cass_logo
The IoT Measure & Control Solutions Company

Follow us on: LinkedIn Facebook
home about us projects contact news
Not Logged In

Privacy Policy

Personal Data Usage and GDPR compliancy

Cookie Policy
What is a cookie ?
A cookie is a small text file that the website stores on your computer or mobile device when you visit our site.

For detailed information about the cookies we use you can click the 'shield' icon at the left bottom side of a WEB page, this will open the cookie manager.
Basically we ONLY use functional cookies in order to make our website work properly. We do NOT use analytical, personalization, commercial nor social media cookies.
The analytical part is handled by our own analyzer program.

Personal Data Usage (GDPR)
What is personal data ?
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR. Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible. The GDPR protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.

We obtain the following personal data:
When a company buys our IoT solution we gather some data like company name, V.A.T number, telephone number, address and buyer responsible person first/surname and email address. These are solely used for billing purposes. We are obliged by Belgian law to keep these for a period of 7 years. After that period the paper copies are destroyed. The electronic copies are stored on a backup device, the customer can request us to have these removed too.

The email address and password of users related to a valid contract. A user can only register by using the contract reference stated on a Purchase Order and Active Maintenance & Support contract. Registration is necessary in order to access the cloud based application server and mobile APP for controlling IoT devices.

Depending on the type of IoT solution acquired by a customer our database could contain different kinds of personal data:
  • RFID School solution; student names, age, related classgroup, absence figures and time spend on courses
  • RFID Gate control solution; names of persons that have access
  • Mobile Gate control solution; mobile numbers of persons who can control the gate
  • Sensors; location information of the Iot board, sensors and relays/li>
There are specific IoT related considerations that we underpin by design:
  • The right of sensor data deletion; a customer can request us to delete data for a specific period
  • The right to be forgotten; this is the case when the customer decides to ends his contract with us
  • Data portability; via an API the customer can extract sensor data for external use
  • Privacy and data protection principles; all IoT board data communication is encrypted
In case a customer does not extend the Maintenance & Support contract within 2 months, after expiration, we delete the following:
  • All sensor and application related data
  • The customer contract
  • All email addresses related to this contract
We do not use nor sell customer personal, sensor and application data, it is solely visible and usable by the users related to a valid contract. We track the activity on our WEB server via server logs which contain anonymised IP addresses, we don't know to who/what this address relates too and a such it is not a personal data item. We mention that all data is stored on our cloud server hosted by Combell Belgium, this implicates that there is no data transfer to an other country inside our outside the EU.

A question related to our Privacy Policy can be issued by sending a 'GDPR/Cookies' request to us via the Contact Page .

CREATIVE Associates - v2.0 April 2023 - Privacy Policy