Our Policy

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

Privacy Policy January 2025

  1. Purpose

This Privacy Policy is established by:

  • Austin Bright SRL, with its registered office located in Belgium, at Avenue du Port, 86C, 1000 Brussels, registered with the Crossroads Bank for Enterprises under number 0600.938.952, acting as the data controller for personal data collected in Belgium; and
  • Austin Bright SARL, with its registered office located in the Grand Duchy of Luxembourg, at L-8308 Capellen, 2-4 Parc d’Activités Capellen, registered with the Trade and Companies Register under number B226828, acting as the data controller for personal data collected in Luxembourg.

Hereinafter jointly referred to as the “Data Controller”.

The purpose of this Privacy Policy is to inform Users of the website www.austinbright.comand www.austinbright.lu (hereinafter referred to as the “Website”) about the ways in which their personal data is collected, processed, and protected by the Data Controller.

The term “User” refers to any natural person who accesses the Website or its content, registers via any form available on the Website, communicates with the Data Controller through various contact forms or via email, or enters into a contract with the Data Controller.

This Privacy Policy is in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”) as well as the applicable national laws in Belgium and/or Luxembourg.

The Data Controller is committed to ensuring the privacy of its Users and undertakes to take all reasonable precautions to safeguard personal data collected against loss, theft, disclosure, or unauthorized use.

For any questions or requests concerning this Privacy Policy, the User may contact the Data Controller at the contact details provided in this Privacy Policy.

2. Consent and Legal Bases for Processing

By accessing and using the Website, the User acknowledges having read the information described below, accepts this Charter, and expressly consents to the collection and processing of their personal data by the Data Controller as described herein, for the purposes indicated below.

Users have the right to withdraw their consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Personal data is processed in accordance with the purposes pursued by the Data Controller as detailed below, under the following legal bases:

  1. Performance of a contract: To ensure the provision of requested services; 
  2. Explicit consent: When processing cannot rely on any other legal basis – Users can withdraw their consent at any time for processing based on this legal ground; 
  3. Legal obligation: To comply with the Data Controller’s tax or accounting obligations;
  4. Legitimate interest: To fulfil its role as an intermediary in the European employment market.

3. Data Collected

By visiting and using the Website, the User expressly consents to the Data Controller collecting and processing, under the terms and principles described below, the following personal data:

  1. Their domain (automatically detected by the Data Controller’s server), including the dynamic IP address;
  2. Their email address, if voluntarily provided by the User, notably when communicating with the Data Controller via email or forms on the Website;
  3. All information concerning the pages visited by the User on the Website;
  4. Any information voluntarily provided by the User, including but not limited to their name, surname, residential and/or professional address, phone number, email address, geolocation, age, and gender.

The Data Controller may also collect non-personal data. These data are considered non-personal because they do not allow for direct or indirect identification of a natural person. Such data may be used for any purpose, such as to improve the Website, products, and services offered or for advertising purposes.

If non-personal data are combined with personal data, thereby enabling identification of the concerned persons, these data will be treated as personal data until their association with a specific individual is rendered impossible.

4. Methods of Data Collection

The Data Controller collects personal data via:

  1. All information manually completed by the User through contact forms or other data collection forms available on the Website; 
  2. The use of cookies and Google Analytics;
  3. Emails received;
  4. Oral communications, including via phone.

5. Purposes of Processing

Personal data is collected and processed solely for the purposes mentioned below:

  1. Ensuring the management and control of the execution of services offered by the Data Controller;
  2. Sending information (including newsletters and email campaigns) about the Data Controller’s services;
  3. Responding to User inquiries;
  4. Conducting statistical analysis;
  5. Improving the quality of the Website and services offered by the Data Controller;
  6. Providing information about new services of the Data Controller;
  7. Better identifying the interests of the User;
  8. Enabling the issuance of invoices and payment for services.

If the Data Controller intends to process personal data for purposes not yet foreseen in this Charter, Users will be informed beforehand and given the opportunity to refuse such processing.

6. Retention Period

The Data Controller retains personal data only for the period reasonably necessary to fulfill the purposes pursued and in compliance with legal and regulatory requirements.

The personal data of a User is retained for a maximum of 2 years after the end of the contractual relationship or the last update of the User’s data with the Data Controller. However, the Data Controller reserves the right to retain, for a period of 10 years following its creation, any accounting-related document, such as invoices, which may contain personal data. In such cases, the data included in these documents will not be reused by the Data Controller.

