Privacy statement

The Dome of International Solidarity – 11.11.11 (in short: 11.11.11) respects your privacy. We make it a point to treat your personal data in an appropriate manner. The processing of personal data takes place in a manner that is in accordance with the requirements of the General Data Protection Regulation (Regulation EU 2016/679, abbreviated as GDPR) and any other laws and regulations regarding the protection of personal privacy.

This Privacy Statement explains how 11.11.11 deals with personal data. The organization 11.11.11 provides for information security measures and a Privacy Protection Policy developed in accordance with the applicable legislation. The policy in this regard is also supported by a specially appointed information security consultant and a data protection officer (DPO).

This privacy statement is divided into a general section, a section specific to the information processing systems (software, databases, etc.), a section relating to the websites and finally a section on the Newsletters managed by or created on behalf of 11.11.11 or services of 11.11.11.

This section of the Privacy Statement describes the data processing in a structured manner, mainly by IT systems and solutions (software, databases) of 11.11.11.

2.1 Processing of personal data

11.11.11 processes personal data of you as a citizen or as an employee of a government/administration, organization or company. In that capacity, your data is processed as a "data subject" and/or you are given access to one or more information processing systems.

De General Data Protection Regulation defines the term 'processing' as follows (GDPR Art. 4): "any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction".

11.11.11 collects, registers and processes personal data in order to guarantee its relations a better service. In doing so, we always strive to collect only those data that are necessary to achieve the intended goal.

11.11.11 needs some information from you:

• to comply with legal obligations;
• to provide you as a donor with a tax certificate;
• to perform certain administrative actions (financial administration and invoicing, rights management, user agreement management, etc.);
• to fulfil contractual obligations (for example: you ordered a publication);
• to keep you informed, if desired, of new developments regarding one or more themes for which 11.11.11 makes a strong case and expresses himself as such publicly.

In this context processed 11.11.11 - depending on the nature of the relationship with you as an information seeker, donor, volunteer or employee of a government/administration, organization or company and the necessary processing of (personal) data for this purpose - possibly the following data of yourself or, in certain cases, of children under your care:

• Salutation/word of address
• First name
• Insertion
• Surname
• Gender
• Date of Birth
• Age or year of birth
• Nationality
• Address(es)
• Email address(es)
• Telephone/mobile/fax
• Image/visual material (photo, film)
• Family situation
• Data on lifestyle (for example: registration for meal, notification of a specific allergy)
• Financial data (for example: bank account number, invoice payment situation)
• Data on identity documents (for example: eID, passport, driving license – mainly for employees and/or in the context of insurance)

11.11.11 does not collect more data than necessary for the services it is expected to provide and does not wish to retain it for longer than is legally required, necessary or acceptable.

In principle, there is no systematic processing of personal data of children under the age limit set by the GDPR and the Belgian legislator. If this does happen (for example for insurance, or for employees in the context of social security), this is with the knowledge and consent of parents or guardians.

For recording and use (publication) of visual material such as photo or film, approval is requested if the portrayed persons are clearly individually recognizable. For image recordings of groups or at a certain distance, which means there is less recognizability, there are generally fewer restrictions applicable. In any case, the applicable laws and regulations in this area are taken into account.

2.1.1 Data that you provide to us 11.11.11

Donors/donors

When you make an online donation, we collect your name, address and email details in order to process this donation and provide you with a tax certificate if the total of your donations to 11.11.11 exceeds the threshold value set by Finance on an annual basis to issue a certificate. Even if you make a donation by bank transfer, we process the data provided by the bank that are necessary to be able to issue you a tax certificate if the threshold value is reached on an annual basis.

Customers

If you make a purchase in our online store or directly from 11.11.11, we collect the necessary contact details (name and address details, telephone availability if applicable) for invoicing and delivery.

Volunteers

If you register online as a volunteer for an action or for a longer-term commitment, we will ask for your name, place of residence, telephone number and year of birth so that we can contact you with a specific commitment tailored to you. We will also do this if you express your commitment by e-mail, letter or in direct contact. In the context of insurance for a specific activity, a date of birth may also be necessary.

Newsletters, registrations for events or activities

11.11.11 offers various newsletters with which we want to inform interested parties about various aspects of our operation. For this purpose, we ask for your e-mail address for the electronic newsletters and optionally sometimes your name, municipality or in certain cases your age or year of birth (for example for activities aimed at young adults). For the delivery of newsletters in printed form, we need your address. 
We only add your details to the list of newsletter subscribers for each type of newsletter with your explicit consent. Each newsletter contains a link with which you can unsubscribe.

