We appreciate the trust you place in RHEA Group when sharing your personal data. The security of your personal data is very important to us. In the following sections, we will explain how we collect, use and protect your personal data.
We will also explain what rights you have with regards to your personal data and how you can exercise those rights.
The RHEA Group consists of RHEA System S.A., a company incorporated under the Belgium law and its subsidiaries located in the Netherlands, Italy, Germany, United-Kingdom, Czech-Republic and Canada (see our Legal Notice).
RHEA is a multinational Engineering Group, operating in 9 European countries and Canada on service delivery of systems, software and solutions to the aerospace, defence and security markets. This includes Information and Communications Technology (ICT) solutions involving information security risk management, information security engineering, information and critical infrastructure protection and applications for cyber defence and cyber forensics. RHEA has a consolidated experience and a broad set of ongoing activities and capabilities in the field of Security with a prominent focus on Cyber and Space applications;
Our Data Protection Officer can be contacted directly here:
We collect your personal data:
We process your personal details that are necessary to perform our service and desirable to better align our services to your expectations or to meet more specific questions or obligation coming from RHEA’s client namely:
You are responsible for the correctness and relevance of the data you provide RHEA. Please provide any changes in your personal details to firstname.lastname@example.org
We do not collect any Specific Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Subject to specific and exceptional request from the client, we do not collect any information about criminal convictions and offences.
The personal data we collect will be used for the following purposes:
RHEA GROUP will collect, use and share your personal information only when this is legally justified.
We can summarize our relevant legal basis for processing your personal data as follows:
Our legitimate interests include:
selling and supplying goods and services to our customers;
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Generally, RHEA GROUP do not rely on consent as a legal basis for processing your personal data in any other case than sending certain direct marketing communications to you via email or to perform active recruitment activities.
You may withdraw consent at any time by sending an email to:
RHEA GROUP may share internally your personal information with its affiliates where such disclosure is necessary to provide you with our services or to manage our business. Other companies in the RHEA Group act as joint controllers.
RHEA GROUP may share your information with other third parties named in the following cases:
RHEA GROUP will not pass on or sell your personal data to third parties for their own marketing purposes without first obtaining your consent.
RHEA GROUP shall give access to your personal information only to trusted partners or services providers who require the use of such information for business purposes. These third parties are entities for whom we have established they have adequate and sufficient data protection and security controls in place and with whom we have also implemented contractual obligations to ensure they can only use your data to provide services to RHEA GROUP limited to the purposes listed above. Moreover, these third parties shall not use or process your Personal Data for any purpose other than to provide the Service to RHEA GROUP.
Personal Information which you supply to us is generally stored and kept in our own servers located in Belgium. However, due to the nature of our global business and the technologies required (some cloud-based tools), your Personal Information may be transferred to an internal or external third party located outside the EEA, in countries where there may be a lower legal level of data protection.
In such situations, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
RHEA GROUP guarantees not to keep your personal data for longer than required by law or such other period necessary to fulfil the purposes we collected them for.
When you apply for a job, you allow us to retain your personal information to support you in your search for work (CVs, education, work expectations, contact information, etc.) for a period of 3 years. If any other opportunities become available which you may be interested in, we will contact you by email, telephone or by skype.
After this initial period of 3 years you will automatically get an e-mail asking you whether you authorize us to keep your personal information in our recruitment database or not.
In case of a negative answer we will delete all your personal data (including your contact details).
In absence of reply we will only file your contact details for archives for a period of five years unless you decide to give us a new consent in the meantime.
In case of a positive answer we will again inform you by e-mail 3 years later that we will only file your data for archives for a period of five years due to certain statutory periods of limitation, unless you decide to give us a new consent.
If you work or have worked at RHEA GROUP, we will save all your employment data (identification, performances, wage information, multifunctional declaration at the social security department, tax declaration, …) for a period of 10 years after the end of your employment contract. This is in order to satisfy with a variety of social, fiscal and other legal obligations and periods of time limitation.
For marketing purpose
RHEA GROUP will process and store personal data for 3 years.
While we are in possession of, or processing your personal data, you, the data subject, have the following rights:
All of the above requests can be sent to email@example.com
RHEA GROUP does everything in its power to optimally protect your personal information against unlawful use. We do this on the basis of physical, administrative and technological measures. For ensuring notably the security of its Information processing, RHEA GROUP is currently implementing ISO 27001 international standard which describes namely how to manage information security in a company. The focus of ISO 27001 is to protect the confidentiality, integrity and availability of the information in a company.
RHEA GROUP plans to be certified ISO 27001 at the beginning of 2019.
In the event that you wish to make a complaint about how your personal data is being processed by RHEA GROUP, or about how your complaint has been handled internally by RHEA GROUP, you have the right to lodge a complaint directly with the supervisory authority or/and RHEA GROUP’s Data Protection Officer (DPO).
The details for each of these contacts are:
COUNTRY-SPECIFIC LEGAL REQUIREMENT:
Users with any concerns are invited to contact RHEA Group’s Canadian Data Protection Officer (DPO) at 6700 Chemin de la Côte-de-Liesse, Suite 102, Montréal, Québec, H4T 2B5, Canada or via email: firstname.lastname@example.org
If you are not satisfied with our response to your request, you may contact the Office of the Privacy Commissioner of Canada at https://www.priv.gc.ca/en/
NOTE: THIS SECTION WILL BE UPDATED WHEN LOCAL IMPLEMENTING LAW SHALL BE FINALISED