BATS takes security very serious. Also the security of your personal data. It's your personal data that we value more than anything.
BATS has taken all technical and organizational measures to be GDPR compliant.
Here is a summary of the changes:
- you have the right to consent to our processing your personal data. It is your choice entirely, or not.
- you have the right to see and change your personal data
- you have the right to be forgotten
- you have the right to complain to the data protection authority
- we mention the reasons why we store and process personal data.
We have taken the following measures:
- for Marketing purposes, all personal data will be stored centrally and secured in a CRM system;
- our website has been modified using cookies and tracking technologies (Google Analytics) and provides in Data Subject rights, logs and proves consent;
- HR: we comply with the increased rights of employees using a document management system which is GDPR compliant;
- Finance: we use a GDPR compliant accounting software;
- ICT: real-time detection by Auditor which gives deep insight of personal data use, detection of threats and severity of data breaches implementing predefined GDPR rules, endpoint security and encryption;
- staff: is GDPR aware and have followed baseline training;
- visitors registration: fully GDPR compliant;
- physical security and video surveillance in line with Belgian Camera Law and Privacy Law;
- Communication to 3rd parties: legal grounds for collecting and processing, have compliant contracts;
- performed DPIA and methods in place to mitigate the identified risks;
- completed documentation and procedures.