This privacy statement governs the processing of your personal data by the controller: Delta Healthcare Consulting: Delta Clinical Plc (bv), Antwerpsesteenweg 45, 2830 Willebroek, VAT: BE0548.986.049.
(Hereinafter Delta Clinical)
With this Privacy Statement, Delta Clinical wishes to inform you about the information collected about you, the purposes for which we may use that information and how that information may be corrected or amended.
This statement was made in implementation of:
- The Act of 8 December 1992 on the protection of privacy in relation to the processing of personal data, and its implementing decrees (hereinafter: the “Privacy Act”) and its implementing decrees, in particular the Royal Decree of 13 February 2001 implementing the Privacy Act.
- The General Data Protection Regulation EU No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data which becomes applicable on 25 May 2018, and its implementing laws and decrees.
Should there be any questions after reading this statement, you can always contact our DPO (Data Protection Officer) the following e-mail address: DPO@deltaclinical.be.
Article 1. GENERAL
1.2. Article 4 of the GDPR defines “personal data” as follows: any information relating to an identified or identifiable natural person (“the data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements characterizing the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” So this is NOT business data!!!
1.3. Article 4 also specifies in addition that “processing of personal data” means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
Article 2. PERSONAL DATA
2.1 Delta Clinical processes the following personal data about you:
- Name, address, telephone number and/or mobile phone number and email address,
These data have come to us by:
- providing them to us during or prior to a personal interview;
- registering and logging on to our website: https://www.deltaclinical.be/;
- placing an order via the aforementioned website;
- subscribing to our newsletter;
- entering a competition via the aforementioned website or newsletter;
- participating in a clinical trial.
- IP address
This data came to us by:
- visiting our website: https://www.deltaclinical.be/.
- National register number; health data; genetic data; biometric data; data related to healthcare.
This data came to us:
- In the context of clinical studies
- Financial information: bank account number, BIC code, name of account holder, …;
This data came to us by:
- placing an order via the website.
Article 3. PURPOSE
3.1 Delta Clinical uses the data collected for the purpose of getting or staying in contact with you regarding services and/or goods to be provided, the follow-up of services and/or goods provided or to answer all your questions. This is a pre-contractual or contractual relationship.
3.2 Specifically, Delta Clinical processes your data with the following purposes in mind:
- provision of services: we use data to ensure transactions run smoothly and to deliver our services to you;
- customer support: we use data to provide support services, such as assistance with registration, cancellation, request for additional information,… ;
- business operations: we use data for our customer records, to develop overarching analytics and Business Intelligence that enable us to operate, protect ourselves and others, make informed decisions and report on the performance of our business;
- conducting clinical studies.
Should we exceptionally receive other personal data from you privately, we will only use it for one well-defined purpose and will only keep this data temporarily.
Article 4. MARKETING OBJECTIVES
4.1 CLICK BEHAVIOUR AND VISITOR DATA
General visit data is kept on our company’s website. In this context, in particular the IP address of your computer, any username, the time of request and data sent by a visitor’s browser may be recorded and used for statistical analyses of visiting and clicking behavior on the website. We also use this data to optimize the functioning of the website. We try to make this data as anonymous as possible. These data are never provided to third parties.
4.2 GOOGLE ANALYTICS
Google uses this information to track how our website is used, to provide reports on the website to us and to provide its advertisers with information on the effectiveness of their campaigns. Google may provide this information to third parties if Google is legally required to do so, or insofar as these third parties process the information on Google’s behalf. We have no influence on this. We have not allowed Google to use the analytics information obtained for other Google services.
We offer a newsletter through which we want to inform interested parties about news, our services and related matters. Your e-mail address is added to the list of subscribers only with your explicit consent. Each newsletter contains a link allowing you to unsubscribe. The newsletter subscriber file will not be provided to third parties.
Our website includes buttons to promote or share pages on the social network LinkedIn. These buttons are realised by code provided by the social media channels themselves. Among other things, this code sets a cookie.
Please read LinkedIn’s privacy statement (which may change regularly) to see what they do with your personal data that they process with this code.
4.5. CONTACT FORM
On our website you can ask us questions via a contact form whereby you will share with us certain data such as your name and email address.
For more information, please consult our Cookie Statement.
Article 5. STORAGE
We will keep your data for as long as you use our internet application and for as long as we need your personal data to provide you with a particular service or product.