(See also further in this Privacy Statement)

Registration for events or activities

If you register for an event that 11.11.11 organizes (debate, workshop, ...), we collect your name and email details and sometimes (optionally) ask for your place of residence, year of birth, gender and/or organization. Some of this information is requested because of obligations that subsidizing authorities impose on us so that they can check which target groups are reached with certain activities (for example: gender, to check gender balance; or age, for youth-oriented activities). 
You can indicate that you want to be kept informed of similar events in the future.

Communication

When you send email or other messages to us, we may retain those messages to be able to serve you further. Sometimes we ask you for certain personal data that is relevant to the situation in question. This makes it possible to process your questions and respond to your requests.

2.2.2 Data collected automatically

When employees or yourself use the information processing systems (for example when entering or consulting an application made available via web access), 11.11.11 and/or the by 11.11.11 designated processors also collect certain data. This concerns data that is required for the provision of services and monitoring the quality of the collected data of 11.11.11This data can be accessed by 11.11.11 or a by 11.11.11 designated processor/service provider under strict conditions if, for example, there are complaints about the connection or the improper functioning of a software/web application. Depending on the activity that you perform as a data subject, the information systems of 11.11.11 in this context possibly the following data:

• IP address
• username (login) or identification number
• eID identification and authentication data
• time of actions in the software

Visitors to a 11.11.11-website

We use cookies and similar technologies to register traffic on our websites and media channels, for example to remember that you are logged in and to be able to analyse the use of the website. Only non-personal data is stored. We will not combine this data with other personal data that we may have.

Read more about how 11.11.11 deals with cookies, and see also our Cookie Policy.

2.2 The role of 11.11.11 in the processing of your (personal) data

11.11.11 processes data from its target groups and contacts (citizens, employees of other governments/organizations/companies, clients, consultancies, experts, etc.) and is responsible for these data processing operations. Processing controller within the meaning of the General Data Protection Regulation. 

Measures under the General Data Protection Regulation

In some cases, to that end by 11.11.11 appointed processors, with which a sufficient contract and/or processing agreement has been concluded in the context of the General Data Protection Regulation and other legal and regulatory obligations, will in turn process personal data of data subjects with the information systems or with data processed by these information systems.

11.11.11 may in certain cases act as co-controller itself or as the Processor of personal data within the meaning of the General Data Protection Regulation. This means that 11.11.11 processes personal data on behalf of and on the instructions of governments, authorized bodies or other organizations. These other parties act in that case as Processing controller for these data processing operations, within the meaning of the General Data Protection RegulationThey have their own privacy policy. 11.11.11 is not responsible for, but should be openly communicated about. 

For example, a number of organisations (MO*, the NGO federation, etc.) use information processing platforms from 11.11.11, which provides technical support and/or facilitation, but where these organizations are themselves responsible for the content of the environments made available.

In each of these cases, in accordance with the requirements of the General Data Protection Regulation, a register of data processing drawn up and updated if changes occur. The register (inventory) for the processing of personal data can be consulted by the competent Data Protection Authority (DBA, or Data Protection Authority/DPA); in Belgium, this is the "Data Protection Authority" from 25 May 2018, as the successor to the Commission for the Protection of Privacy (better known as the Privacy Commission). Every organisation that processes personal data and is subject to the General Data Protection Regulation is obliged to provide access to the Data Protection Authority if requested to do so.

11.11.11 makes every effort to map the processing activities of the processes within the organization and to optimize and update this inventory/register if necessary.

The risk of a privacy breach or the inability to guarantee your rights as a data subject is also mapped out and for those activities that have an increased risk profile in terms of privacy protection, a Data Impact Assessment (DPIA) is carried out. The other principles of the GDPR such as data protection by design and with default settings, incident management for information security and privacy incidents with a procedure for reporting and dealing with data leaks and data losses are also included in the approach that 11.11.11 puts forward the protection of privacy.

Security of the information (personal data)

11.11.11 strives to protect personal data and privacy, both in physical form, in information systems and online. 11.11.11 takes appropriate organizational and technical measures to protect personal data and prevent unauthorized access to and use of information, such as a sound password policy, use of SSL certificates on websites (https secured file transfer), quality firewalls, antivirus/antimalware and intrusion and anomaly detection.

