Your privacy is very important to us! 

We want to process your personal data lawfully, correctly and transparently. In this privacy statement, we explain which personal data we process of you as a natural person and what the objectives are. Furthermore, an explanation is also given of the right that you have to guarantee and perhaps improve your privacy.


1. Who are we?

Your data are processed by IMAC BVBA, which has its registered office at Sec. v/d Venlaan 16 in Vosselaar and is registered in the Crossroads Bank for Enterprises under number 0861.719.690. 


In our organisation, your data are accessible only to responsible people who need to access them in accordance with their tasks. If you have any additional questions and/or want more information, you can always contact us at the following contact address: 


2. Which personal data do we collect?

2.1 Data that we collect directly:

To know who you are:


•First name 


To contact you: 

•Telephone number 

•Email address


2.2 Public data and data that we collect indirectly

IMAC BVBA sometimes processes public data. 

For example, this may concern data that are subject to a publication obligation such as the publication of your appointment as a company director, or it may concern data that you have personally disclosed, such as information on your website, etc. 


They may also be data known to the public at large because they are general knowledge in your area or because they were published in the press. These also include information on Crossroads Bank for Enterprises and Graydon, for example.


2.3 What you tell us may be processed:

If you contact us by telephone, our reception may make a note of your first name and surname and your telephone number to create an overview of the contacts and to see who uses the services we provide.


3. Why do we collect your personal data?

Depending on the situation, IMAC bvba will need certain information from you to be able to offer you certain services. The information that IMAC bvba requests and that we use to identify you is referred to as personal data. 

Below you can check per situation why IMAC bvba requests such personal data and for what purpose they will be used.


Depending on the situation, your data will be used for the following purposes:

- For contacts of customers or prospective customers upon initial contact with IMAC bvba: your data are essential to be able to correctly execute the agreement that you conclude with us. Because you conclude a contract with us, we need to have at our disposal the necessary personal data to be able to offer you our service provision that is included in the contract.


This is mainly the dispatch of information within the scope of:

• exchange regarding the provision of employees/self-employed people for certain projects.


The personal data that are collected are processed for administrative and accounting purposes. It will be impossible to provide the services for which you are contractually bound to us if you do not want your personal data to be processed within this scope.


- potential new contacts through being given a business card: we will include you in our database if you have given us a business card in some way or other. We presume that giving us your business card, you also give your express consent to be included in our database.


Moreover, we also store the publicly accessible data that we find on you in our database. We presume that we may also save these personal data since you made them publicly accessible.


- For suppliers: the personal data that are essential to execute the agreement are collected. Therefore, this mainly concerns email addresses of contacts to be able to facilitate communication.


4. Who is given my personal data?

In principle, your personal data are not transmitted to other parties.

IMAC bvba processes such personal data in accordance with the purposes listed under point 3. Only the employees within our organisation who need your personal data to do their job will be able to consult them. However, when organising events, we may transmit your personal data (such as your first name and surname) to external parties who organise the events merely for organisational reasons and for safety purposes. We collaborate with a number of third parties who may also view your personal data. This concerns the following recipients:

• accountants & consultants for tax support purposes; 

• ICT service providers; 

• event agencies within the scope of safety/access to a staff party or other events, for example. 


5. How long are my personal data stored?

Your personal data are stored for as long as necessary to achieve the purposes outlined under point 3. It is self-evident that we store your personal data in accordance with possible legally mandatory periods and any applicable prescription periods. Example: this is 7 years for invoices.


6. What rights can I exercise to ensure that my personal data are protected?

6.1 You can view your data

If you want to view what personal data we process about you, you can do so pursuant to your right to view them. 

IMAC bvba will give you an overview, which is as comprehensive as possible, of the personal data that are kept concerning you. At this stage, we can already confirm that no specific categories of personal data are kept (such as race, ethnic origin, health data, data regarding sexual inclination, etc.). You can be given a copy of the personal data collected. 


6.2 You can have your data rectified

You can always have your personal data rectified or supplemented if any changes (such as name, address, email address, etc.) are made to them. 


6.3 You can have your data removed

If you are of the opinion that we process certain personal data unlawfully, i.e. without having a correct purpose to do so, then you can request that your personal data be erased.


6.4 You can request that the processing of your personal data be restricted

If your data are incorrect and if you have requested that they be adjusted or if you are of the opinion that we process your personal data unlawfully, then you can request that the processing of such data be restricted. 

This means that we may only and solely continue to process your personal data if you give your consent. We may still continue to store your personal data but may not perform any further processing without your consent, unless this is done within the scope of judicial proceedings, to protect natural or legal persons or for serious reasons of public interest. 


6.5 You can request to have your personal data transferred directly to a third party 

If you so wish, you can request us to transfer the data that you personally provided to us to yourself or directly to a third party. The Regulation does provide a number of restrictions to this right, however, which means that this does not apply in all cases. It is self-evident that each case must be examined individually.


6.6 You can sometimes refuse to have your data processed fully automatically

Some data processing and processes are fully automated without any human intervention. We do not use this technique here to process your personal data, however. If this were nevertheless to be the case and if you do not agree with such a fully automated process, then you can submit an objection to this, which will mean that your personal data will no longer be processed in this way. Here, too, there are a number of exceptions, each of which must be evaluated individually.