Shorter retention periods apply to certain categories of data, such as traffic data on the Website, which is retained for only 12 months.

At the end of the retention period, the Data Controller takes all necessary measures to ensure that personal data is rendered unavailable.

7. Access to Data and Copies

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may obtain, free of charge, a written communication or a copy of their personal data that has been collected.

The Data Controller may charge reasonable administrative fees for any additional copies requested by the User.

If the User submits this request electronically, as specified in the “Contact Details” section of this Charter, the information will be provided in a commonly used electronic format, unless the User requests otherwise.

The copy of the User’s data will be provided no later than one month following receipt of the request.

8. Right to Rectification

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may obtain, free of charge, the rectification of any inaccurate, incomplete, or irrelevant personal data, as well as the completion of any missing information, within the shortest possible timeframe and no later than one month from the receipt of the request.

9. Right to Object to Processing

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may, at any time, object free of charge to the processing of their personal data for reasons related to their particular situation, except in the following cases:

  1. The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
  2. The processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the User that require protection of personal data.

The Data Controller may refuse to implement the User’s right to object if it demonstrates compelling legitimate grounds for the processing that override the User’s interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims. In the event of a dispute, the User may seek recourse in accordance with the “Complaints and Claims” section of this Charter.

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may, at any time and free of charge, object, without justification, to the processing of their personal data when such data is collected for direct marketing purposes (including profiling).

When personal data is processed for statistical purposes in accordance with the General Data Protection Regulation, the User has the right to object, for reasons related to their particular situation, to the processing of personal data concerning them, unless the processing is necessary for the performance of a task carried out in the public interest.

The Data Controller is required to respond to the User’s request as promptly as possible and no later than one month from receipt of the request, providing a reasoned response if it decides not to comply with the request.

10. Right to Restrict Processing

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may obtain the restriction of the processing of their personal data in the following circumstances:

  1. When the User disputes the accuracy of the data, for the time necessary for the Data Controller to verify the accuracy of the data;
  2. When the processing is unlawful and the User prefers the restriction of processing over the erasure of the data;
  3. When the data is no longer necessary for the purposes of processing, but the User needs it for the establishment, exercise, or defence of legal claims;
  4. For the time necessary to examine the validity of an objection request submitted by the User, in other words, for the Data Controller to verify the balance between its legitimate interests and the User’s interests.

The Data Controller will inform the User when the restriction on processing is lifted.

11. Right to Erasure (Right to Be Forgotten)

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may obtain the erasure of their personal data if one of the following conditions applies:

  1. The data is no longer necessary for the purposes for which it was collected or processed;
  2. The User has withdrawn their consent for the processing, and there is no other legal basis for the processing;
  3. The User objects to the processing, and there are no overriding legitimate grounds for the processing and/or the User exercises their specific right to object to processing for direct marketing purposes;
  4. The personal data has been unlawfully processed;
  5. The personal data must be erased to comply with a legal obligation under Union or Member State law to which the Data Controller is subject.

The Data Controller may refuse to erase personal data in cases permitted under the General Data Protection Regulation or any other applicable legal standard at the time of the erasure request.

The Data Controller is required to respond to the User’s request as promptly as possible and no later than one month from receipt of the request, providing a reasoned response if it decides not to comply with the request.

The User also has the right, under the same conditions and at no cost, to obtain the deletion or prohibition of the use of any personal data concerning them that, in light of the purpose of the processing, is incomplete, irrelevant, unlawfully recorded, disclosed, or retained beyond the necessary and authorized period.

12. Right to Data Portability

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a readable copy of their identity card), the User may, at any time, request to receive their personal data free of charge in a structured, commonly used, and machine-readable format, for the purpose of transferring it to another Data Controller, provided that:

  1. The processing is carried out by automated means; and
  2. The processing is based on the User’s consent or on a contract between the User and the Data Controller.

Under the same conditions and modalities, the User has the right to request that their personal data be transmitted directly to another Data Controller, provided that such transmission is technically feasible.

The right to data portability does not apply to processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.

13. Recipients of Data and Disclosure to Third Parties

The recipients of the data collected and processed include, in addition to the Data Controller itself, its employees, other processors, and carefully selected commercial partners located in Belgium or within the European Union, who collaborate with the Data Controller in the provision of services.

