GDPR and your personal data
Since 25 May 2018, the General Data Protection Regulation (GDPR) has been in force. This determines how personal data is handled in EU member states and imposes guidelines on anyone storing personal data. This also applies to volta, and in two different ways: the personal data of our clients that we store ourselves and the personal data of third parties (our clients' customers) that we store on behalf of others.
Data volta stores about you
When visiting volta.be, some of your data is stored automatically. This data allow us to provide you with a better experience on our website and to see in a general, non-individualised way how you use our website. It is therefore not personal data according to the GDPR definition. You can read exactly what we store and how this is done in our cookie and privacy statement.
We do store personal data about you as a client of volta: data directly related to your identity. You can read a thorough definition of “personal data” here. In summary, it is any data ‘relating to an identified or identifiable natural person’. We store this data to give you, (employee of) our client, the best possible service.
Note that:
- we only store data that we reasonably need, such as your name, contact details and possibly your birthday (nice, because then we can congratulate you);
- we use your data in the performance of any agreement concluded between you and volta and possibly also for our own marketing campaigns;
- we never share your personal data with third parties;
- your data will be kept as long as you are (an employee of) our client;
- you have the right to know what data we keep at any time, to ask for it or correct it and to request that we delete it;
- you have the right to lodge a complaint with the Personal Data Authority.
Data volta retains as a 'processor'
As a communications agency, we also come into frequent contact with the personal data of our clients' customers. How this is done is also regulated by the GDPR. You can read the small print in the addendum to our agreements. As a client, you thereby have the role of data controller, which means that the storage of personal data is your responsibility. As data processor, volta has the task of ensuring that this is done correctly. Volta is NOT responsible for what the controller does with the personal data, even though we do have access to this data. However, we do, of course, inform our clients about what is and what is not permitted.
Questions about your own GDPR-compliance?
Pursuant to the GDPR, the updated privacy law, you cannot just collect data from website visitors. You need their explicit consent. Simple “Allow cookies” banners, which are commonly used, are therefore no longer sufficient.
