Privacy policy

 

GPS takes your rights concerning data processing seriously. In this statement, GPS explains how your personal data are collected, processed and used. This statement thus constitutes the general policy of GPS in the field of data processing.

The responsible for the processing is GPS nv, Oosterring 9, 3600 Genk.

If you have any questions regarding this statement or policy, you can always contact our Data Protection Officer. If these questions go beyond a general request for information, you need to identify yourself. Thus, GPS is sure the requested information and data is provided to the right person.

Then you will find a comprehensive overview of how GPS collects, processes and uses your data.

This privacy policy was last updated on 11 December 2020.

 


 

Table of content

  • Data processing customers
  • Data processing users Emprova applications

 


 

Data processing customers

 

1. When will the collection and processing take place?

Are you a customer or a prospect? Then GPS collects your data when you:

  • connect with us via contract;
  • call on our helpdesk;
  • subscribe to our newsletter;
  • fill in a contact form;
  • download a brochure from our website;
  • contact us in a different way.

Are you a supplier? Then GPS collects your data when you:

  • connect with us via contract.

GPS collects this data both via paper and via digital forms and documents.

Finally, the GPS website (www.gps-time.be) uses cookies. More information can be found in the cookie policy.

 

2. Which data is it?

Data required by GPS for the execution of the services for which you rely on GPS. These data are:

  • your name;
  • your email address;
  • a telephone and mobile phone number;
  • your function;
  • the company name;
  • the address of the company;
  • the phone number of the company;
  • the VAT number;
  • bank details (only if you are a supplier).

In order to collect this data, GPS calls on your cooperation or one of your colleagues who is authorised to provide us with this data.

 

3. For what purposes your data will be collected and processed?

GPS processes the collected data in the context of customer management (the provision of services or products, thus the implementation of the contract that connects GPS with you), direct marketing (to inform you about the services and events), supplier management, accounting and public relations.

As far as the website is concerned, GPS adapts the content and ease of use as much as possible to you as a user. In addition, GPS processes your data to fulfil the obligations arising from the provision of an online customer portal and its content.

 

4. What are the principles for the processing of data?

In principle, GPS collects and processes your data based on the contractual relationship that GPS has with you because of your or our assignment.

Where processing is not necessary to carry out the contractual relationship, such as in direct marketing, it is based on our legitimate interests as a company, in particular the freedom of enterprise and information. In doing so, GPS always ensures that there is a balance between our and your interests, for example by granting you a right of objection.

 

5. Are the data communicated to third parties?

Your personal data are mainly processed internally in the context of customer management and accounting. For certain punctual services or assignments, they can be passed on to subcontractors to which GPS relies. Always under the control of GPS.

In the context of references, we publish company names and logos of our customers on our website, offers, brochures and other on/offline communications. You will always be contacted by an account manager or the marketing department prior to publication.

In exceptional cases, GPS may be required to pass on your details. This is especially the case when we are legally obliged to do so or government bodies have the right to request data from us.

In principle, your data will not be passed on to third countries or international organizations.

 

6. What rights do you have?

If GPS processes your data for the purposes of direct marketing, you may at any time, object to this. To this end, it is sufficient to contact our marketing department.

You can always look into your data that GPS processes, and have it corrected or erased if necessary. To this end, it is sufficient to request this from our Data Protection Officer. GPS only requires proof of your identity to prevent your data from being communicated to someone who is not entitled to it.

If you do not agree with the way in which GPS processes your data, you can always submit a complaint to the Data Protection Authority, Rue de la Presse 35, 1000 Brussels.

 

7. Changes

GPS reserves the right to change this statement and / or this policy. Changes will be communicated to all users via our website.

 


 

Data processing users Emprova applications

 

1. To which services does this privacy policy apply?

The scope

This Privacy Policy applies to the Emprova-Mobile (iOS/Android) and Emprova-Self Service applications, as well as the administrator tool, Emprova-Suite.

As data controller

The data controller is GPS NV, Oosterring 9, 3600 Genk, Belgium and as such is responsible for collecting, using, disclosing, storing and protecting your personal data in accordance with our privacy standards, this privacy policy and all applicable national laws.

