This notice explains how, as a data controller, the Cyber Security Coalition ASBL with registered office at Stuiversstraat 8 Rue des Sols, 1000 Brussels processes personal data about you.
2. Information we collect and process
- Identification data: your IP address;
- Data relating to security: security logs, connection and activity logs, and the user agent of your web browser;
- When you allow us, by accepting cookies, we also collect data relating to your use of the website such as the pages you consulted or if you already visited our website in the past.
This information is used to fulfil our contract of providing you access to our website; and for our legitimate interests in ensuring the security of our website, to improve your browser experience and to gather anonymous statistics regarding the quality of our website.
You may also provide us with personal data about you by completing one of the online forms present on our websites; this data will only be used to handle your requests and respond to you.
When you register for and attend one of our webinars or events, we collect the following personal data about you:
- Identification data: your name, your first name, your function, email address, phone number and IP address.
- Data relating to your company or organization: its name and VAT number.
- Data relating to security: security logs, connection and activity logs, and the user agent of your web browser.
- The questions you may send during the webinar.
The data you provide in this context will be processed with your consent for the following purposes:
- Monitoring your registration and any comments or complaints you may have in this context.
- General customer management, including accounting, handling of disputes and legal proceedings, recovery or transfer of claims and protection of our rights in general.
- For certain events, participants are provided with a simplified list of participants, including surname, first name and the organization to which they belong.
- To inform you about our other activities and events.
When you subscribe to our newsletter, we collect your name and professional email with your consent in order to send you, our publications. Your device and usage information are also collected when you read the newsletters.
If you wish to apply for one of our awards, we will collect information regarding your identity, the company or organization you are working for and your achievement, in line with the criteria for the award you are applying to. We may also collect your name and contact information from people who wish to recommend you for one of our awards; in such case you will be contacted to confirm that you agree to be a candidate. Otherwise, your personal data will be deleted.
The data processing and processes at Cyber Security Coalition are completely manual and your data are therefore not used in automatic decision-making processes.
3. Disclosure and transfer of personal data
Personal data will not be disclosed and/or sold to a third party.
In exceptional cases, your personal data may be shared with third parties. These cases may include:
- Competent authorities or bodies established by law in the context of legal and regulatory obligations.
- Subcontractors for activities related to the Cyber Security Coalition’s activities.
- The following third party processors, located in the European Economic Area, who will only process your personal data on our instructions and who are subject to appropriate confidentiality clauses:
- Microsoft, who provides us with our email, webinar and document hosting platforms;
- InviteDesk, an event platform used for registration to our events and related communication;
- MailJet, an ISO 27001 certified and GDPR-compliant online email marketing platform;
- Profacts, a market research agency, for member experience research;
- WeAreTheWords, a digital publishing agency supporting us in our communication and content marketing.
When you watch videos on our website, your personal data may be collected by YouTube, an independent controller, located in Ireland.
4. Data security and retention
Your personal data is and will be kept strictly confidential.
We take all necessary steps to protect your personal data. This includes setting up procedures to minimise the unauthorised access to, or disclosure of your personal data. We ensure that the third parties we share your personal data with also have adequate security measures in place.
We do not retain your personal data no longer than strictly necessary for the realization of the purposes for which we received the data, or for the execution of a contract or for fulfilling a legal obligation. The retention periods differ with regards to the type of processing activity and the purpose for which the personal data were collected.
Member’s information will be kept until the end of your relations with the Cyber Security Coalition (e.g., until you are no longer employed by a Coalition member, or are no longer a contractual partner of the Coalition or if you unsubscribe from our newsletters), barring the statutory retention period (e.g., the statutory limitation period).
Data collected when you apply to one of our awards will be kept for 12 months. If you are selected as part of the 10 finalists of a specific award, we may keep your information longer to ensure the promotion of the award.
5. Your rights
You have the right to ask us for a copy of your personal data, to ask us to correct, delete or restrict (stop any active) processing of your personal data and to obtain the personal data you provided us in a structured, machine-readable format. In addition, you can object to the processing of your personal data in some circumstances (when we do not have to process your personal data to meet a contractual or other legal requirement).
Where we have asked for your consent, you may withdraw this consent at any time; however, this will not affect processing that has already taken place before the withdrawal. You may withdraw your consent by deleting the cookies linked to our domain.
You may exercise the above-mentioned rights by contacting us as described in the “Contact us” section below.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information that we are required to keep by law or that we have a compelling legitimate interest to keep.
If you have unresolved concerns, you have the right to complain to the Data Protection Authority: dataprotectionauthority.be.
6. Contact us
If you have any questions about this Privacy Notice or wish to contact us for any reasons in relation to the processing of your personal data, please contact the responsible officer at the Cyber Security Coalition, by sending an email to email@example.com, or by sending a dated and signed request to Cyber Security Coalition ASBL, August Reyerslaan 80, 1030 Brussels, Belgium.
8. Updates to this Privacy Notice
We reserve the right to modify this notice at any time, but will in any case do so in accordance with the applicable laws and regulations. We will inform you by email, when possible, of any substantial changes to this notice.
This notice was last modified and revised on May 25th, 2023.