To the employees of 11.11.11 access to personal information is granted to the extent that they need that information to properly perform their duties. The number of employees of 11.11.11 that has access to personal information is restricted. The employees involved have been trained to handle confidential data correctly.

The data is stored on our own secure servers 11.11.11 or in the secure environment of a processor commissioned by 11.11.11.

2.3 Authorizations for processing certain data

11.11.11 or the organisations for which it acts as successor, has obtained authorisation for the processing of certain personal data. The relevant authorisations can be consulted at 11.11.11 or the authorizing authority (for example, Finance for the issuing of tax certificates).

De General Data Protection Regulation provides for a number of privacy rights, which you as a 'data subject' (this is: natural person) can rely on. This of course takes into account the privacy rights of other persons and with legal provisions and restrictions.

As a data subject within the meaning as defined in the General Data Protection Regulation, you have the following rights which can be summarized as "the right to correct and legitimate processing of your personal data": 

• Right of access to the data processed concerning you (GDPR art. 15);
• Right to rectification or right to correction of errors (GDPR art. 16);
• Right to erasure (officially called "right to be forgotten" or "right to be forgotten"); this right applies in certain cases and in particular if we process your data on the basis of an informed consent for which we have no statutory or other legal basis for further processing, including retention (GDPR art. 17);
• Right to restriction of processing (GDPR art. 18); Notification of rectification, erasure or restriction of processing (GDPR art. 19);
• Right to data portability (GDPR art. 20);
• Right to object/oppose the processing of your data (GDPR art. 21);
• Rights relating to individual decision-making, including profiling (GDPR art. 22).

In addition, you have the right to file a complaint with the Belgian Data Protection Authority (GBA) if you believe that your rights have been violated and you remain concerned after asking questions. 11.11.11 or the by 11.11.11 appointed Data Protection Officer (DPO) does not sufficiently recognize your rights.

For the processing of personal data where 11.11.11 acts as Data Controller for the data processing within the meaning of the General Data Protection Regulation, a "data subject" (i.e. any citizen, donor, volunteer, etc.) can submit a request for access, correction or deletion. 11.11.11 will handle these in accordance with the provisions and terms prescribed by the General Data Protection Regulation.

For the processing of personal data where 11.11.11 not if the Controller acts for the data processing within the meaning of the General Data Protection Regulation, requests for access, correction or deletion cannot be processed 11.11.11 be handled independently. In that case, requests for access, correction or deletion must be submitted to the Controller for the data processing that uses the services and processing with/by the information systems of 11.11.11, because 11.11.11 is not responsible for the information itself.

If you have a relationship with 11.11.11 (as a donor, volunteer, customer, subscriber, event participant, ...) and we process your personal data for that reason, you have the option to view your personal data after a written request and upon proof of your identity.

If the overview provided by us contains inaccuracies, you can request us in writing to change the incorrect data or you can request that certain data be deleted.
In addition, you can inform us in writing if you do not wish to be approached with information about our products and services.

You can direct your request to exercise your rights of access, correction or deletion to 11.11.11 by email to privacy@11.be or by post to 11.11.11 - DPO, Vlasfabriekstraat 11, 1060 Brussels.

For more information about how personal data is processed by 11.11.11 or exercising a right under the General Data Protection Regulation, you can contact the Data Protection Officer (DPO) of 11.11.11:

• 11.11.11 - DPO 
  Vlasfabriekstraat 11 – 1060 Brussels 
  Email: privacy@11.be

This section describes the data processing within the websites and related communication channels (social media) of the 11.11.11:

Our websites:

• 11.be
• shop.11.be
• 4depijler.be
• argo-ccgd.be
• actions.11.be
• pers.11.be

Our social media channels:

• facebook.com/www11be  
• twitter.com/www11be 
• instagram.com/www11be 
• youtube.com/user/www11be 
• flickr.com/people/11be 

Cookies

A cookie is a small text file (information file) that is placed by the browser on your computer, smartphone or tablet and automatically stored on your device. In some cases, they are deleted almost immediately. Both websites and web applications and app software use cookies. technical en functional cookies.