Out of scope

The personal information we process for your employer as a customer of GPS, in relation to the HR, Time & Attendance and Planning services we provide is regulated in a separate Data Processing Agreement that we have concluded with your employer. The Data Processing Agreement is an integral part of the service agreement with your employer and guarantees you that we will only collect and process your personal information as instructed by our customer (your employer).

Please contact your employer’s human resources department if you have any questions about the personal information your employer provides to us as part of the HR, Time & Attendance and Planning services we provide or your privacy rights as an employee.

 

2. What information do we collect from you?

Information you or your employer give us

Your employer can provide us with the basic information needed to create an Emprova login on our management system, including:

  • First and last name
  • E-mail address
  • Security profile, which we use to determine which applications and data you can access
  • Login name
  • Login password

 

Information we collect automatically

Behavioural information and security logs

If you provide us with your personal information, we will be able to track your interactions with the Emprova-Self Service website and the Emprova-Mobile application. These logs contain the actions in the application or on the website, the windows you call up and the actions you take.

We register user activity to detect unauthorised or malicious behaviour, such as logging in and out, resetting passwords or changing access rights.

These logs are kept for a certain time, this time is determined and adjustable by our client (your employer).

The logs are only consulted in the context of, and at the request of, the service agreement with your employer.

Cookies

In the Emprova-Self Service we also use ‘cookies’ (small text files sent by your computer each time you visit our website) to collect or store data. When we use cookies, we use either session cookies (which last until you close your browser) or persistent cookies (which last until you or your browser deletes them). For example, we use cookies to store your language preferences or other settings so you don’t have to set them every time you visit our Emprova-Self Service website.

Device information

We collect information about the device you use when using our Emprova-Mobile application, such as the type of device, operating system, version. This information helps us secure your Emprova Mobile experience, provide the best support in the event of problems and support the most operating systems.

Geolocation

We can retrieve the real-time geolocation or the non-active geolocation when using certain functions. This can be set as an option by our customer and will only be consulted by GPS in the context of, and at the request of, the service agreement with your employer. Permission for this will also be requested the first time.

Device storage space

If the option to upload certificates has been used, the read application requires access to the local storage space of the device. Permission for this will also be requested the first time.

Camera

If the option to upload certificates, adjust the profile picture or scan QR codes has been used, access to the camera is required at that time. Permission for this will also be requested the first time.

 

3. How do we use this information?

We use your personal information for a variety of business purposes and according to different legal grounds for processing, including to fulfill the contract with your employer, to fulfill our legal obligations, to pursue our legitimate interests while balancing the interests of GPS and your rights by taking appropriate measures or based on your consent.

If we wish to process your personal data for a purpose other than that for which it was initially collected, we will always ask for your explicit consent in advance.

 

To provide access to Emprova-mobile application and to keep our Emprova-Self Service and our online services secure and operational.

We use your personal information to give you access to the portals and applications for which you are authorised. We take the necessary measures to properly protect this type of information.

 

For the specific purpose for which you have given them to us.

If you use a login and password in our application or on our website, we will use this information to retrieve your data and to display or process the requested data according to the actions carried out there.

E-mail address

Your email address will be used to notify you of any changes to your account regarding a password change request. In addition, you will also receive e-mails during certain actions within the application and/or website (such as leave requests, calendar overviews, etc.).

Device information

We collect information about the device you use when using our Emprova-Mobile application, such as the type of device, operating system, version. This information helps us secure your Emprova Mobile experience, provide the best support in the event of problems and support the most operating systems.

Geolocation

Within Emprova there is the option to log the geolocation during registration. This information can then be requested by the authorised persons if desired. The activation of the geolocation depends on the customer. Please contact your employer’s personnel department if you have any questions about whether this geolocation is in use. Permission will also be requested for this at the first use.

Camera and local device storage

If the option to upload certificates, adjust the profile picture or scan QR codes has been used, this access is necessary. Permission will also be requested for this at the first use.

 

To personalize your experience on our Emprova-Self Service website.

We use your personal information to personalise our website and application based on your usage and preferences so that you have a good experience.

