.3.   
We do not transmit your personal data to receivers located in countries outside the European Economic Area (EEA) whose legislation does not offer the same level of data protection.

8.2.  I am a job applicant.

8.2.1.   
Administrative Unit and your envisaged hierarchic coordinator(s) will have access to your personal data on a strict ‘need-to-know’ basis for the abovementioned purposes.

8.2.2.   
We will not forward your data to other parties, with the possible exception of assessment centers, etc. or any other third party if this is relevant to the recruitment procedure. 

8.2.3.   
The confidentiality of your personal data is guaranteed.

8.2.4.   
We do not transmit your personal data to receivers located in countries outside the European Economic Area (EEA) whose legislation does not offer the same level of data protection.

9. Are your personal data protected?

9.1.  We employ strict technical and organizational (security) measures to protect your personal data from access by unauthorized persons, against unlawful processing, misuse, damage, loss, and destruction both online and offline.

9.2.  These measures include for example:

  • trainings to relevant staff to ensure they are aware of our obligations regarding data protection when
    handling personal data;

  • administrative and technical controls to restrict access to personal data to what is necessary;

  • regular and systematic security checks;

  • hosting of data primarily on servers located in the European Union;

  • technical security measures, including passwords, biometric security measures, fire walls, anti-virus
    software and encryption;

  • physical security measures, such as security badges to access our premises.

9.3.  Although We use appropriate security measures once We have received your personal data, the transmission of data, especially over the internet (including by e-mail), is never completely secure. We endeavor to protect your personal data, but We cannot guarantee the security of data transmitted to us or by us. 

9.4.  We limit access to your personal data to persons who reasonably need that information in order to carry out their jobs.

10. How long will your personal data be stored?

10.1. I am a website visitor.

10.1.1. Your personal data will not be stored longer than necessary for the abovementioned purposes.

10.1.2. As a general rule, personal data obtained through the Site are stored for a period of five years.

10.1.3. Personal data processed in the context of direct marketing, for example for our newsletters, will in principle be stored for a period of five years from the last contact with our company. However, We can store your personal data longer for these purposes if in the meantime you have become our customer, namely for a period of 10 years from the delivery of products or services, or from the last contact with our company if that would take place later.

10.1.4. Depending on the specific situation We may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer: (i) as long as is necessary for the activity or service concerned; (ii) any retention period that is required by law; or (iii) the prescription period wherein litigations may be instituted.

10.2. I am (a contact person of) a customer, a supplier or any other individual whose personal data processed (e.g., a visitor, a business contact or a customer).

10.2.1. As a general rule, personal data in the framework of the use of our services are stored for a period of 10 years as from the end of the contractual relationship (including warranty periods and after-sales services).

10.2.2. Personal data processed in the context of direct marketing, for example for our newsletters, will in principle be stored for a period of five years from the last contact with our company. However, We can store your personal data longer for these purposes if in the meantime you have become our customer, namely for a period of 10 years from the delivery of products or services, or from the last contact with our company if that would take place later.

10.2.3. Camera images are kept for 30 days unless a violation can be detected. In the latter case, We will keep the images for as long as necessary in the context of a possible claim or procedure.

10.2.4. Depending on the specific situation, We may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer: (i) as long as is necessary for the activity or service concerned; (ii) any retention period that is required by law; or (iii) the prescription period wherein litigations may be instituted.

10.3. I am a job applicant.

10.3.1. We will retain your personal data for the period necessary in the light of the abovementioned purposes.

10.3.2. If the application does not result in an employment relationship, your personal data will be stored for five years after the end of the recruitment procedure.

11. Are your personal data used for automated decision-making?

11.1. Automated decisions are defined as decisions about individuals that are based solely on the automated processing of personal data, and that produce legal effects, and that significantly affect the individuals involved.

11.2. As a rule, personal data will not be used for automated decision-making. We do not base any decision about you solely based on automated processing of personal data (also not in the context of our recruitment procedure).

12. How to contact us?

12.1. If you have any further queries about this Privacy Notice and the Sites in general, you can contact us by sending an email to privacy@bants.be.

13. Changes to this privacy notice.

13.1. We may modify this Privacy Notice from time to time. To let you know when We make changes to this Privacy Notice, We will amend the revision date at the top of this page. The new modified Privacy Notice will apply from that revision date.

13.2. Please check this page periodically to keep up to date about changes and additions. If We have your e-mail address, We will also inform you electronically of any changes to this Privacy Notice.

-

bottom of page