Because this website receives visitors from the E.U. and we could possibly store some of your personal data, we are obligated to comply with the European GDPR rules.
We don't mind the new rules, it will make the digital world a better place (in the end).
What does the General Data Protection Regulation (GDPR) govern?
Regulation (EU) 2016/679 of the European Parliament and of the Council1, the European Union’s ('EU') new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.
It doesn’t apply to the processing of personal data of deceased persons or of legal persons.
The rules don’t apply to data processed by an individual for purely personal reasons or for activities carried out in one's home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected.
What is personal data?
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
The GDPR protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organised in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.
Examples of personal data
- a name and surname;
- a home address;
- an email address such as email@example.com;
- an identification card number;
- location data (for example the location data function on a mobile phone)*;
- an Internet Protocol (IP) address;
- a cookie ID*;
- the advertising identifier of your phone;
- data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.
What do we (indirectly) use and store?
- For our newsletter we could (indirectly) store your first name, your surname and your email-address. This is fully optional (we would never force you to use this just for updates, but it's more convenient). At least your email address and first name are used and stored at our external newsletter-software (Mailjet - Mailjet is ISO 27001 certified and GDPR compliant. Your data is stored in their secure data centers with Google Cloud Platform in Frankfurt (Germany) and Saint-Ghislain (Belgium). If you do not want this we are offering to follow updates for site via Twitter (so we don't need extra data)
- We also use StatCounter to track visits to our site, to see popular pages, time spend on the website, etc. This site stores, a masked IP-address, a region and country. You can choose to opt-out for this kind of tracking on the internet via the StatCounter site. Statcounter and the GDPR (from their website) GDPR and IP addresses, The GDPR makes it clear that an ip address and other cookie identifiers may be considered personal data.However, for an IP address and other identifiers to be considered personal information, a user must be able to identify the person behind the IP address. As a regular user of Statcounter is not able to do that, an IP address should not be treated as personal data.