DQS Belgium Drukpersstraat 4, 1000 Brussel 02 540 24 00 email@example.com
Managing Director: Ms. Annemie Valkeneers
VAT No. BE0833.741.625
1. Collection, processing and use of personal data on request
The use of our website is generally possible without providing personal data. You are neither obliged to visit this website nor to provide any personal data. If you do not provide us with personal information, you may not be able to use certain functionalities of this website. Otherwise there will be no consequences for you. As far as personal information (such as name, address or e-mail addresses) is collected on our site, this is done on a voluntary basis, except in the cases expressly described below. This data will not be passed on to third parties without your express consent. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security risks. A complete protection of data against access by third parties is not possible.
If the processing of your personal data is based on your consent, you have the right to revoke your consent at any time with the consequence that the processing of your personal data will become inadmissible for the future. However, this does not affect the legality of the processing carried out on the basis of the consent until revocation.
2. Data processing to enable the use of the website
When you visit our website, we collect the necessary information to enable you to use it. This includes your IP address and data about the start, end and subject of your use of the website as well as any identification data (e.g. your login data when you log into a secure area). This data is used to provide and design the service according to requirements. They are always deleted as soon as they are no longer required and there are no storage obligations.
4. Legal basis for processing
The legal basis for processing depends on the purpose for which the data are processed. We collect data for pseudonymized user profiles to improve the website on the basis of the applicable data protection law for media.
5. Transmission to third parties and in countries outside the EU
Your personal data will only be transmitted to third parties, if this is legally permitted or if you have given your prior consent. For example, we may transfer data to other companies of the DQS group, if this is necessary to respond to a request you have made. We will only disclose your data to government authorities within the framework of legal obligations or as a result of an official order or court decision. A transfer to recipients outside the EU only takes place if it is ensured that the recipient of the data guarantees an adequate level of data protection and that there are no other interests worthy of protection against the data transfer. Should you have any questions in this regard, please contact our data protection officer (see Section 10).
6. When registering for MyDQS
Under the domain https://www.mydqs.com DQS Group (DQS GmbH, DQS Holding GmbH, DQS CFS GmbH, DQS Medizinprodukte GmbH and its license partners) as joint controllers (according to Article 26 of the GDPR) offer our customers the possibility to register for a password protected portal (hereinafter referred to as MyDQS) where certificates, order confirmations, reports and other relevant documents can be provided by us and accessed by you.
If you request your DQS contact person to register you for MyDQS, they will create a login for you, based on your contact-data (name, e-mail address) and your organization’s DQS-file number. Your name is required in order to know who the request comes from. We need your e-mail address to send you an e-mail with a link for your initial registration.
To complete the registration process, you will need to provide additional mandatory information about your company. If you have voluntarily given us your telephone number to be contacted by phone, this number will also be transferred to the account. After your first registration, you have to set a password of your own choice. Together with your e-mail address, this enables access to your account.
If permissions are granted, you can add and activate additional members from within your organization. In order to create a login, you will have to provide
- First and last name
- E-mail address and
- Professional contact details
of the person you’d like to register. The newly created user will receive an activation link with which the login can be activated as described above. The link is valid for 24 hours. If the account is not activated by the member of your organization, the details provided by you will be deleted automatically after 48 hours. The organization's administrator can delete additional accounts at any time within the portal itself.
The legal basis for the processing is consent as well as a necessary requirement to perform our contract we have with you.
If you wish to deactivate your organization's account as a whole, you can request deletion from DQS by e-mail at any time. The personal data processes by us within the context of MyDQS will then automatically be deleted after all contractual matters have been settled, unless you have consented to additional storage (in particular company details and user accounts) or DQS has a GDPR or legal storage obligation preventing deletion.
You can, in principle, exercise your data subject rights towards any member of the DQS Group. Internally responsible, however, is first and foremost DQS GmbH. Contact details are firstname.lastname@example.org.
The data collected by Google Analytics in the form of pseudonymous user profiles will be deleted no later than 38 months after the last new entry in the respective user profile. In all other respects we delete your personal data as soon as they are no longer needed for the purposes pursued with the collection and processing and as far as no legal storage obligations stand in the way.
8. Data security
DQS has taken the necessary technical and organizational measures to protect the personal data you provide from loss, destruction, manipulation and unauthorized access. Our employees and all persons involved in data processing are obliged to comply with data protection laws and to treat personal data confidentially. Our employees are trained accordingly. Both internal and external tests ensure compliance with all data protection relevant processes at DQS.
To protect the personal data of our users, we use a secure online transmission procedure, the so-called "Secure Socket Layer" (SSL) transmission. You can recognize this by the fact that an "s" ("https://") or a green, closed lock symbol is added to the address component http://. By clicking on the icon, you will receive information about the SSL certificate used. The display of the symbol depends on the browser version you are using. SSL encryption guarantees the encrypted and complete transmission of your data.
9. Your rights regarding personal data
The data protection law grants you a number of rights with regard to data concerning your person (so-called rights of data subjects). In general, these are the right to request information about your personal data stored by us, as well as the right to correct, delete or restrict the processing of these data and to object to the processing. Whether and to what extent these rights exist in individual cases and what conditions apply depends on the law (until 25 May 2018 from the Federal Data Protection Act, from 25 May 2018 also from the EU General Data Protection Regulation). The basic EU data protection regulation also grants you the right to data transferability. If you have given your consent to the processing of your personal data, you can revoke this at any time with effect for the future. You also have a right of appeal to the competent data protection supervisory authority. However, if you have any questions or complaints regarding data protection at DQS, we recommend that you first contact our data protection officer (see Section 10).
10. No automated single decision
As far as this is not exceptionally necessary for the conclusion of a contract or permitted by law (as in the case of age verification), we do not use your personal data for automated individual decisions.
11. How can you contact us?
You will find our contact details as the responsible body in the imprint. If you wish to exercise the rights mentioned under item 9 or if you have any questions about data protection with us or this data protection declaration, you can also contact our data protection officer: email@example.com.