Updated on 11 March 2021
1. Parties and subject matter
Center for Concrete Cummunication (hereinafter “Autisme Centraal” or the “Controller“)
Kerkstraat 108, 9050 Gentbrugge
CBE/VAT: BE 0465.294.449
Telephone: +32 9 279 84 45
The term “User” refers to any user, whether it involves a natural or legal person, that visits the Site or communicates with the Site in any manner.
In its capacity of Controller, Autisme Centraal determines all technical, legal and organisational means and the purposes of processing the personal data of the Users. Autisme Centraal undertakes to take all measures necessary to ensure that the processing of personal data is carried out in accordance with the Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data (hereinafter the “Law“) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (i.e. the General Data Protection Regulation or ‘GDPR’; hereinafter the “Regulation“).
Autisme Centraal is free to choose a natural or legal person that processes the personal data of the Users at its request and on its behalf (hereinafter the “Processor”) Where applicable, Autisme Centraal undertakes to select a Processor that provides sufficient guarantees regarding the technical and organisational measures for processing personal data, in accordance with the Law and the Regulation.
2. Processing of personal data
The use of the Site by the Users may lead to the collection of personal data. The processing of such data by Autisme Centraal, in its capacity of Controller or by service providers acting in the name and on behalf of Autisme Centraal, is performed in accordance with the Law and the Regulation.
Personal data are processed by Autisme Centraal for the purposes set out below, using the following methods:
3. Purpose of processing personal data
In accordance with article 13 of the Regulation, the purposes of the processing of personal data shall be communicated to the User. Those purposes are the following:
to ensure the performance of the services provided on the Site
4. Personal data that may be processeS
The User agrees that, during the visit and use of the Site, Autisme Centraal collects and processes the following personal data:
name, first name, adres, email address, telephone number
The User has the right to withdraw this consent at any time. The withdrawal of this consent shall not affect the lawfulness of the processing based on the prior consent.
6. Retention period of the personal data of the Users
In accordance with article 13(2) of the Regulation, the Controller shall retain the personal data only for the period reasonably necessary for the fulfilment of the purposes for which they are processed.
In any event, this period shall not exceed 12 months from the last customer contact.
7. Recipients of data and disclosure to third parties
Personal data may be transmitted to employees, co-workers, subcontractors, processors or suppliers of Autisme Centraal to the extent that adequate guarantees are offered for the protection of the data and to the extent that they cooperate with Autisme Centraal in the context of the marketing of the products or the provision of services. They act under the direct authority of Autisme Centraal and are responsible, in particular, for collecting, processing or subcontracting these data.
In the event that the data are disclosed to third parties for direct marketing or prospecting purposes, the User will be informed beforehand so that he or she can give his or her prior and express consent to this use of personal data.
8. Rights of the Users
The User may at any time exercise his or her rights by sending an email to the following address: www.autismecentraal.com, or by sending a letter by post to the following address, thereby attaching a copy of his or her identity card: Groot Begijnhof 85, 9040 Gent.
a. Right of access
In accordance with article 15 of the Regulation, Autisme Centraal guarantees the User’s right to access his or her personal data. The User has the right to access these personal data as well as the following information:
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed;
- in case the recipients are established in third countries or are international organisations, the appropriate or suitable safeguards;
- if possible, the proposed retention period for personal data or, if this is not possible, the criteria by which this period is determined;
- the existence of automated decision-making, including profiling, referred to in article 22(1) and (4) of the Regulation and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
The Controller may charge a reasonable fee taking into account the administrative costs of providing further copies requested by the User.
Where the User makes this request by electronic means (e.g. through the email address), and unless otherwise requested by the User, the information shall be provided in a commonly used electronic form.
Copies of the data shall be provided at the latest within one month of receipt of the User’s request.
b. Right to rectification
Autisme Centraal guarantees the right to rectification and erasure of personal data to the User.
In accordance with article 16 of the Regulation, incorrect, inaccurate or irrelevant data may be rectified or erased at any time. The User first makes the necessary changes himself or herself from his or her user account, unless these changes cannot be made independently, in which case the request can be directed to Autisme Centraal.
In accordance with article 19 of the Regulation, the Controller shall notify any rectification of personal data carried out to each recipient to whom the personal data have been disclosed, unless such rectification proves impossible or involves disproportionate effort. The Controller shall inform the data subject about those recipients if the data subject so requests.
c. Right to erasure
The User shall have the right to obtain the erasure of his or her personal data without undue delay wherever one of the grounds listed in article 17 of the Regulation applies.
Where the Controller has made the personal data public and is obliged pursuant to the previous paragraph to erase these personal data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers who are processing such personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The two preceding paragraphs shall not apply to the extent that such processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
- for the establishment, exercise or defence of legal claims.
