Login
Service Contact Lex4You
Login
Privacy Statement

Privacy Statement Securex EDPB

Statement on the protection of personal data

EDPB Securex attaches great importance to the protection of personal data and to your feedback. 

 

The data processed by Securex are treated with strict confidentiality in accordance with medical confidentiality and the provisions of Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, in short "GDPR". 

Purpose of the processing of personal data

As data controller, EDPB Securex undertakes, in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter ‘GDPR’), to process the personal data 

  • In order to perform the services of an external service for prevention and protection at work in execution of the contract with the affiliated employer
  • In order to organise and offer additional services like flu vaccination, medical check-ups, individual feedback… In these cases data subject’s consent is required for processing: persons concerned have to agree individually and voluntarily to receive the additional services 
  • After anonymisation of results 
    • for scientific and epidemiological research 
    • collective reporting and advices towards employers   
  • When the processing is necessary for compliance with a legal obligation incumbent on Securex  
  • In the case of data of the employer or his representatives or managers, for direct marketing, informative mailings, customer enquiries or other actions to improve services.

Legal bases for processing

The legal basis for the processing of personal data of employees of our affiliated employers is 

  • the statutory obligation incumbent on data controller EDPB Securex by virtue of the Law of 4 August 1996 on the welfare of workers at work and the welfare at work code. 
  • The present affiliation contract between an employer and Securex, which also constitutes a legal basis for the data processing.
  • The individual consent of persons concerned to agree to receive the offered services

The legal basis for the processing of personal data of representatives or contact persons of our affiliated employers is the legitimate interest of EDPB Securex with regard to 

  • Customer Contract and Relation Management : for business operations and the optimisation thereof  
  • Direct Marketing activities : in order to promote its services, including the services provided by the other Securex entities, to its clients.

Medical data: medical data processed by EDPB Securex are protected by professional secrecy.

Categories of people concerned

The categories of persons concerned are the employees of and/or all persons performing activities for the company contracted to EDPB Securex and/or its representatives. 

Categories of personal data processed

The categories of personal data processed are:

  • Social and administrative data relating to the person concerned and possibly their employer: e.g. surname, first name, date of birth, national registration number, name & address of employer
  • Contact details of the person concerned: address, telephone number, e-mail address, general practitioner
  • Occupational data: position, place of employment, data about the work post 
  • Health and/or medical data 
  • Exposure data when the person  is exposed to certain risks or agents
  • Specific data of a personal nature to promote the health and well-being of the employee: family history, sport, smoking, alcohol consumption 
  • If applicable, data concerning mental health and/or psychosocial well-being

Data retention period

In the absence of applicable regulatory provisions to the contrary, the health record is retained for at least fifteen years after the employee’s departure (Article I.4-89 - § 2 of the Welfare at Work Code).

Other personal data are retained for as long as required for the aforementioned purposes and in accordance with the applicable statutory provisions.

Data protection 

In accordance with the applicable legislation, EDPB Securex ensures an adequate level of protection for your personal data. The implemented measures include technical and organisational measures to protect personal data against accidental or unauthorised destruction, accidental loss, including against any modification of, access to or other unauthorised processing of your personal data. 

However, EPDB Securex wishes to point out that no security system can provide a cast-iron guarantee. Feel free to contact us if you have any questions in relation to the confidentiality and security of your personal data.  

Recipients of the data

EDPB Securex may occasionally pass on certain items of personal data to the supervisory authorities, our lawyers, our experts or the judicial authorities. In addition

  • Some of these data are communicated to our subcontractors who provide certain services in the strict context of a subcontracting agreement and for the sole purpose of providing EDPB Securex with technical assistance.
  • Nominative data and performed tasks or services can be communicated to the employer on specific request or in order to increase transparency in e.g. invoicing. Other personal or medical data will never be transferred to third parties, an employer of his/her personnel department.
  • Employers can receive a collective report with necessary advices. Therefore the concerned data is processed and stored anonymously and never made available to an employer or his/her personnel department.     

If the affiliated employer is also affiliated to other legal entities that form part of the economic entity Group Securex (hereinafter ‘other Securex entities’), EDPB Securex may pass on certain items of personal data to other Securex entities to ensure that our database is kept accurate. The full list of other Securex entities may be consulted at www.securex.be or obtained on request.

Data Transfer to third countries

EDPB Securex does not transfer personal data outside the EEA. In case that a data transfer to a non-EEA country should occur necessary, EDPB Securex will implement appropriate safeguards in accordance with data protection laws and will ensure that enforceable rights and effective legal remedies for data subjects are available.

Data subjects’ rights

Data subjects have the right to consult the data relating to them and, if necessary, to have their data rectified by sending a dated and signed request, with a copy of their identity card (front and back) and the name of the doctor providing treatment, by email to privacy.sep@securex.be or by post to Group Securex, Data Protection Officer, Tervurenlaan 43, 1040 Brussels. The data are then sent via the doctor. In the same manner and within the limits of the GDPR, data subjects are also entitled to object to their personal data being processed or to ask that any such processing is limited. Furthermore, they may ask to have their data erased or transferred. Further information may be obtained via the same address.

If the data subject believes that there has been a breach of the GDPR, they have the right to complain to the supervisory data authority. In Belgium, this is the Gegevensbeschermingsautoriteit / Autorité de protection des données, https://www.dataprotectionauthority.be/citizen 


On this page

    Cookies on Securex.be

    Our site uses cookies in order to function optimally and offer you the best possible surfing experience. This way we guarantee you a better site experience and service, personalized offers and relevant information that matches your interests. Would you like more information about the use of your data? Consult our online documentation:

    Cookies on Securex.be