 

4. How can you access, manage and delete your personal data?

Wij respecteren jouw recht om toegang te hebben tot jouw persoonlijke informatie, ze te corrigeren of te verwijderen en om ons gebruik van jouw persoonlijke informatie zoals vereist door het toepasselijk recht te beperken:

  • Je hebt het recht om te weten welke persoonlijke informatie wij of de personeelsdienst bewaren.
  • Je kunt ons via de personeelsdienst vragen om jouw gegevens bij te werken als jouw persoonlijke informatie onvolledig of onjuist is.
  • Je kunt vragen om jouw persoonlijke informatie te verwijderen of het gebruik ervan te beperken.
  • Je kunt je verzetten tegen de verwerking van jouw persoonlijke informatie.

Als je over een gebruikersaccount beschikt, heb je toegang tot bepaalde contact- en voorkeurgegevens die je zelf kunt wijzigen via “Mijn instellingen” in de Emprova-Self Service en de applicatie Emprova-Mobile.

Om toegang te hebben tot andere soorten informatie, ze te controleren of te verwijderen, neem je contact op met de personeelsdienst, zij kunnen dan eventueel een incident loggen bij GPS om verdere assistentie te verkrijgen.

 

5. How long do we storage your personal data?

We will retain your information as long as it is relevant to our operational activities or for other essential purposes such as fulfilling our legal and contractual obligations, resolving disputes and enforcing our policies. This also applies to anyone with whom we share your information and provide services on our behalf.

The following criteria may influence the effective storage periods:

  • How long do we need the personal information to provide our online services? This includes maintaining and improving the performance of our products, keeping our systems secure and maintaining proper business records.
  • Are we required to store your personal information for legal, contractual or similar reasons? Examples include mandatory data retention laws, government orders to retain data relevant to an investigation.

When we no longer need to keep your personal information, we will delete it from our systems or depersonalise it so that we cannot identify you.

 

6. With whom do we share your personal information?

We may disclose your personal information to third parties with whom we work. This is as per the customer’s choice of cloud hosting solution.

We only share information with third parties (processors) whom we engage to process information on our behalf based on our instructions and in accordance with applicable law and this privacy policy. When we share your personal information, we seek to limit the amount of personal information we share as much as possible to what is directly relevant and necessary to achieve the specified purpos.

Without your consent we will never sell or share your information with third parties for their marketing and advertising purposes.

We may share information, in consultation with the customer, if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request:

  • to law enforcement agencies, government agencies or authorised third parties in response to a verified request or legal process related to a criminal investigation or alleged or suspected illegal activity or other activity that could result in the legal liability of us, you or any of our other users;
  • to third parties involved in legal proceedings if they give us a subpoena, court order or substantially similar legal basis, or we otherwise in good faith believe that disclosure of information is necessary to avoid imminent physical harm or financial loss or to report a suspected illegal activity.

 

7. How do we protect your information?

This depends on the solution chosen by our customer.

If local hosting of the Emprova software is chosen, part of the protection will be covered by the customer’s security policy.

If our cloud application has been chosen, we are committed to keeping your data safe and secure. We have an information security programme with administrative, technical and physical security measures in place that we implement and continually update to help protect your personal information from unauthorised access, loss, destruction or alteration. This includes measures such as firewalls and data encryption, physical security and access control.

You should also take steps to protect your personal information online. Choose a strong password and do not use the same password you use for other sites. Do not share your password with anyone. GPS will never ask for your password in an unsolicited phone call or in an unsolicited email.

Also remember to log out of the website and close your browser window as soon as you have finished your work.

 

8. Changes to this privacy policy

GPS reserves the right to modify this privacy policy from time to time. If we make changes to this privacy policy, we will post the revised policy on our website and in our applications and update the ‘Last Updated’ date at the top of this privacy policy.

 

9. Intervention of the supervisory authority

You have the right to complain to the relevant supervisory authority if you believe that we have not complied with the data protection laws. For GPS NV, please contact the Belgian Data Protection Authority, Drukpersstraat 35, 1000 Brussels, + 32 2 274 48 00 contact@apd-gba.be – www.gegevensbeschermingsautoriteit.be.

 

10. Our contact details

If you have any questions or complaints about this privacy policy or subject, please contact us at dpo@gps-time.be. If you are a customer and have privacy related questions, please contact your GPS contact or dpo@gps-time.be.