6.7 You can withdraw your consent 

Where your personal data are processed based on consent, you can withdraw such consent at all times (see point 3). We will then be obliged to erase your personal data. If you want to exercise one or several of these rights, please contact us by sending an email to and clearly specifying what right you want to exercise. Moreover, we would like to mention that you can file a complaint with the supervisory authority at all times if you are of the opinion that we do not duly respect your rights as listed above.





Your privacy is important to us!

That is why we handle the personal data that is collected from all spontaneous job applicants and candidate employees safely and confidentially in our IMAC BVBA organisation. This Privacy Policy outlines which of your personal data we process, on what grounds we process them and why we process them. Finally, we would like to inform you of the security measures that we take to protect your personal data. 


1. Whom should you contact if you have any questions?

IMAC BVBA, which has its registered office at Sec. v/d Venlaan 16 in Vosselaar and is registered in the Crossroads Bank for Enterprises under number 0861.719.690, is the Controller of your personal data processing. IMAC BVBAdeclares that, as Controller, it has been compliant with the Belgian privacy legislation, as well as with the provisions of the General Data Protection Regulation, as from the day it came into force.


2. What are personal data?

The General Data Protection Regulation defines personal data as follows: any information relating to an identified or identifiable natural person, (‘ data subject’’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.


If this Privacy Policy refers to personal data, this definition from the Regulation is referred. 

There is no processing of special categories of personal data. Processing of special categories of personal data is understood to mean the following:

Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. 


3. What personal data are processed?

We collect and process different personal data of our spontaneous job applicants and candidate employees. This concerns the following personal data:

- curriculum vitae: information such as your address, date of birth, contact details, training courses, testimonials/ degrees, previous work experience, etc.; 

- motivation letters, notes made during the job interview; 

- results of any tests taken: computer skills, language knowledge, personality tests, etc. 


4. Why are these personal data processed and what is the legal basis for the processing?

Your CV, motivation letter and notes made during the job interview are processed for the purpose of following the job application trajectory, the legal basis for which is our legitimate interest. A profile photograph is obtained and processed to be able to use this for internal communication, the legal basis for which is your prior consent. Results of tests taken are processed for the purpose of following the job application trajectory, the legal basis for which is our legitimate interest.


5. Duration of the processing

We store and process the personal data for a period that is essential within the scope of the purposes of the processing, the legal periods and within the scope of the contractual relationship between us.


6. What are your rights as spontaneous job applicant and/or candidate employee?

a) Right to access and view. You have the right to take due note, at any point in time, of your personal data, as well as of the use that we make of your personal data.

b) Right to rectification, erasure and restriction. You are free to share or not to share your personal data with us. In addition, you always have the right to request us to correct, supplement or erase your personal data. You cannot object to processing your personal data that we must keep and process in accordance with the law. You may also request that the processing of your personal data be restricted.

c) Right of objection. You also have a right to object to the processing of your personal data for serious and legitimate reasons. 

d) Right of data portability. You have the right to receive your personal data processed by us in a structured, commonly used and machine-readable format and/or to transmit them to another controller.

e) Right of withdrawal of the consent. To the extent that the processing is based on your prior consent, you have the right to withdraw such consent.

f) Automatic decisions and profiling. The processing of your personal data does not include any profiling, neither will you be subjected to automated decisions.

g) Exercising your rights. You can exercise your rights by contacting our person responsible for privacy by addressing an email to

h) Complaints. You have the right to file a complaint with the Belgian Privacy Commission: Commission for the protection of privacy, Drukpersstraat 35, 1000 Brussels, Tel. +32 (0)2 274 48 00, Fax +32 (0)2 274 48 35, email:


This does not prejudice any remedy before a civil court. 

You can file a claim for compensation for damages if you suffer damages as a result of the processing of your personal data.


7. Transfer to third parties (if necessary, cross out what does not apply)

Some of your specific personal data that we process are transferred to third parties. These are the following data: 

Information from the CV can be passed on to our customers to bring about collaboration in this way (=the way we present you to our customer). 

The above third parties process personal data as instructed by our organisation to perform certain tasks. We conclude processing agreements with all these above-mentioned organisations and make every possible effort to ensure that they adequately secure your personal data.


Your personal data will not be sold, let, distributed or commercially made available to third parties in any way other than the way outlined above or unless your give your prior consent. Although it is rare, it does sometimes happen that we must disclose your personal data pursuant to a judicial order or to comply with other mandatory legislation or regulations. 


8. Security and confidentiality

We have developed technically and administratively adapted security measures to prevent the personal data collected from destruction, loss, fraud, amendment, access by unauthorised persons or notification by mistake to third parties, as well as any other unauthorised processing of such data.


Technical measures

• use of virus scans, firewalls, etc.; 

• passwords that are changed regularly; 

• no unsecured hard disks; 

• access security to data;

• no unsecured back-ups; 

• work is done on secured hard disks. 


Administrative measures 

• specific people have access; 

• incident management procedure; 

• policy for employees; 

• training courses for employees; 

• confidentiality clauses.