We process the following data:
When you use the iO website, we process certain personal data. This includes the following:
· (technical) Identification data (IP address, geographical location, surname/first name)
· Contact details (name, e-mail address, address, telephone number)
· Personal characteristics and career data (age, gender, CVs)
· When you visit an iO campus and/or have an appointment with (one of) our colleagues at an iO campus, a privacy statement additionally applies to your registration as a visitor at iO.
Why and when do we do this?
· Improving the user experience for you as a website visitor based on your consent.
· To perform statistical analyses to improve our website and/or services, or to develop new products or services based on your consent.
· To comply with contact requests via the contact form, based on your consent.
· When you are completing registration for an event, webinars, competitions, etc. based on your consent.
· During the job application process, we collect resumes based on your consent.
· To include you in our talent pool based on your consent.
· To facilitate the sending of newsletters and updates based on your consent, and in the case of a long-term customer relationship based on a legitimate interest.
· To end downloads based on your consent.
· Follow up messages based on legitimate interest so that we can proactively keep you informed of developments around the services that we have previously provided you with or have already provided information about.
· To provide you with the information about products and services that you request in a personalised and efficient way, whether through the website, email, telephone, or social media channels based on your consent or legitimate interest.
· Where necessary to provide to a financial institution or payment service provider, to enable that financial institution and/or the payment service provider to comply with their legal obligations.
· To transfer to the police or judicial authorities as evidence of possible crimes or if there are well-founded suspicions of an unlawful act or crime committed by you through your regulation or use of the website or services on a legal basis.
Who do we share your data with?
We do not send your personal data in an identifiable manner to third parties (with the exception of carefully chosen processors), if this is not necessary for the operation of the website or provided that you have given explicit permission for this.
We may use external processors to deliver some of our website services. We ensure that these external processors may only process your personal data with clear, written instructions from us. We guarantee that all external processors are selected with the necessary care so that we can count on the security and integrity of your personal data. We use the following tools or have links to them from our website:
We may transfer anonymised and/or aggregated data to other organisations that use this data to improve their products and services and to organise the marketing, presentation and sale of tailor-made products and services.
In exceptional cases, we may be required to disclose Personal Data on the basis of a court order or mandatory laws or regulations. We will endeavour to inform you of this in advance unless this is not possible for legal reasons.
Where we process data
We and our external processors will only process your identifiable personal data in the European Economic Area (EEA) and only if there is a legitimate basis for doing so.
If such a transfer takes place, we will ensure that appropriate safeguards are in place to ensure the security and integrity of your personal data. All rights relating to personal data that you could enjoy under applicable mandatory law are guaranteed and the necessary legal protection mechanism is put in place.
How we process data:
3. We will take the appropriate technical and organisational measures to keep your personal data safe from unauthorised access, theft, accidental loss, manipulation, or destruction. Access by our staff or staff of our external processors is only possible on a need-to-know basis and is subject to strict confidentiality obligations. However, you understand that the intentions for safety and security are only best efforts obligations, which can never be guaranteed. We cannot be held liable for damage in resulting from incorrect or unlawful use by a third party of your personal data in the event of a data security breach.
4. We may process your data in the interest of ourselves, our partners or third parties if and when your registration on the website or use of the website or services can be considered (a) a violation of the terms or intellectual property rights or any other right of a third party, (b) a threat to the security or integrity of the Services, (c) endangers the website or systems of us or our subcontractors due to viruses, Trojan horses, spyware, malware, or any other form of malicious code, or (d) is in any way illegal or unlawful, discriminatorynd or offensive.
How long do you retain my data?
The retention periods vary depending on the nature of the service provided. We store your data:
· For as long as necessary for the purposes for which they are collected and processed. For general services such as newsletters, contact forms, this applies for as long as necessary to be able to perform the service. Application data will be stored for up to 2 months after the application procedure. Afterwards, permission can be granted to keep the data for up to one year.
· For as long as they are necessary to comply with our legal, contractual, and legal obligations.
1. You have the right to request access to all personal data that we process about you. However, requests for access that are obviously submitted with a view to causing nuisance or damage to us will not be processed.
2. You have the right to request that all personal data about you that is incorrect or inaccurate be corrected free of charge. If a similar request is submitted, you must also attach proof that this request that the personal data for which correction is requested is incorrect.
3. You have the right to withdraw your previously given consent to the processing of your personal data . You can withdraw your consent at any time by sending an e-mail to email@example.com.
4. You have the right to request that personal data relating to you be deleted if you withdraw your consent to its processing. However, you should take into account that a request for deletion will be assessed by us in light of legal or regulatory obligations or administrative or judicial orders that may prevent us from deleting the personal data concerned.
5. Instead of deletion, you can also request that we restrict the processing of your personal data if (a) you dispute the accuracy of the data, (b) the processing is unlawful or (c) the data is no longer necessary for the aforementioned purposes, but you need it to defend yourself in legal proceedings.
6. You have the right to object to the processing of personal data if you can demonstrate that there are serious and justified reasons related to special circumstances that justify such an objection. However, if the intended processing is classified as direct marketing, you have the right to object to such processing free of charge and without justification.
7. Where your personal data is processed on the basis of consent or on the basis of a contract and the processing is carried out by automated means, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and, if technically possible, you have the right to transmit this data directly to another service provider. The technical feasibility of this is assessed exclusively by us.
If you have a complaint (or would like more information) about the processing of your personal data by us, you can always contact us via the e-mail address firstname.lastname@example.org.
If you remain dissatisfied with our answer, you are free to file a complaint with the data protection authority. You can submit a complaint by clicking on the following link:
· For the Netherlands: Dutch Data Protection Authority;
· For Belgium: Data Protection Authority.
Data from our Data Protection Officer (dpo)
We have a DPO team for Belgium and the Netherlands. With all your questions for them, you can contact email@example.com