Trust is what allows us to have meaningful relationships with one another. It is about having faith, learning from interaction and being open to an adjusting position. Trust is nurtured by honest and open communication and provides a foundation for confidence and partnership. Trust goes hand in hand with responsibility. Only with great leadership and with respecting and exceeding expectations we can succeed. Trust and responsibility are two important values of BrightWolves. We understand that your trust in BrightWolves is our most important asset (hereinafter referred to as “we” or “us”). Therefore, we take our responsibility and handle your privacy with great care.
Our aim is to process your personal data in a legal, appropriate and transparent manner. In this privacy statement, we explain (i) which of your personal data we collect from you as a natural person, (ii) the way we use and process this personal data, as well as (iii) your privacy rights and how you can exercise them.
This privacy statement is applicable to (i) our website (www.brightwolves.eu) and (ii) all (commercial) relations between us and our customers, prospects and business partners.
How can you contact us?
If you have questions about this privacy statement, or the way we collect, use or process your personal data, please contact us via e-mail: firstname.lastname@example.org.
Which of your personal data do we collect?
- Personal identification data (first name, last name, phone number, (company) address, e-mail address,…)
- Personal details (gender, education,…)
- Personal details and professional experience as a result of uploading a document (CV upload)
- Data collected through media usage (mobile, desktop, social media, chatbot,…)
- Interests in our product offering through download of content made available on our media (website, chatbot,…)
- Information provided via forms (message box on contact page, download form, how can we help, feedback,…)
How do we collect your personal data?
- Subscribing to the newsletter
- Subscribing to marketing content series
- Visiting the website
- Completing website forms
- Incoming and outgoing correspondence with us through our online channels (social media, website, chatbot, …)
- Requesting a quote
- The exchange of business cards
How do we use and process your personal data?
We may process all categories of personal data in order to comply with legal and regulatory requirements.
- For all personal data related to our customers and subcontractors we act in accordance with our legitimate interest and our contractual relations. In such cases we process personal data for: sending targeted marketing and advertising, updates and promotional offers, to conduct customer satisfaction studies, surveys and market research.
- To draw up a quote
- To perform our contracts duly and properly (administration, issuing invoices, collecting payments)
If you give consent to receive information, we will process your data for sending targeted marketing and advertising, updates and promotional offers. If you do not want to receive any publicity at all, you can at any time exercise your right to object to direct marketing.
For pursuing the correct follow-up of our applicants, we process your personal data to evaluate during the hiring process.
We will never sell your personal data. We do not hire or sell your data to third parties for their own use, unless you opt for this yourself and give your consent.
How long do we store your personal data?
Unless a longer storage period is required or justified (i) by the law or (ii) through compliance with another legal obligation, we shall only store your personal data for the period necessary to achieve and fulfil the purpose in question. Once that purpose no longer exists, we delete the data.
Your personal data will be held during the duration of our contractual relationship and up to 10 years thereafter.
Personal data of prospect will be held for a period 5 years unless there has been a contact with the prospect at which case a new 5-year period will start. Prospects can always request to have their personal data removed.
Personal data of applicants will be stored for a period of 2 years following the closure of the hiring process. Unless there is a specific consent of the applicant to remain in our database after this period of 2 years all personal data will be removed.
How do we secure your personal data?
Trust and responsibility are two important values of BrightWolves. Therefore, we take our responsibility and handle your privacy with great care. We do our utmost to comply with the applicable Belgian Data Protection law and its implementation measures, supervised by the Belgian Privacy Commission. In accordance with the law, we take appropriate organizational and technical measures (e.g. policies and procedures, IT security measures, etc.) to ensure that personal data are secured against accidental loss or unauthorized disclosure. We also make contractual arrangements with suppliers or partners who process your personal data or to whom we communicate your information.
Where do we transfer your personal data to? (third parties)
Your personal data is used internally and won’t be shared with third parties for commercial purposes, unless you gave explicit consent to do so. However, to guarantee an optimal experience, personal data might be shared with or disclosed to:
- Companies related to BrightWolves in order to support our internal administrative business processes.
- Professional advisors, service providers and suppliers, who are authorized to use personal data only as necessary to provide services to THoM (IT providers, HubSpot, Salesforce,…).
- Other third parties for purposes to which you have consented.
- Other entities within the Quanteus Group to which BrightWolves belongs (Quanteus Consulting, QuantIM, The House of Marketing, Upthrust, HighMind).
Whenever we share your personal data internally or with third parties in other countries, we ensure the necessary safeguards are in place to protect it. In case of transfer to a country outside the European Economic Area whose local regime is considered as inadequate by the European Commission, we rely amongst others on:
- EU Model clauses, which are standardised contractual clauses used in agreements with service providers to ensure personal data transferred outside of the European Economic Area complies with EU data protection law. We may provide you with a copy of these clauses upon request;
- Data transfer that are necessary for reasons of public interests;
- Your explicit consent;
- Privacy Shield framework that protects personal data transferred to the United States.
What are your rights to privacy and how can you exercise them?
We maintain a high level of transparency about data we use. You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:
- Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
- Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
- Object to the processing of your personal data: this right entitles you to request that we no longer process your personal data.
- Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
- Request the restriction of the processing of your personal data: this right entitles you to request that we only process your personal data in limited circumstances, including with your consent.
- Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to us, or request us to transmit such personal data to another data controller.
To the extent that the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time by either clicking the unsubscribe link you will find in our e-mail communication, or by addressing your request to email@example.com. Please note that this will not affect our right to process personal data obtained prior to the withdrawal of your consent, or its right to continue parts of the processing based on other legal bases than your consent.
When you wish to exercise any of your rights, you can contact us at firstname.lastname@example.org, this is your primary point of contact in relation to privacy matters. We may charge a fee for administrative costs if a request is manifestly unfounded or excessive, in particular because of the repetitive character. We will properly answer to your request within one month we received your request.
We will need to verify your identity in as much detail as possible, in case someone else tries to exercise your rights. You may therefore be asked to provide additional information to confirm your identity when making such a request.
How can you submit a complaint?
If you feel that the privacy statement isn’t respected as it is described, do not hesitate to contact us via email@example.com. We will be happy to look into it.
Should you not be satisfied with the way we have responded to your concerns you have the right to lodge a complaint with the supervisory authority (www.gegevensbeschermingsautoriteit.be).