- Commercial books: 7 years in original or electronic form with the retention period starting from 1 January of the year following the close of the financial year. Here we follow Article III.86 Code of Economic Law and Article 9 of the R.D. of 12/09/1983 implementing the law of 17/07/1975 on our company’s bookkeeping.
- Justifying documents: 7 years in original or electronic form with the retention period starting from the closing of the financial year. Here we follow Article II.86 Code of Economic Law.
- Documents that do not serve as evidence vis-à-vis third parties: 3 years in original or copy where again Article III.86 of the Code of Economic Law applies.
- Data on clinical studies are kept for at least 25 years after the completion of the study. This is stipulated in Article 58 of EU Regulation 536/2014 for drug research, also known as the Clinical Trial Regulation (CTR). The CCMO considers it acceptable to apply this retention period in advance of this regulation becoming applicable.
Article 6. SECURITY
For this processing, we take appropriate technical and organizational measures to protect your data in the best possible way taking into account the nature of the data and the associated risks. We do not store any special personal data and have the following measures in place for the security of your data:
- The computers on which data is processed are secured by default with a username and a complex password.
- All computers are equipped with a Small Office Security solution, which is naturally kept up-to-date and automatically performs several scans. All Windows installations are automatically updated. The installation is checked at least once a month and manually started if necessary.
- The data is stored on a part of the disk set up as a “data vault.” This is encrypted and only accessible after starting the computers + Windows login + opening a password safe.
- To avoid data loss if the computers are lost, we make daily backups to an encrypted cloud environment.
- All passwords are managed and stored in the cloud environment.
- Our employees are fully informed about the safe handling of your personal data and are bound to confidentiality by their employment contract.
- No data is kept on paper given the possibility of online registration and cannot be accessed by unauthorized persons.
Experience shows that no risk is completely avoided, and should we become aware of unauthorized access to our IT systems or unlawful modification, damage or possible loss of your data, we will immediately take all necessary measures to minimize this risk and avoid it in the future. This will also minimize any potential damage to you.
Article 7. TRANSFER
We transfer your data to the following parties for the purposes listed below:
- The accountant to comply with our legal accounting requirements;
- For employees: The social secretariat for the purpose of salary calculation;
- The supplier of this application for the purpose of ensuring the security and operation of this internet application;
- We also share data when required by law or to respond to legal proceedings; to protect our clients; to protect lives; and to protect the rights of Delta Healthcare Consulting.
- To clients potentially located outside the EEA in strictly pseudonymized form which separates identifying information such as name and address from the results.
This is only your general personal data and will not be passed on to organizations and or individuals for marketing purposes.
For other parties, we will only do so with your explicit consent or on your behalf.
We conclude processing agreements with the parties mentioned above which stipulate that they must also comply with GDPR guidelines.
At all times, we will ensure that your personal data will NOT be stored outside the EEA without a solid guarantee from any parties concerned that they too fully comply with GDPR legislation.
Article 8. YOUR RIGHTS
The following is a list of your rights regarding the processing of your personal data, whether they are/are applicable and how you can assert them:
- Inspection: You have the right to request access to see what data we hold about you and should there be any errors or omissions, request rectification, completion and even deletion. Art. 12-13-14 GDPR
- Right to rectification: You have the right to amend your personal data. Art. 15 GDPR
- Attention: If you request deletion, this can only be carried out provided we no longer need your data for reasons other than those cited in our purpose description point 3. Think in particular of tax and social legislation.
- Transferability: If you wish to change service providers, we will transfer your personal data to the new organisation in a digitally readable standard format. Art. 19 GDPR
- Objection to automated decision-making and profiling: As we do not carry this out, this is also not applicable.
- Objection to data processing: This only applies if your data is used for direct marketing but as we do not carry this out either, this is therefore not applicable.
- Right to transparency: You will be informed about the content of this privacy statement via this link, as an attachment to every electronic contact and visibly posted in our offices.
On simple request, a copy can be sent to you. If you wish to assert one or more of these rights, please request this in writing with proof of your double Opt-In verification by e-mail and we will respond within 30 days.
Article 9. COMPLAINTS
Should you disagree with the way we handle your personal data, respect your rights or this privacy statement, please let us know first so we can respond appropriately.
You can always lodge a complaint with the Data Protection Authority = GBA (the old Privacy Commission) at www.gegevensbeschermingsautoriteit.be at 1000 Brussels, Rue du Printing Press 35 or by mail to firstname.lastname@example.org or by phone at 02/274.48.00.
Article 10. VARIA
This privacy statement comes into force on the 4th of May 2023.
We reserve the right to modify this privacy statement at any time.