We appreciate the trust you place in RHEA Group when sharing your personal data. The security of your personal data is very important to us. In the following sections, we will explain how we collect, use and protect your personal data.
We will also explain what rights you have with regards to your personal data and how you can exercise those rights.
This Privacy Policy applies to the personal data of our Website User, Candidates, Clients, Suppliers, and other people whom we may contact in order to find out more about our candidates. It also applies to RHEA’s employees and the emergency contacts of our employees.
This Privacy Policy applies in relevant countries throughout our international network. Different countries throughout our international network may approach data privacy in slightly different ways and so we also have country-specific parts to this Privacy Policy. You can find country-specific terms for your jurisdiction on Section 10. This allows us to ensure that we are complying with all applicable data privacy protections, no matter where you are.
The RHEA Group consists of RHEA System S.A., a company incorporated under the Belgium law and its subsidiaries located in the Netherlands, Italy, Germany, United-Kingdom, Czech-Republic and Canada (see our Legal Notice).
In this Privacy Policy, when we refer to “RHEA GROUP”, “RHEA”, “us”, “we” or “our”, we mean the RHEA GROUP companies which are responsible for any personal information collected about you, and the RHEA GROUP companies to which you may apply.
RHEA is a multinational Engineering Group, operating in 9 European countries and Canada on service delivery of systems, software and solutions to the aerospace, defence and security markets. This includes Information and Communications Technology (ICT) solutions involving information security risk management, information security engineering, information and critical infrastructure protection and applications for cyber defence and cyber forensics. RHEA has a consolidated experience and a broad set of ongoing activities and capabilities in the field of Security with a prominent focus on Cyber and Space applications;
Our Data Protection Officer can be contacted directly here:
We collect your personal data:
We process your personal details that are necessary to perform our service and desirable to better align our services to your expectations or to meet more specific questions or obligation coming from RHEA’s client namely:
You are responsible for the correctness and relevance of the data you provide RHEA. Please provide any changes in your personal details to privacy@rhearoup.com
We do not collect any Specific Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Subject to specific and exceptional request from the client, we do not collect any information about criminal convictions and offences.
The personal data we collect will be used for the following purposes:
RHEA GROUP will collect, use and share your personal information only when this is legally justified.
We can summarize our relevant legal basis for processing your personal data as follows:
Our legitimate interests include:
selling and supplying goods and services to our customers;
You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our websites may become inaccessible or not function properly. For more information on cookies please go to the Cookies Policy.
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Generally, RHEA GROUP do not rely on consent as a legal basis for processing your personal data in any other case than sending certain direct marketing communications to you via email or to perform active recruitment activities.
You may withdraw consent at any time by sending an email to:
Internal Disclosure
RHEA GROUP may share internally your personal information with its affiliates where such disclosure is necessary to provide you with our services or to manage our business. Other companies in the RHEA Group act as joint controllers.
External Disclosure
RHEA GROUP may share your information with other third parties named in the following cases:
RHEA GROUP will not pass on or sell your personal data to third parties for their own marketing purposes without first obtaining your consent.
RHEA GROUP shall give access to your personal information only to trusted partners or services providers who require the use of such information for business purposes. These third parties are entities for whom we have established they have adequate and sufficient data protection and security controls in place and with whom we have also implemented contractual obligations to ensure they can only use your data to provide services to RHEA GROUP limited to the purposes listed above. Moreover, these third parties shall not use or process your Personal Data for any purpose other than to provide the Service to RHEA GROUP.
International transfers
Personal Information which you supply to us is generally stored and kept in our own servers located in Belgium. However, due to the nature of our global business and the technologies required (some cloud-based tools), your Personal Information may be transferred to an internal or external third party located outside the EEA, in countries where there may be a lower legal level of data protection.
In such situations, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
General Principle
RHEA GROUP guarantees not to keep your personal data for longer than required by law or such other period necessary to fulfil the purposes we collected them for.
For Applicants
When you apply for a job, you allow us to retain your personal information to support you in your search for work (CVs, education, work expectations, contact information, etc.) for a period of 3 years. If any other opportunities become available which you may be interested in, we will contact you by email, telephone or by skype.
After this initial period of 3 years you will automatically get an e-mail asking you whether you authorize us to keep your personal information in our recruitment database or not.
In case of a negative answer we will delete all your personal data (including your contact details).
In absence of reply we will only file your contact details for archives for a period of five years unless you decide to give us a new consent in the meantime.
In case of a positive answer we will again inform you by e-mail 3 years later that we will only file your data for archives for a period of five years due to certain statutory periods of limitation, unless you decide to give us a new consent.
For Employees
If you work or have worked at RHEA GROUP, we will save all your employment data (identification, performances, wage information, multifunctional declaration at the social security department, tax declaration, …) for a period of 10 years after the end of your employment contract. This is in order to satisfy with a variety of social, fiscal and other legal obligations and periods of time limitation.
For marketing purpose
RHEA GROUP will process and store personal data for 3 years.
While we are in possession of, or processing your personal data, you, the data subject, have the following rights:
All of the above requests can be sent to privacy@rheagroup.com
RHEA GROUP does everything in its power to optimally protect your personal information against unlawful use. We do this on the basis of physical, administrative and technological measures. For ensuring notably the security of its Information processing, RHEA GROUP is currently implementing ISO 27001 international standard which describes namely how to manage information security in a company. The focus of ISO 27001 is to protect the confidentiality, integrity and availability of the information in a company.
RHEA GROUP plans to be certified ISO 27001 at the beginning of 2019.
In the event that you wish to make a complaint about how your personal data is being processed by RHEA GROUP, or about how your complaint has been handled internally by RHEA GROUP, you have the right to lodge a complaint directly with the supervisory authority or/and RHEA GROUP’s Data Protection Officer (DPO).
The details for each of these contacts are:
This Privacy Policy was last reviewed and updated in August 2018.
It is important to point out that we can amend this Privacy Policy from time to time. Please make sure you visit our “privacy notice” page from time to time if you want to stay up to date.
JURISDICTION: Belgium
COUNTRY-SPECIFIC LEGAL REQUIREMENT:
As described in the main body of our Privacy Policy, we are entitled to rely on “soft opt-in” consent in respect of certain marketing messages that we wish to send you. In all other e-marketing circumstances, active “opt-in” consent is required by law and RHEA GROUP is required to keep records of each specific consent provided by you.
JURISDICTION: Canada
Users with any concerns are invited to contact RHEA Group’s Canadian Data Protection Officer (DPO) at 6700 Chemin de la Côte-de-Liesse, Suite 102, Montréal, Québec, H4T 2B5, Canada or via email: privacy@rheagroup.com
If you are not satisfied with our response to your request, you may contact the Office of the Privacy Commissioner of Canada at https://www.priv.gc.ca/en/
NOTE: THIS SECTION WILL BE UPDATED WHEN LOCAL IMPLEMENTING LAW SHALL BE FINALISED
Website by ELDO™