2.1. Unicorn is the controller of, and therefore responsible for, personal data: (i) relating to you and/or (ii) regarding other data subjects provided by you or on your behalf (“Personal Data”).
(i) the Belgian Data Protection Act of December 8, 1992 on the protection of privacy in relation to the processing of personal data (as amended, modified and/or completed from time to time);
(ii) Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
(iii) all other applicable legislation regarding the protection of privacy and the processing of personal data.
(together or separately, the “Privacy Legislation”).
2.3. Unicorn has the following legal grounds for the processing of Personal Data:
(i) the contract you have entered into with Unicorn;
(ii) the free, specific, informed and unambiguous consent, from you or through you on behalf of the other data subject concerned, to process Personal Data. Such consent can be given by any means, such as, but not limited to mail, email, an online or offline consent form, a membership form or orally
(iii) a legal obligation; and/ or
(iv) a legitimate interest of Unicorn.
(i) execute its activities, as described in article 1.2 (including the performance of agreements entered into);
(ii) better understand the needs and preferences in order to adjust its services hereto;
(iii) answer any question one might have when contacting Unicorn;
(iv) acquire statistic data; and/or
(v) comply with applicable legislation.
(together or separately the “Purpose”).
4. Personal Data
4.1. Unicorn can request, collect and process all Personal Data that:
(i) can be useful for the Purpose, such as (first, middle, last) name, address, email address, phone number, IP address, job, company name, preferred language, resume, personal characteristics, information relating to continuous process of learning, answers on questionnaires, other information one provide us with;
(ii) is gathered during or in the light of one of Unicorn’s activities as set out in article 1.2 (e.g. training sessions, meetings, reports or the participation of the employee/consultant in a training, photos, results of tests and surveys, ...).
4.2. You guarantee that the Personal Data you have provided Unicorn with are complete and correct.
5. Transfer of Personal Data to third parties
5.1. Unicorn can rely on subcontractors to perform certain processing activities (e.g. hosting the Unicorn website, other ICT-purposes etc.). Unicorn enters into processing agreements with those third parties that can have access to your Personal Data.
5.2. Unicorn guarantees that it does not transfer Personal Data to other third parties, unless:
(i) there is a legal obligation to transfer Personal Data;
(ii) Unicorn has a legitimate interest to do so.
6. Your rights
6.1. The Privacy Legislation provides the data subjects with a number of rights regarding their Personal Data. Everybody has the right, free of charge:
(i) to have access to and receive a copy of his/her Personal Data;
(ii) to have his/her Personal Data corrected in case of errors;
(iii) to have his/her Personal Data erased in case:
a. Personal Data are no longer necessary to achieve the Purpose;
b. he/she withdraws his/her consent
c. he/she objects to the processing his/her Personal Data and there is no other legal ground for the processing of his/her Personal Data;
d. his/her Personal Data have been unlawfully processed;
e. there is a legal obligation to erase his/her Personal Data;
(iv) to have the processing of his/her Personal Data restricted;
(v) to request that his/her Personal Data are transferred to a third party;
(vi) to object against the processing of his/her Personal Data after the agreement with you has come to an end, in particular the processing for direct marketing purposes;
(vii) to withdraw his/her consent pursuant to which Unicorn is allowed to process Personal Data, after the agreement with you has come to an end;
(viii) to file a complaint with the Data protection agency in case you are of the opinion that the processing of its Personal Data is contrary to the Privacy Legislation.
6.2. In case you one want to exercise the above rights, he/she can send a written, dated and signed request, with proof of identity, by ordinary mail to Unicorn NV, Kolonel Begaultlaan 7b, 3012 Wilsele, Belgium or by email to Thomas Bossuyt (email@example.com). We will delete your data form the system. Please note that the Privacy Legislation may impose conditions on exercising any of the above rights.
7.1. Unicorn stores and used Personal Data for as long as it is necessary to achieve the Purpose and minimum during the term as provided for in the applicable legislation.
8. Storage and security
8.1. The Personal Data are stored by Unicorn, or, if applicable, by its ICT-provider located in the EU.
8.2. Unicorn commits to take (or have) all reasonable measures (taken) to its best ability to safeguard the protection of the Personal Data through technical safety measures and an appropriate safety policy from destruction, loss, modification or unauthorized processing.
8.3. You acknowledge and accept that the transfer and storage of Personal Data is never without risk and consequently, Unicorn cannot be held liable for the damages that you may suffer as a result of the unlawful use of your Personal Data by third parties, other than Unicorn.
9.1. Unicorn can solely be held liable for damages which directly result from the processing of Personal Data due to a fault or negligence of Unicorn. In any event, Unicorn cannot be held liable: (i) in circumstances of force majeure, (ii) for any indirect or consequential damage, and/or (iii) for damages that result from errors, faults or negligence by you or third parties, other than Unicorn’s processors.
11. Applicable law and competent court
11.1. You agree that all disputes between you and Unicorn regarding Personal Data and privacy issues, are exclusively subject to Belgian law, excluding any conflict-of-law principles.
11.2. Every dispute regarding Personal Data and privacy issues should be submitted to the exclusive jurisdiction of the courts of Antwerp, division Hasselt, Belgium, excluding any other court.
Contact details of the responsible Data Protection Authority:
Data Protection Authority (Autorité de protection des données)
Rue de la Presse 35
+32 (0)2 274 48 00