Privacy Statement – EU
What does Caviar do?
The Caviar group, with its main office at Havenlaan 75, 1000 Brussels, Belgium, is an award winning entertainment company with offices in Los Angeles (USA), London (UK), Brussels (Belgium), Amsterdam (The Netherlands) and Paris (France). Our passion is to entertain audiences, wherever they are. Caviar’s ever growing circle of creators is rooted in branded content, film, digital and post production.
To allow all this, Caviar processes personal data of natural persons in the context of its activities, and this may concern natural persons who are (potential) customers of Caviar or its partners, the contact persons within the active network of Caviar, its employees, HR, etc.
The contact person for all your questions, requests or complaints about the processing of your personal data at Caviar is: firstname.lastname@example.org.
Which personal data is being processed by Caviar?
Caviar processes the personal data necessary for the execution of its agreements that are concluded in the context of its activities, and also processes the data that are necessary for Caviar to carry out its (commercial) activities.
It may be for example your name, first name and contact details, but also your choice of language, your company or VAT number, your bank account number, credit card number, email address, etc. But also the communication you have with Caviar as current or potential customer.
Caviar rarely processes sensitive personal data within the framework of the GDPR, and only if necessary.
When subscribing to the Caviar newsletter, you will regularly receive a newsletter at the specified email address. Caviar uses this email address only for the services for which it was subscribed. Of course, you can unsubscribe at any time via the link at the bottom of each newsletter or by requesting this via email to the email address email@example.com.
Within the framework of any services and activities offered by Caviar, it may be necessary for Caviar to take photos, images and/or audiovisual recordings on which the customer or involved natural persons are (partially) visible or recognizable. You are aware of the fact that (processing of) such photos, images and/or audiovisual recordings are therefore necessary for certain activities and/or requested services. In that regard, in the context of the confirmation of the service, you give your consent to the recording and use of these images (by means of contract of explicit approval or any other legal basis of processing as set forth below). Of course, we never misuse this information and only use it to help you by being able to improve our services, and this always in accordance with applicable law.
Legal basis and purposes of processing
Processing in the context of to be concluded or current agreements is the most important legal basis for data processing by Caviar and its members.
If necessary, your additional, explicit and specific consent for the processing of your personal data will be requested in accordance with the GDPR. A given consent can in principle be withdrawn free of charge and electronically, unless of course there is another legal ground for the processing.
In this context Caviar notes that Caviar or its members can also process your data from a ‘legitimate interest’ ground. For example, Caviar can inform you about new, interesting offers (in your established/potential relationship with Caviar). Caviar will, as in the past, of course always do this within reasonable limits and never in an aggressive or undesired way.
Source of personal data
Caviar obtains the personal data they process, in the first place, of the natural persons themselves (directly). Of course we never abuse this data and only use it in such a way in order to optimize our services towards you.
Duration of processing
Caviar does not retain the personal data it processes for longer than necessary for the purposes of the processing. This shall on a regularly basis be reviewed and evaluated by Caviar.
In principle, Caviar does not retain the personal data for more than five (5) years from the moment the data was obtained. If necessary, for instance in case of legal proceedings or (contractual) obligations, it is possible that the personal data must of course be kept longer.
Caviar does not retain personal data from its employees longer than five (5) years after the termination of the employment contract / service agreement, except in the case of legal proceedings, in which case the data can be processed up to three (3) years after the final settlement.
Any sensitive data will only be kept for the duration necessary for the performance of the contract concerned or as long as it is necessary to maintain it in one way or another to allow Caviar to show that it has executed the agreement in a correct manner.
Caviar keeps the personal data they process up to date and corrects them where necessary.
Security of personal data
Caviar guarantees the integrity, security and confidentiality of the personal data, both technically and organizationally. Caviar stores important/sensitive personal data on its own secure servers or on secure third-party servers.
Processing by / transfer to external partners.
In first place, Caviar processes the personal data itself (both internally and externally for information and communication purposes).
Caviar and its group members only pass on data to third parties if this is necessary. Only the data that are strictly necessary are, of course, communicated. Caviar also transfers personal data to external partners, but this only to the extent that this is necessary for the performance of its activities and task as aforementioned. Caviar and its members can also share data if necessary. The necessary agreements will always be concluded with these partners, suppliers or other appointees, and contractual provisions will limit the use and processing of your personal data and guarantee adequate protection of your personal data.
The transfer of personal data to foreign parties outside the EU can prove absolutely necessary for concluded agreements in the context of its execution, and you also give permission for this processing (including within the general or specific terms and conditions concluded with Caviar). This is also within the interest of the customer.
You acknowledge that Caviar has offices in Los Angeles (USA), London (UK), Brussels (Belgium) and Paris (France), and that with regard to the requested services, data might have to be exchanged between offices.
If Caviar transfers personal data to someone outside the EU who is not on a list of ‘safe countries’ (in the context of the GDPR), then it will enforce the appropriate security guarantees to the extent possible.
Caviar ensures, to a maximum extent, that the external partners who process personal data or who are (co-) responsible for data processing, comply with the provisions of the GDPR. To this end, the aim is to conclude as many ‘processing agreements’ as possible with its main partners.
Caviar guarantees that you, as an involved natural person, can exercise the rights that the GDPR grants you (information, access, copy, improvement, rectification and right ‘to be forgotten’, restriction of and objection to processing, transferability of data).
You can exercise your rights free of charge and electronically via the contact information stated above. Caviar can charge you an administrative fee in case of excessively demanding requests.
A complaint or question about your personal data?
Your contact at Caviar has already been communicated above. If you have a complaint, you can also submit it to the supervisory authority. In Belgium, this is the Data Protection Authority or GBA (www.privacycommission.be). You can also always file a case with the national courts.
Version of this privacy statement
This statement was last updated on December 1, 2020.