Privacy policy

OBJECTIVE

The aim of this privacy policy is to provide adequate and consistent safeguards for the handling of Personal Data (as defined below) by My Friday Strategic Advisory in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“General Data Protection Regulation”, or “GDPR”).
My Friday Strategic Advisory is the controller.

“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier or to one or more factors specific to the person’s physical, physiological, genetic, mental, economic, cultural or social identity and includes information, that (i) relates to an identified or identifiable person (ii) can be linked to that person; (iii) is transferred to third parties and (iv) is recorded in any form. It does not include data where the identity had been removed (anonymous data) prior to being accessed by My Friday Strategic Advisory.

CONTACT DETAILS

My Friday Strategic Advisory is the controller. Its details are as follows:

Ave de Broqueville-laan 12, box 7
1150 Woluwe-St-Pierre,
Brussels
VAT: BE1023.403.547

Its representative is George Candon, CEO.
If data subjects have any questions about this privacy notice, including any requests to exercise their legal rights, they should contact My Friday Strategic Advisory at info@my-friday.eu.

Data subjects have the right to make a complaint at any time to the Belgian Data Protection Authority, the Belgian supervisory authority for data protection issues (https://www.dataprotectionauthority.be/citizen) at present. My Friday Strategic Advisory would, however, appreciate the chance to deal with such concerns before data subjects approach the Belgian Data Protection Authority, so would be grateful if data subjects would contact the contact person in the first instance.

PRINCIPLES OF PROCESSING PERSONAL DATA

My Friday Strategic Advisory respects data subjects’ privacy and is committed to protecting personal data in compliance with the applicable legislation in the EU with the desire to keep its data subjects informed and to recognize and respect their privacy rights. My Friday Strategic Advisory will observe the following principles when processing personal data:

  • Data will be processed fairly and in accordance with applicable law.
  • Data will be collected for specified, legitimate purposes and will not be processed further in ways incompatible with those purposes.
  • Data will be relevant to and not excessive for the purposes for which they are collected and used.
  • Data subjects in the EU will be asked to provide their clear and unequivocal consent for the collection, processing and transfer of their personal data insofar as consent is relied on for the processing of the personal data.
  • Data will be accurate and, where necessary kept up up-to-date. Reasonable steps will be taken to rectify or delete personal data that is inaccurate or incomplete.
  • Data will be kept only as it is necessary for the purposes for which it was collected and processed. Those purposes shall be described in this privacy policy.
  • Data will be deleted or amended following a relevant request by the concerned data subject, should such notice comply with the applicable legislation each time.
  • Data will be processed in accordance with the individual’s legal rights (as described in this policy or as provided by law).

It is important that the personal data My Friday Strategic Advisory holds about data subjects is accurate and current. Data subjects should keep My Friday Strategic Advisory informed if their personal data changes during their relationship with My Friday Strategic Advisory.

Appropriate technical, physical and organizational measures will be taken to prevent unauthorized access, unlawful processing, unlawful alteration or disclosure and unauthorized or accidental loss, destruction or damage to data. In addition, My Friday Strategic Advisory limits access to the personal data of data subjects to those employees, agents, contractors and other third parties who have a business need to know.

My Friday Strategic Advisory will ensure personal data is processed on their instructions and subject to a duty of confidentiality.

In case of any such violation with respect to personal data, My Friday Strategic Advisory will take appropriate steps to end the violation and will notify relevant data subjects and any applicable authority or regulator in accordance with applicable law and will cooperate with all such competent authorities.

TYPES OF PERSONAL DATA

My Friday Strategic Advisory collects data subjects’ personally identifiable information:

  • Contact, usage and profile information, such as name, user name or similar identifier, password, postal address, title, email address and telephone number, interests, preferences, feedback and survey responses.
  • Personal data in content subjects provide on My Friday Strategic Advisory’s website and other data collected automatically through the website (such as IP addresses, login data, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on these websites (including products or services used), and dates and times of website visits).
  • Financial account and transaction information, including billing address, details about payments to and from data subjects and other details of products and services received from My Friday Strategic Advisory.
  • Marketing and communications data includes data subject preferences in receiving marketing from My Friday Strategic Advisory and its third parties and data subject communication preferences.

My Friday Strategic Advisory does not collect any sensitive personal data (as defined in the GDPR) about its data subjects (this includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information regarding health and genetic and biometric data). Nor does My Friday Strategic Advisory collect any information about criminal convictions and offences.

WAYS OF OBTAINING PERSONAL DATA

The ways by which My Friday Strategic Advisory obtains personal data are set out in this section. My Friday Strategic Advisory does not obtain any personal information about data subjects unless the data subject has provided that information to My Friday Strategic Advisory in a way that is in accordance to the established data protection rules to do so, including but not limited to:

  • visiting or creating an account with respect to My Friday Strategic Advisory’s website;
  • applying for or subscribing to My Friday Strategic Advisory’s services or publications;
  • requesting that marketing be supplied by My Friday Strategic Advisory;
  • providing feedback, entering any promotion or survey;
  • by the completion of a written agreement, consent form, survey; or
  • completion of an on-line or hard copy form.