11.11.11 uses different types of cookies on its website. The websites of 11.11.11 use cookies to remember your settings and preferences and thus increase your ease of use. Some of these cookies are only used temporarily during a so-called 'session' in which you consult the website. Other cookies can be stored on your device, so that during subsequent use on that device and with that browser, a number of user settings can be set more quickly and you have a smoother user experience.

You can find more information about which cookies we use, why and how we do this, and information about your options via the links below.

• Cookie policy 11.11.11 
• Which cookies does this site use?

You can set your web browser to not store cookies on your computer. You always have the option to delete previously stored cookies. We also provide a guide on how to deal with cookies in the most common browsers.

• How to delete cookies? 

More information about how to refuse cookies and how to delete cookies for the most commonly used browsers can be found at www.consumentenbond.nl/internet-privacy/extra/cookies-removal  (NL) or on www.aboutcookies.org  (AND).

Google Analytics

On the websites of the 11.11.11 Google Analytics or similar analysis measurements can be used by Google or those under its management, which are intended to measure how often and in what way the website is visited. In order to perform this measurement, Google will store certain information, such as your IP address, on its servers in the United States. Google's privacy statement can be found (among other things) on www.google.com/intl/nl/policies/privacy/  are consulted. As explicitly requested by Google itself, 11.11.11 In this context, Google does not permit the use of the information obtained for purposes other than for the provision of services by Google to 11.11.11The necessary privacy settings are applied to ensure that personal data is not passed on to Google or other third parties.

Facebook, Twitter and other social media

The content of some pages within the websites of 11.11.11 can be shared via Twitter, Facebook and/or other so-called social media platforms. When sharing, Facebook, Twitter and others store cookies on your computer. In this case, these social media platforms may process certain personal data of you. To check what these parties can do with this data, you should consult the respective privacy statements. 11.11.11 has no influence on this and is not responsible for it. 

It is ensured that when using and referring to such social media or to external internet sources, a number of security measures are observed with regard to the protection of personal data.

From 11.11.11 and the services within 11.11.11 various newsletters and similar communications are sent by e-mail or by post to target groups, usually at their own request or, for example, to provide you with information about what was achieved with your donation. Active and informed consent is used for new registrations for newsletters (OPT-IN) for the use of the contact details used and communicated by you. For data that you have previously provided to us, these will be further processed and used for a limited period of time. A limited validity of your consent also applies to newly provided information. We do not request and use more personal data than necessary in the context of a specific newsletter, usually limited to pure contact details.

The services of the 11.11.11 only add your contact details for the management of newsletters and similar information tools to a newsletter file if you have given permission for this or if you are part of specific target groups in the professional sphere (for example, professional e-mail addresses of employees of specialized organizations or companies). Each newsletter contains a link with which you can unsubscribe (OPT-OUTThe databases or lists of e-mail addresses used for an outgoing newsletter 11.11.11, will under no circumstances be transferred to third parties.

Your data will not only be added to the list of subscribers with your explicit interested consent. You can withdraw this consent at any time: every newsletter contains a link with which you can unsubscribe.

We send our newsletters with Mailchimp. Mailchimp is a web program that allows you to create and send newsletters with mailing lists. By subscribing to these newsletters as a subscriber, you agree that the data you provide will be transferred to MailChimp for processing in accordance with the Privacy Policy and the Terms & conditions from MailChimp. You should know that MailChimp is an organization located in the United States of America. Mailchimp guarantees that the data processing they do, is done in a way that meets the requirements for the protection of personal data of the General Data Protection Regulation.
Only a limited number of employees of 11.11.11 has access to the personal data processed in the context of newsletter management, and only when this is necessary for sending the newsletters.

This version of the Privacy Statement of 11.11.11 applies from 25 May 2018.

If the purposes for which personal data are processed change, 11.11.11 report this to the public and communicate this transparently on the websites and other media channels of which 11.11.11 makes use of.

11.11.11 reserves the right to adjust the privacy statement to new needs or insights. Changes to the Privacy Statement will be transparently reported on the main website of 11.11.11 (www.11.be) as well as the paper version which is available on simple request from the Communications Department of 11.11.11 and via the Data Protection Officer ((Data Protection Officer or DPO)) from 11.11.11.

If you have any questions about the Privacy Statement or any changes to it, please contact the Data Protection Officer (DPO):

• 11.11.11 - DPO
  Vlasfabriekstraat 11 – 1060 Brussels 
  Email: privacy@11.be

Last updated 24/06/2021