This processing is performed by an entity under the holding company iO Group NV, Zavelheide 15, 2200 Herentals, registered under enterprise number 0712.677.311 (hereinafter: “we”, “our”, “iO”) and for what purposes these data are processed, in accordance with the applicable legislation relating to the protection of personal data.
What and why we process data
When you use our Websites, we process personal data relating to you.
This is done for the following purposes, for instance:
If you subscribe to our newsletter, we will process your email address to be able to send the newsletter. You give us your permission to do so.
When filling in our contact form, we will process your contact data to be able to respond to your request. You give us your permission to do so.
If you apply for one of our vacancies, we will process your contact data and resumé. You give us your permission to do so. If you agree, we will retain your data for our recruitment pool.
When you visit an iO campus and/or have an appointment with (one of) our colleagues at an iO campus, a privacy statement additionally applies to your registration as a visitor at iO.
We will not send any of the personal data you provide through the Website to social media providers unless you consent to this.
In addition to the above-mentioned objectives, we can also process your personal data:
to provide you in a personalised and efficient manner with the information on products and services that you request, either through the Website, by email, by telephone or through social media channels;
to process your personal data so that we can provide the Services;
for direct marketing purposes, i.e. to be able to provide you with targeted communication, promotional and other offers and any other advertisements that we may have available;
to provide to a financial institution or payment service provider, to enable your financial institution and the payment service provider to fulfil his, her or its statutory obligations;
to transmit to the police or the judicial authorities as proof of possible crimes or if there are founded suspicions of an unlawful deed or crime that you committed by means of your registration in or the use of the Website or the Services;
within the context of a possible merger with, acquisition of/by or demerger by a third party, even if such third party is outside the EEA.
With whom do we share data?
We do not send your personal data to third persons in a way that you can be identified without your express permission to do so if this is not necessary to provide the Services.
We can rely on external processors to offer the Website and/or Services to you. We ensure that third-party processors may only process your personal data on our behalf and pursuant to our written instructions. We guarantee that all external processors are selected with the necessary care, so that we can rest assured of the security and integrity of your personal data.
We can transmit anonymised and/or aggregated data to other organisations that can use these data to improve products and services, and to organise bespoke marketing, presentation and the sale of products and services.
Where we process data
We and our external processors will only process your identifiable personal data in the EEA.
We can transfer our anonymised and/or aggregated data to organisations outside the EEA. If such transfer is made, we shall ensure that there are appropriate guarantees to warrant the security and integrity of your personal data, and that all personal data rights that you might enjoy under applicable mandatory law are guaranteed.
A transfer to outside the EEA will take place via the following organisation.
Google Analytics – USA (standard contractual clauses)
Hubspot – USA (standard contractual clauses)
Facebook – USA (standard contractual clauses)
LinkedIn – USA (standard contractual clauses)
Hubspot – USA (standard contractual clauses and EU data center)
How we process data
We will take appropriate technical and organisational measures to keep your personal data secure from unauthorised access or theft and from unintentional loss, manipulation or destruction. Our personnel or the personnel of our external controllers will only be able to gain access on a need-to-know basis and this is subject to strict obligations of confidentiality. However, you should understand that the care for security and protection consists only of an obligation of means according to best efforts, which can never be guaranteed.
If and when your registration on the Website or use of the Website or Services can be regarded (a) as a breach of the terms and conditions of the intellectual property rights or any other right of a third party, (b) a threat to the security or integrity of the Services, (c) a danger to our or our subcontractors’ Website, Services or systems as a result of viruses, Trojan Horses, spyware, malware or any other form of malicious code, or (d) in any manner whatsoever illegal, unlawful, discriminatory or insulting, we may process your data in our own interests, in our partners’ or in third parties’ interests.
How long do you keep my data?
The retention periods vary depending on the nature of the service provided. We keep your data:
as long as necessary for the purposes for which it is collected and processed.
as long as necessary to comply with our legal, contractual and legal obligations and to fulfill our commercial operational activities.
What about recruitment and job applications?
The following applies more detailed to iO’s interactions with you as an applicant. By applying to one of iO’s job openings, you are requested to supply us with your data by filling out our application form via recruitment platform Recruitee. The data can include personal data (name, email address, phone number and home address), information about your profile (education, skills and work experience), cover letter, resume and code or URLs to your work. In addition, various questions may be asked about your profile, the job, your interests, etc. This information is only used for the assessment of you as a candidate and is not used for other purposes than recruitment.
We will retain candidate information up to 30 days after ending the job application procedure, unless explicit permission is given by the candidate to keep their personal data for future job openings. In the latter case, this information is retained up to one year after ending the job application procedure. We process and store your personal information in accordance with this Privacy Statement for the entire duration.
iO, together with processor Recruitee, provides appropriate organizational and technical security of its files in which your personal data is stored. In this way we make sure that your data is only accessible to persons who are authorized to do so by virtue of their role and that the data is only used for the purposes for which they were obtained.
You have the right to request access to all the personal data that we process about you. However, requests for access that are clearly submitted with a view to causing us inconvenience or damage will not be dealt with.
You have the right to request that any personal data about you that is incorrect or inaccurate be corrected free of charge. If you have registered on our Website, you can personally correct much of such data through your profile. If such a request is submitted, you must also enclose proof showing that the personal data for which you request correction is incorrect.
You have the right to withdraw previously granted permission for the processing of your personal data. You can withdraw your permission at all times by sending an email to email@example.com.
Instead of requesting removal, you can also request that we restrict the processing or your personal data if (a) you dispute the correctness of such data, (b) the processing is unlawful or (c) the data is no longer necessary for the objectives stated but you need it to defend yourself in judicial proceedings.
You have the right to object to the processing of personal data if you can show that there are serious and justified reasons regarding special circumstances warranting such an objection. However, if the envisaged processing is noted as direct marketing, you have the right to object to such processing free of charge and without giving any reason for this.
If your personal data is processed on the basis of permission or on the basis of a contract where the data is processed automatically, you have the right to receive the personal data provided to us in a structured manner and in a generally used format that can be read by a machine and, if technically possible, you have the right to directly transmit such data to another service provider. We will be the only persons to assess the technical viability of this.
If you wish to submit a request to exercise one or more of the above-mentioned rights, you can send an email to firstname.lastname@example.org. Such request must clearly state what right you wish to exercise and why. We will notify you immediately when such request has been received. If it appears that the request is founded, we will grant the request as quickly as is reasonably possible and no later than thirty (30) days after the request has been received. Extra legitimation regarding your identity may be requested.
We hope that we can resolve any query or concern you raise about our use of your information. The General Data Protection Regulation gives you the right to lodge a complaint with a supervisory authority. You can lodge your complaint by clicking the link:
Our Data Protection Officer
Name: Maxim Gernay
Address: Zavelheide 15, 2200 Herentals
Tel: +32 (0)14 28 29 20 (BE) / +31 (0)88 201 31 00 (NL)