Jean Luc Van der Schueren took appropriate measures to be compliant with the General Data Protection Regulation (hereafter called ‘GDPR’) entered into force on 25 May 2018.
Current data privacy policy’s purpose is the protection of personal data, i.e. « any information related to a physical person, identified or who can be identified ».
As the business is exercised in person’s own name, the word ‘company’ used below refers to the activity exercised by Jean Luc Van der Schueren.
The current policy was communicated in writing to the 3 computer scientists intervening for the company, to the person regularly providing services to the company as well as to the spouse of Jean Luc Van der Schueren. They all acknowledge current personal data privacy protection policy in writing.
1. Data protection delegate
Being in charge of the company, Jean Luc Van der Schueren is also responsible for the data protection of the company. In this context, in line with the requirements of the GDPR, any objection and/or information request and/or change and deletion of data must be sent to him by the requestor for handling. He can be contacted by post sent to 14, rue de la Bourse – 1000 Brussels or by electronic mail sent to iapnsecret@compuserve.com.
2. Company data type, use and storage
Main data categories are :
• Accounting data (e.g. last name, first name, copy of electronic identity card data, company name, mailing address, VAT nr, bank details): these data are only used to issue commercial invoices and purchase slips. They are stored in the billing system (installed on only one computer) and in paper format, in accordance with the Belgian accounting and tax legislations and during the delays prescribed by such legislations. When commercial transactions are processed through a bank account, data linked to these bank accounts may be stored in the internet banking service of the company and appear on the bank statements of the company.
• Personal data received from information requests (e.g. last name, first name, e-mail address, fix and/or mobile phone number, personal list of coins): these data are stored on the computers of the company. They also may be saved in the cloud system put in place by Proximus. These data are provided by the requestors themselves, therefore agreeing with personalized information exchanges with the company. These information exchanges generally relate to sales’ proposals or answers to information requests. These data are only kept for the time needed to handle such request.
• Personal data received in the context of an expertise, data from intermediaries (e.g. notaries or lawyers), police forces or other public organizations: these data are stored on the computers of the company. They also may be saved in the cloud system put in place by Proximus. These data are provided by the requestors themselves, therefore agreeing with personalized information exchanges with the company.
• Data provided by the video images of the surveillance cameras of the shop located at 14 rue de la Bourse, 1000 Brussels, with cameras installed in accordance with the legal requirements in effect. As these cameras are visible and marked, persons entering the shop de facto agree with the use of the images in case of punishable act or act causing damage to the company or to one of the persons working for the company. They also agree with the use of these images at the request of police forces or any other public organization, in accordance with the legislation in effect.
Personal data collected by the company are not shared with any other company or physical person. However, at the possible request of tax, judicial or police authorities, these data may be communicated to them. In such a case data are under their own responsibility during all the holding period.
These personal data are stored at the company’s head office or at its place of business, both protected by an alarm system with monitoring and surveillance cameras.
The computers of the company are protected by classical security systems, regularly updated: firewall, anti-virus software, password ; access to these computers is restricted to Jean Luc Van der Schueren, the 3 computer scientists intervening for the company, to the person regularly providing services to the company as well as to the spouse of Jean Luc Van der Schueren.
The internet sites www.coins.be, www.monnaievanderschueren.be and www.muntenvanderschueren.be are secured and managed by the computer scientist specialized in this activity and the spouse of Jean Luc Van der Schueren.
3. Data leakage
Any data leakage will be managed by the data protection delegate.
He will decide whether the control authority or the concerned persons should be informed or not, in particular if he thinks that concerned persons could be financially harmed.
4. Control authority
Any litigation (national or international) related to the company has to be submitted to the Belgian control authority, currently the ‘Commission de Protection de la Vie Privée / Commissie voor de bescherming van de persoonlijke levenssfeer’, the company’s head office being located in Belgium.
Brussels, 24 May 2018