The Data Controller undertakes to comply with all relevant provisions of the European Data Protection Regulation when engaging a processor and, in particular, contractually requires the processor to:

  1. Process the data solely for the purpose(s) for which the data has been entrusted;
  2. Process the data in accordance with the documented instructions of the Data Controller;
  3. Guarantee the confidentiality of personal data processed under the agreement binding them to the Data Controller;
  4. Notify the Data Controller of any personal data breach within a maximum of 48 hours of becoming aware of it;
  5. Implement appropriate security measures considering the objective of the processing.

If data is disclosed to third parties for purposes of direct marketing or prospecting other than those for which the User has provided the data to the Data Controller, the User will be informed in advance to allow them to accept or refuse such processing of their data by third parties.

Upon submitting a written, dated, and signed request to the Data Controller at the address specified in the “Contact Details” section of this Charter, and after providing proof of identity (including a copy of their identity card), the User may, at any time and free of charge, object to the transfer of their data to third parties.

The Data Controller complies with applicable legal and regulatory provisions and will ensure that its partners, employees, processors, or other third parties with access to personal data respect this Charter.

The Data Controller reserves the right to disclose the User’s personal data if required by law, legal proceedings, or an order from a public authority.

All transfers of data outside the European Union are conducted exclusively with counterparties complying with the requirements of the European Data Protection Regulation.

14. Use and Management of Cookies

General Principles. This section provides information on the use of cookies on the Website.

This cookie management policy applies to Austin Bright. Cookies are managed by the Data Controller.

Austin Bright uses cookies to make navigation more efficient and reliable. Some of these cookies are essential for the operation of the Website, while others enhance the User's experience.

If the User wishes to customize the management of cookies, they must modify their browser settings. Further information on this is provided in the “Cookie Management” section of this Charter.

By browsing the Website, the User expressly agrees to the cookie management described below.

Definition of Cookies. A “cookie” is a data or text file that an application or Website server temporarily or permanently stores on the User's device (hard drive, tablet, smartphone, or other similar devices) through their browser. Cookies may also be installed by third parties with whom the Data Controller collaborates.

Cookies store a variety of information, such as Users' language preferences. Other cookies collect statistics about Users or ensure that graphics display correctly and that applications function properly. Others adapt the content and/or advertising of an application or Website to the User’s preferences.

Use of Cookies on the Website. Austin Bright uses various types of cookies:

  1. Essential or Technical Cookies: These cookies are essential for the operation of the Website, ensuring proper communication and facilitating navigation.
  2. Statistical or Analytical Cookies: These cookies allow the identification and counting of visitors and the analysis of their browsing behavior while they use the Website. This helps improve the User’s navigation experience and makes it easier for them to find the information they seek.
  3. Functional Cookies: These cookies enable specific functionalities on the Website to enhance usability and the User’s experience, such as remembering their preference settings (e.g., language selection).
  4. Performance Cookies: These cookies collect information on how visitors use the Website. They help assess and improve the content and performance of the Website (e.g., counting visitors, identifying popular pages or clicks) and better align commercial proposals with the User’s personal preferences.
  5. Advertising or Commercial Cookies: These cookies are used to collect data about Users’ profiles and may be installed or read by third parties collaborating with the Data Controller to measure the effectiveness of an advertisement or page and better adapt it to the User’s interests.
  6. Tracking Cookies: Austin Bright uses tracking cookies through Google Analytics and Facebook Analytics to help the Data Controller measure how Users interact with the Website's content and to generate strictly anonymous visitation statistics. These statistics help continuously improve the Website and provide relevant content to Users. The Data Controller uses Google Analytics and Facebook Analytics to gain insights into Website traffic, its sources, and the pages visited. Google and Facebook act as processors in this context. The information collected by Google Analytics and Facebook Analytics is anonymized as much as possible, making it impossible to identify individual visitors to the Website. For more information, Users are invited to consult Google’s privacy policy at: http://www.google.nl/intl/en_uk/policies/privacy/ and Facebook’s privacy policy at: https://www.facebook.com/policies/cookies/.

The Data Controller may also use cookies and web beacons to collect information about Users’ browsing habits across various websites and applications within its advertising network.

A web beacon is an invisible image file that tracks the User’s navigation across one or more websites and/or applications. Additionally, other commercial cookies may be installed by advertisers when their advertisements are displayed.

Commercial cookies do not contain personal data. The information collected via commercial cookies and web beacons is used to measure the effectiveness of advertising and better personalize advertisements on the Website and other websites within the advertising network or for which the Data Controller provides advertising services.

The retention period of cookies depends on their type: essential cookies are generally retained until the browser is closed, functional cookies remain valid for 1 year, and performance cookies are retained for up to 4 years.