In accordance with article 19 of the Regulation, the Controller shall notify any erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless such notification proves impossible or involves disproportionate effort. The Controller shall inform the data subject about those recipients if the data subject so requests.
d. Right to restriction of processing
The User shall have the right to obtain restriction of processing where one of the grounds listed in article 18 of the Regulation applies.
In accordance with article 19 of the Regulation, the Controller shall notify any restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless such notification proves impossible or involves disproportionate effort. The Controller shall inform the data subject about those recipients if the data subject so requests.
e. Right to data portability
In accordance with article 20 of the Regulation, Users shall have the right to receive their personal data in a structured, commonly used and machine-readable format from Autisme Centraal. Users shall have the right to transmit those data to another controller without hindrance from Autisme Centraal, in the cases listed in the Regulation.
In exercising his or her right to data portability pursuant to the previous paragraph, the User shall have the right to have personal data transmitted directly from one controller to another, where technically feasible.
The exercise of the right to data portability shall be without prejudice to the right to erase data. That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
The right to data portability shall not adversely affect the rights and freedoms of third parties.
f. Right to object and automated individual decision-making
The User shall have the right to object, on grounds relating to his or her particular situation, at any time to the processing of his/her personal data, including the automation of data by Autisme Centraal. In accordance with article 21 of the Regulation, Autisme Centraal shall no longer process the personal data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the User or for the establishment, exercise or defence of legal rights.
Where personal data are processed for prospecting purposes, the User shall have the right to object at any time to the processing of personal data concerning him or her for such prospecting purposes, which includes profiling to the extent that it is related to such prospecting.
Where the data subject objects to processing for prospecting purposes, the personal data shall no longer be processed for such purposes.
g. Right to lodge a complaint
The User shall have the right to lodge a complaint regarding the processing of his or her personal data by Autisme Centraal with the Data Protection Authority competent for the Belgian territory. More information can be found on the website: https://www.dataprotectionauthority.be/.
Complaints can be lodged at the following addresses:
Data Protection Authority
Drukpersstraat/Rue de la Presse 35, 1000 Brussels
Tel. + 32 2 274 48 00
Fax. + 32 2 274 48 35
The User can also bring an action for an injunction before the president of the court of first instance of his or her place of residence.
a. General principles
A “cookie” is a file that is temporarily or permanently placed on the User’s device when the latter consults the Site, for the purpose of a subsequent connection. Thanks to cookies, the server recognises the User’s device.
Cookies can also be installed by third parties with whom Autisme Centraal cooperates.
Some of the cookies used by Autisme Centraal are essential for the proper functioning of the Site, others are necessary to improve the User’s experience.
The User can customise or disable cookies.
By using the Site, the User expressly consents to the management of cookies as described in this article.
b. Types of cookies and purposes pursued
Different types of cookies are used by Autisme Centraal on the Site:
- Technical cookies: these are essential for the proper functioning of the Site, allow the data entered to be communicated and are intended to enhance the User’s navigation experience;
- Functional cookies: these cookies facilitate the use of the Site by remembering certain choices made (e.g. the user name or language);
c. Cookie retention period
Cookies are kept for the time necessary to fulfil the purpose pursued. The cookies that may be saved on the User’s hard drive and the corresponding retention periods are:
Functional cookies: only until the end of the session
d. Cookie management
If the User chooses to disable certain cookies, he/she accepts that the Site may not function optimally. Some parts of the Site may not work or only to a limited extent.
If the User wishes to manage and/or remove certain cookies in this way, he/she can do so via the following link(s):
For Users having as browser:
- Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
- Microsoft Edge: http://windows.microsoft.com/en-gb/windows-10/edge-privacy-faq
- Chrome: https://support.google.com/accounts/answer/61416?hl=fr
- Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
- Safari: https://support.apple.com/kb/ph21411?locale=fr_CA
10. Limitation of the Controller’s liability
The Site may contain links to other third-party websites that are not linked to Autisme Centraal. The content of these sites and compliance with the Regulation and the Law are not the responsibility of Autisme Centraal.
The person exercising parental authority over a minor under 16 years of age must give his or her express consent to the minor to disclose personal information or data through the Site. Autisme Centraal strongly recommends that persons exercising parental authority over minors promote responsible and secure use of the Internet. The Controller cannot be held liable for collecting and processing personal information and data of minors under 16 years of age whose consent is not effectively covered by the consent of their parents or legal guardians, nor for inaccurate data – particularly with regard to age – entered by minors. Under no circumstances will personal data be processed by the Controller if the User indicates that he or she is under 16 years of age.
Autisme Centraal shall not be responsible for the loss, damage or theft of personal data, in particular due to the presence of viruses or following computer attacks.
11. Safety and security
The Controller shall take appropriate technical and organisational measures to ensure an adequate level of protection for the processing and collection of data. These safety measures depend on the cost of implementation taking into account the nature, context and purposes of the processing of data.
The Controller uses encryption technologies that are standard within the IT sector when transferring or collecting data on the Site.
13. Governing law and competent court