Data subjects may choose to submit personal, private information by facsimile, regular mail, e-mail, or electronic transmission over My Friday Strategic Advisory’s internal websites, interoffice mail, or personal delivery, as each of these methods may be deemed applicable each time.

AUTOMATED TECHNOLOGIES OR INTERACTIONS

When interacting with My Friday Strategic Advisory’s websites, My Friday Strategic Advisory entities may automatically collect technical data about the equipment, browsing actions and patterns of its data subjects. My Friday Strategic Advisory collects this personal data by using cookies, server logs and other similar technologies. My Friday Strategic Advisory may also receive technical data about a data subject if it visits other websites employing their cookies. Please see My Friday Strategic Advisory’s cookie policy for further details.

THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES

My Friday Strategic Advisory may receive personal data about data subjects from various third parties and public sources as set out below:

  • Technical data from the following parties: analytics providers such as Google based outside the EU; and search information providers Facebook, Twitter, Google, LinkedIn based inside and outside the EU;
  • Contact, financial and transaction data from providers of technical, payment and delivery services such as Isabel based inside the EU;
  • Identity and contact data from data brokers or aggregators such as Google based outside the EU.

USE OF PERSONAL DATA

My Friday Strategic Advisory collects and use data subjects’ personal information to operate the My Friday Strategic Advisory entities’ websites and deliver requested services. My Friday Strategic Advisory also uses personally identifiable information to inform on services available from My Friday Strategic Advisory. My Friday Strategic Advisory may also contact data subjects via surveys to conduct research about their opinion of current services or of potential new services that may be offered.

For data subject’s specific information, the purposes of processing may include:

Necessity for the performance of a contract or by law
e.g.:

  • Management of My Friday Strategic Advisory’s relationships with its data subjects
  • Processing payments, expenses and reimbursements
  • Carrying out My Friday Strategic Advisory’s obligations under various contracts

Legitimate interests

IP addresses, browser types, domain names, access times and referring website addresses are used by My Friday Strategic Advisory for the operation of the service, to maintain quality of the service and to provide general statistics regarding use of the My Friday Strategic Advisory websites.

Consent

My Friday Strategic Advisory keeps track of the websites and pages its data subjects visit, in order to determine what services are the most popular. This data may be used to deliver customized content to data subjects whose behaviour indicates that they are interested in a particular subject area.

Marketing activities

Subject to any applicable local laws and requirements, My Friday Strategic Advisory will only send you marketing information when you have consented to receive direct marketing information from us or when this is within our legitimate interest.

New purposes

If My Friday Strategic Advisory introduces a new process or application that will result in the processing of personal data for purposes that go beyond the purposes described above, My Friday Strategic Advisory will inform the concerned data subjects of such new process or application, new purpose for which the personal data are to be used, and the categories of recipients of the personal data.
My Friday Strategic Advisory will disclose data subjects’ personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the law or comply with legal process served on My Friday Strategic Advisory or the site; (b) protect and defend the rights or property of My Friday Strategic Advisory; and, (c) act under exigent circumstances to protect the personal safety of data subjects of My Friday Strategic Advisory, or the public.

USE OF COOKIES

My Friday Strategic Advisory’s websites use cookies that automatically track certain information about visitor activity on the sites. Cookies are data files that contain information created by a web server that can be stored on a visitor’s hard disk for use either during a particular session or for future use. My Friday Strategic Advisory uses cookies only to support visitor’s interaction with the site and keep it running efficiently. This information includes the browser and operating system being used, the IP address and the referring URL.

My Friday Strategic Advisory will not use cookies to collect personally identifiable information. However, if a visitor wishes to restrict or block the cookies which are set by their websites (or indeed any other website), this can be done through the browser settings.

EQUIPMENT AND INFORMATION SECURITY

To safeguard against unauthorized access to personal data by third parties outside My Friday Strategic Advisory entities, all electronic personal data held by My Friday Strategic Advisory are maintained on systems that are protected by up-to-date secure network architectures that contain firewalls and intrusion detection devices. The data saved in servers is “backed up” (i.e. the data are recorded on separate media) to avoid the consequences of any inadvertent erasure, destruction or loss otherwise. The servers are stored in facilities with high security, access protected to unauthorized personnel, fire detection and response systems.

