Data Protection Notice

Personal data protection is important for Groupe Forrest International and its subsidiaries.  Technical and operational measures have been taken to ensure respect of the security of your personal data.

This Data Protection Notice provides you with detailed information about the protection of your personal data that has been established.

The GFI s.a. website does not collect any personal information and the information sent by your browser (also known as cookies) is used for statistical purposes only to improve your visitor experience of the website. In no case can it be used to identify you. You may however refuse to allow these cookies to be used by disabling them in your browser.

We are responsible in our capacity as controller for collecting and processing your personal data with respect to our activities.  The purpose of this Notice is to inform you of the types of data that we collect from you, the reasons we use and share such data, the retention periods, your rights in relation to the protection of privacy and how you can exercise them.

1. What personal data do we use ?

We collect and use the following data from you as part of our activities, including in our capacity as an employer:

  • Information relating to your identity (e.g. last name, first name, identity card and passport, residence permit, visa, nationality, date and place of birth, etc.)
  • Contact information (e.g. e-mail address, telephone number, driving licence, vehicle registration number, access badge number, Skype contact details, etc.)
  • Family situation (e.g. marital status, parents’ names, identity of the spouse, composition of the household, ICE designated person, disability, etc.)
  • Information relating to the absence of a criminal record
  • Information relating to your means of payment (e.g. credit card number, account number, etc.
  • Information relating to your education and your professional situation (e.g. level of education, curriculum vitae, photo, salary, etc.)

GFI performs no processing of so-called sensitive personal data.

 

2. Why and on what basis do we use your data :

  • Pour l’exécution d’un contrat avec vous ou la société que vous représentez ou pour prendre des mesures, à votre demande, avant de conclure un contrat
  • Pour respecter les obligations légales et règlementaires auxquelles nous sommes soumis, telles que :
    • Répondre à des demandes officielles émanant d’autorités publique ou judiciaire dûment habilitées
    • Répondre aux exigences des intermédiaires financiers avec lesquels nous travaillons principalement en matière de lutte contre le blanchiment d’argent et le financement du terrorisme
    • Respecter les règlementations en matière de droit social
    • Respecter nos obligations en matière d’identification de notre propre société à travers ses actionnaires, dirigeants et bénéficiaires ultimes
  • Parce que nous poursuivons un intérêt légitime
  • L’envoi d’informations Corporate sur les développements de GFI
  • L’envoi de communiqués de presse en rapport avec nos activités
  • Nous demandons votre consentement pour certains traitements spécifiques, par exemple :
    • Si nous devions réaliser des traitements ultérieurs pour une finalité autre que celles énoncées à la section 2.
    • Pour l’utilisation des photos ou signature digitalisée en notre possession
    • Pour le traitement consistant à obtenir des visas et organiser les voyages au seins du groupe

3. With whom do we share your personal data ?

In order to meet the above-mentioned purposes, we share your personal data with the following entities:

  • Our employees and consultants responsible for managing your contracts
  • Our service providers for the management of our staff (e.g. Partena)
  • Our financial partners with whom we have recurrent business relations
  • Certain regulated professions such as auditors, lawyers, etc.
  • Our partners in joint ventures for large contracts
  • Our local subsidiaries in Congo or Kenya or subsidiaries of the group
  • Our travel agent
  • The authorities such as embassies and consulates

4.Do we transfer personal data outside of the European Economic Area?

The transfer of your data to a country possibly outside of the EEA whose level of protection has not been recognised as adequate by the European Commission will only be made if the transfer is necessary for the performance of the contract (e.g. international payment) or if a mechanism guaranteeing the protection of your personal data has been established (e.g. for the intra-group transfer of binding Company rules)

2.We protect the confidentiality of your personal data

We only share personal data with subsidiaries of our group and with public authorities or financial partners which themselves are subject to strict confidentiality constraints.  The contracts concluded with our partners have undergone verification such that GFI can be assured that systems have been established in accordance with the Data Protection Regulation.

In addition,

  • we do not sell or exchange customer or staff member lists with anyone,
  • we have reduced internal access to the personal data that you have entrusted to us, to the persons required to process your data (need to know) and to the performance of your contract.
  • We have an internal policy that recalls the confidentiality of the data and the exclusively professional use that must be made of them.
  • We take the appropriate measures to restrict access to the data through a user name and password

6. How long do we keep your personal data ?

The retention period is the duration of your contract (or of the contract concluded by your company) to which is added the legal time limit for making claims pursuant to this contract, unless legal and regulatory exemptions require a longer or shorter period.  Once this period has expired, your data are erased from our systems.

7. What are your rights and how can you exercise them ?

In accordance with the applicable rules, you have the following rights:

  • Right of access: you can obtain information about the processing of your personal data, and a copy of these data
  • Right of rectification: when you consider that your personal data are inaccurate or incomplete, you can request that these data are modified accordingly
  • Right of erasure: you can request the erasure of your data, limited to what the law allows.
  • Right of withdrawal of your consent: when you have given your consent for processing your personal data, you have the right to withdraw your consent at any time

The other rights mentioned in the GDPR (limitation, objection, portability) do not apply to the data collected by GFI.

If you wish to exercise any of these rights, please send your postal mail to the following address:

Groupe Forest international s.a.

Data Protection Service

Avenue Pasteur 9

1300 Wavre

Belgium

Or your e-mail to the address

privacy@forrestgroup.com

Please always include a photocopy/scan of your identity document so that we can identify you as the person actually making the request.

  • In accordance with the applicable rules, in addition to the above-mentioned rights, you may also make an information request, a request or a complaint to the Data Protection Authority (DPA) in Belgium.

8. How can you follow the changes applied to this Data Protection Notice ?

Within a context of constant technological change, we may amend this Data Protection Notice.

Please check the latest online version of this Notice and we will inform you of the changes through our website.

9. How to contact us ?

If you have the slightest question about the use of your personal data, you may contact the data protection service

Forrest Group. International

DPO Service

9, avenue Pasteur

1300 Wavre

Or

privacy@forrestgroup.com