Managing Cookies. Most browsers are configured to automatically accept cookies, but all browsers allow Users to customize their settings according to their preferences.

If the User does not want the Website to place cookies on their device, they can easily manage or delete them by adjusting their browser settings. The User can also configure their browser to notify them when they receive a cookie and decide whether to accept it.

If the User disables certain cookies, some parts of the Website may become inaccessible and/or unusable, or may only be partially usable.

15. Security

The Data Controller implements appropriate technical and organizational measures to ensure a level of security for the processing and data collected that is proportionate to the risks associated with the processing and the nature of the data to be protected. The measures are determined by taking into account the current state of technology, implementation costs, the nature, scope, context, and purposes of the processing, as well as the risks to the rights and freedoms of Users.

The Data Controller consistently employs encryption technologies recognized as industry standards in the IT sector when transferring or receiving data on the Website.

The Data Controller has implemented appropriate security measures to protect against the loss, misuse, or alteration of information received through the Website.

16. Communications via Post, Email, or Telephone

Phone Communication. If the User provides their phone number to the Data Controller via the Website, they may receive phone calls:

  1. From the Data Controller to communicate information about its services;
  2. From corporate groups and commercial partners with whom the Data Controller has contractual agreements.

If the User no longer wishes to receive such calls, they can contact the Data Controller at the address specified in the “Contact Details” section of this Charter, ensuring that their name and exact address are provided correctly. The Data Controller undertakes to remove the User’s data from any list shared with other companies or organizations.

If the User provides their mobile phone number to the Data Controller via the Website, they will only receive messages (SMS/MMS) from the Data Controller that are necessary to respond to their inquiries.

Email Communication. If the User provides their email address to the Data Controller via the Website, they may receive:

  1. Emails from the Data Controller to communicate information about its services, provided the User has expressly consented or is already a client of the Data Controller and has previously provided their email address;
  2. Emails from corporate groups and companies/organizations with which the Data Controller has contractual agreements, provided the User has explicitly consented.

If the User no longer wishes to receive such emails, they can contact the Data Controller at the address specified in the “Contact Details” section of this Charter, ensuring that their name and exact address are provided correctly.

The Data Controller undertakes to remove the User’s contact details from any list shared with other companies or organizations.

17. Contact Information

For any questions and/or complaints, particularly regarding the clarity and accessibility of this Charter, the User may contact the Data Controller:

  • By emailbelgium@austinbright.com (for Belgium) or luxembourg@austinbright.com (for Luxembourg)
  • By mail in Belgium: Austin Bright - Avenue du Port, 86C, 1000 Brussels
  • By mail in Luxembourg: Austin Bright – 2-4, Parc d’Activités Capellen, L-8308 Capellen

The Data Protection Officer (DPO) of the Data Controller is Ms. Alexiane Wyns, attorney at the Brussels Bar (aw@alwy-lawyers.com).

18. Complaints and Claims

18.1. For Belgium:

The User may file a complaint with the Belgian Data Protection Authority at the following address:
Autorité de Protection des Données - Rue de la Presse, 35, 1000 Brussels
Tel: +32 2 274 48 00
Fax: +32 2 274 48 35
Email: contact@apd-gba.be

The User may also lodge a complaint with the court of first instance in their place of residence.

For more information on complaints and available remedies, the User is invited to consult the website of the Data Protection Authority: https://www.autoriteprotectiondonnees.be/.

18.2. For Luxembourg:

The User may file a complaint with the National Commission for Data Protection (CNPD) at the following address:
Commission Nationale pour la Protection des Données – 1, avenue du Rock’n’Roll, L-4361 Esch-sur-Alzette
Tel: +352 26 10 60 1
Or via the online form available on the CNPD’s website: https://cnpd.public.lu/fr.html

If the User is not satisfied with the outcome of their complaint with the CNPD, they have the right to bring their case before the competent court.

For more information on complaints and available remedies, the User is invited to consult the CNPD’s website: https://cnpd.public.lu/fr.html.

19. Governing Law and Jurisdiction

This Charter is governed by Belgian law. Any dispute relating to the interpretation or execution of this Charter will be subject to Belgian law and fall under the exclusive jurisdiction of the French-speaking courts of the judicial district where the Data Controller's registered office is located.

20. Miscellaneous Provisions

The Data Controller reserves the right to modify the provisions of this Charter at any time. Any changes will be published on the Website.

This version of the Charter is dated January 13, 2025.