ACCESS SECURITY

The importance of security for all personally identifiable information is of highest concern. My Friday Strategic Advisory is committed to safeguarding the integrity of personal information and preventing unauthorized access to information maintained in My Friday Strategic Advisory’s databases. These measures are designed and intended to prevent corruption of data, to block unknown and unauthorized access to our computerized system and information, and to provide reasonable protection of personal data inMy Friday Strategic Advisory’s possession. Access to the computerized database is controlled by a log-in sequence and requires users to identify themselves and provide a password before access is granted. My Friday Strategic Advisory may need to request specific information from data subjects in order to help them confirm the identity of that data subject and to ensure the right of that data subject to access its personal data (or to exercise any of its other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

RIGHTS OF DATA SUBJECTS

Data subjects have certain rights under data protection legislation concerning the personal data My Friday Strategic Advisory holds, including the following:

 Request access (commonly known as a “data subject access request”):

This enables the data subject to receive a copy of the personal data My Friday Strategic Advisory holds and to check it is lawfully processed.

 Request correction:

This enables the data subject to have any incomplete or inaccurate data corrected. My Friday Strategic Advisory may need to verify the accuracy of the new data that is provided.

 Request erasure:

This enables the data subject to ask My Friday Strategic Advisory to delete or remove personal data where there is no good reason for continuing to process it.

The data subject also has the right to ask My Friday Strategic Advisory to delete or remove personal data where the right to object to processing has been successfully exercised, where information has been processed unlawfully or where personal data was erased to comply with local law.
However, My Friday Strategic Advisory may not always be able to comply with a request of erasure for specific legal reasons. These reasons will be notified to the data subject at the time of the request. My Friday Strategic Advisory is only entitled to refuse to comply with your request for erasure for one of the following reasons:

  • to exercise the right of freedom of expression and information;
  • to comply with legal obligations or for the performance of a public interest task or exercise of official authority;
  • for public health reasons in the public interest;
  • for archival, research or statistical purposes; or
  • to exercise or defend a legal claim.

 Object to processing:

This enables the data subject, where My Friday Strategic Advisory is processing the data subjects’ personal data relying on a legitimate interest (or that of a third party), to object to processing because of the particular situation that impacts on the data subject’s fundamental rights and freedoms.

In some cases, My Friday Strategic Advisory may demonstrate the existence of compelling legitimate grounds to process information which override the data subject’s rights and freedoms.

 Request restriction of processing:

This enables the data subject to ask My Friday Strategic Advisory to suspend the processing of personal data in the following scenarios: (a) where the accuracy of the data needs to be established; (b) where the use of the data is unlawful, but the data subject does not want it to be erased; (c) where the data subject wishes My Friday Strategic Advisory to hold the data in order to be able to establish, exercise or defend legal claims even though My Friday Strategic Advisory do not need it; or (d) the data subject has objected to My Friday Strategic Advisory use of the data, but it has to be verified whether there are overriding legitimate grounds to continue to process it.

 Request the transfer:

This enables the data subject to ask My Friday Strategic Advisory to provide to the data subject, or a third party the data subject has chosen, personal data in a structured, commonly used, machine-readable format.

 Withdraw consent at any time:

Withdrawal of consent will not affect the lawfulness of any processing carried out before consent is withdrawn. If consent is withdrawn, My Friday Strategic Advisory may not be able to provide certain services. In this case, the data subject will be advised at the time that consent is withdrawn.

A data subject who wishes to exercise any of the rights set out above should contact My Friday Strategic Advisory’s contact person Mr George Candon at georgecandon@manfridayconsultancy.eu.

IF A DATA SUBJECT FAILS TO PROVIDE PERSONAL DATA

Where My Friday Strategic Advisory needs to collect personal data by law, or under the terms of a contract it has with a data subject and that data subject fails to provide that data when requested, My Friday Strategic Advisory may not be able to perform the contract they have or are trying to enter into with that data subject (for example, to provide services). In this case, My Friday Strategic Advisory may have to cancel a product or service that the data subject has with it. My Friday Strategic Advisory will notify the relevant data subject if this is the case at the time.

THIRD PARTY LINKS

My Friday Strategic Advisory’s websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about the data subject. My Friday Strategic Advisory does not control these third-party websites and cannot be held responsible for their privacy policy. Therefore, My Friday Strategic Advisory recommends that when data subjects leave their websites that they should read the privacy policy of every website visited.

DATA RETENTION PERIOD

Data subject preferences and personal data processed for the use of any of My Friday Strategic Advisory’s services will be retained for so long as is necessary to fulfil the purposes for which it was collected (including for the purpose of satisfying any legal, accounting or reporting requirements). To determine the appropriate retention period for personal data, My Friday Strategic Advisory considers the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of the personal data, the purposes for which they process the personal data of data subjects and whether they can achieve those purposes through other means, and the applicable legal requirements.

TRANSFER OUTSIDE THE EU

In connection with the activities of My Friday Strategic Advisory, My Friday Strategic Advisory may transmit personal data outside the EU and more specifically to My Friday Strategic Advisory’s providers of information technology and other services services, who would act in their capacity as data processors under the instructions of My Friday Strategic Advisory. Such processors guarantee to implement appropriate technical and organisational measures in such a manner that processing will meet the GDPR requirements and ensure the protection of the rights of the data subjects.