www.belgium.be Logo of the federal government

Privacy policy

1) Protection of personal data

The following information relates to the protection of your personal data. This is the data that allows you to be identified, directly or indirectly, such as your first name, surname, e-mail address and IP address.

Personal data is collected when:

  • You surf on the pages of the portal. In your browser, those pages begin with ccb.belgium.be, www.cert.be or www.safeonweb.be
  • When a link takes you to another website, an online application or a social network, you must check the terms and conditions for the processing of personal data used by those responsible for those services.
  • You contact us

You are protected in accordance with European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (entered into force on 25 May 2018) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

 

2) Legal bases and purposes of the processing operations

The Royal decree of 10 October 2014 establishing the Centre for Cybersecurity Belgium outlines the legal missions of the CCB:

  1. Monitoring, coordinating and supervising the implementation of Belgian cybersecurity policy;
  2. Managing the various projects on the topic of cybersecurity using an integrated and centralized approach;
  3. Ensuring coordination between the relevant government departments and governments, as well as the public authorities and the private or scientific sectors;
  4. Formulating proposals aimed at adapting the legal framework in the field of cybersecurity;
  5. Ensuring crisis management in case of cyber incidents in cooperation with the government's Coordination and Crisis Centre;
  6. Preparing, disseminating and supervising the implementation of standards, guidelines and security standards for the various information systems of the governments and public institutions;
  7. Coordinating the Belgian representation in international cybersecurity forums, coordinating the monitoring of international commitments and national proposals on this subject;
  8. Coordinating the security evaluation and certification of information and communication systems;
  9. Informing and raising awareness among users on information and communication systems.

Personal data is collected and processed with the aim of:

  • Informing you
  • Answering your questions
  • Handling the files and records that concern you

Data is also collected and processed anonymously:  

  • For statistical and qualitative purpose, with the aim of improving our services
  • To provide you with an answer in your language

If your request for information or services is intended for another department, we provide you with the particulars of that department and you are free to choose whether or not to contact them.

 

3) Processed data

Personal data are collected and processed solely for the purpose of providing you with the information requested. Personal data are data by means of which you can be identified, such as your name, your e-mail address or other data which may be reasonably linked to such information.

When you register on this site, we ask you to provide us with certain information (last name, first

name and e-mail). That information will be used to manage the site and the information provided.

The personal data provided are not used for marketing purposes and are not divulged to third parties.

In accordance with Article 29 of the Criminal Procedure Code, members of the CCB may be required to report criminal offences of which they become aware in connection with their duties and to send the public prosecutor any information related thereto.

In the situations listed in the table below, personal data is collected and processed automatically.

Situations

Data collected and processed

You visit one or more pages

IP-address.

You contact us through an electronic form or e-mail

Surname, first name and e-mail address that you have provided. Exchange of e-mails through the contact form and exchanging messages. Meta data that may or may not be related to your e-mail.

The other personal data that may be processed is listed in the data processing register.

Data that is not of a personal nature is automatically collected without linking it to your IP address and therefore with respect for your privacy. It is used to generate statistics and to improve the content of the portal site:

  • Language selection
  • Search engine used
  • Keywords used
  • The website from which you came
  • The pages you viewed
  • The duration of each page view
  • The list of files downloaded
  • The date and time of access
  • The browser used
  • The platform and/or operating system installed on your computer

The CCB also collect information in log files. The logs thus saved contain only traffic data. This information is used by the CCB for internal processing and traffic analysis purposes.

 

4) Use of cookies

We use cookies in order to provide optimal service. A cookie is a small file stored on your computer. The cookie can be recovered when you visit the same site at a later point in time. We also use cookies to produce anonymous statistics on visitors (Google Analytics). None of this contains information making it possible to contact you by e-mail.

You can also configure your browser to warn you when cookies are created or to stop it from creating cookies.

This site uses the following cookies:

  • Cookies needed for the proper functioning of the site:
    • language: language selection
    • has_js: to determine whether your browser accepts JavaScript or not (session status)
  • Google Analytics statistical cookies:
    • _ga
    • _gid
    • _gat

 

5) Storage duration

The storage duration:

  • of your IP address is 24 hours;
  • of the cookies is 13 months;
  • of the exchanges through the contact form and through e-mail is 12 months;
  • of logs is 13 months.

In exceptional cases, such as in the context of legal proceedings, your personal data may be stored for a longer period.

 

6) Security

The Centre for Cyber Security guarantees the security (integrity and confidentiality) of your personal data. It is protected against unauthorised access, unauthorised use, loss and unauthorised changes.

To this end, we use security methods and procedures that we will not describe in detail here for security reasons.  

Please note: Appropriate physical, technical and organisational measures are taken to guarantee a level of security that is appropriate with regard to the risks.

 

7) Right of inspection, modification, objection and deletion

You have certain rights relating to the personal data that we use: the right of inspection, the right of access, the right of modification, the right to object and the right to have data deleted.

Your application will be processed within 30 calendar days. If your application is complex or if our department has to deal with a large number of applications, that period may be extended by 60 days.

Please send an e-mail or letter to our Data Protection Officer together with a scanned copy or paper copy of your identity document containing your signature to the following address in order to exercise your rights:

Centre for Cyber Security Belgium

Courtesy of the Data Protection Officer

Rue de la Loi, 18

1000 Brussels

E-mail: [email protected]

You can find more information about the protection of personal data on the website of the Data Protection Authority: www.dataprotectionauthority.be.

 

7) Complaints

If you consider that the Centre for Cyber Security Belgium has not processed your personal data in accordance with the applicable regulations, you are entitled to lodge a complaint with the Data Protection Authority:

Data Protection Authority

Rue de la Presse 35

1000 Brussels

E-mail: [email protected]

 

8) Contact

For more information about our data protection policy, you can contact our Data Protection Officer at: [email protected]