How do we collect data?

Here's an overview of the most frequently asked questions

Bisnode Belgium collects company data through phone calling.

Bisnode Belgium also concludes partnerships with KBO/BCE (Banque carrefour des Entreprises), the NBB (National Bank) and some commercial companies which communicate their client's data.

Finally, data can be completed by various statistical informations frequently availalble in open data, linked for example to the number of occupied employees in a particular region, the size of companies,....

All of this data is collected and merged to shape our "companies" file which is marketed.

Yes, we can complete your data with deduced or supposed data. For example, we can link your contact information with the contact informations of companies for which you have worked. 
Based on your name, date birth and postal address, we can also determine that you exercise a function in various companies. We can therefore make the link between these companies.

When a company move, we conclude that everybody working in this company also change their professional address.

Yes we can establish marketing profiles.

It means concretely that we can put you into "marketing segments", for instance "SME's and self-employed people", "leadership positions", "legal entities settled in city X"... 

This categorization will result in proposing your data to companies that sell products or services that we feel are more likely to interest you. At the opposite, it also allows companies that sell products or services that you probably would not interest to avoid contacting you for advertising.

These profiles are not pre-established. We can build them according to the requests of our customers and we do not necessarily keep them.

We can aslo establish financial indicators related to your company, based on informations from your balance sheets published at National Bank. 

Personally no. We simply evaluate what we call in our jargon your "marketing potential". For example, if your profile could make you more interested in a specific product or service than average. This profile may just be a score (for example, depending of your activity and the size of your company, you will receive a score between 1 and 5; the more your profile will be similar to clients of the company we are working for, the higher will be your score) or  a description of your marketing profile. The consequence will be for example that you will probably receive an advertisement different from your colleague. This does not mean that he won't be able to acquire the same product or service under the same conditions. Simply that the content of the ad he will receive in his mailbox or email box will be different from yours.

It can happen that the score related to your profile is combined with other scores built by our clients. In this case, the final interpretation of all scores or profiles is the responsibility of our clients. If our clients should have to use these combined profiles in a way that could have a legal effect on you or affect you significantly, they commit themselves to inform you and comply with the applicable legal dispositions.

In the same way, financial indicators that we establish for our clients could be interpreted by our clients in a way that could have a legal impact on your company. This interpretation is done under their responsibility. They commit themselves to inform you and comply with the applicable legal dispositions.

These data come from the National Institute of Statistics or any other institution that could make them available on the market, which is commonly called Open Data. This anonymous data are related to a neighbourhood or group of companies and therefore not related to a specific person.

Bisnode Belgium can also build its own statistical models.

When these companies sell you a product or a service, they usually ask your name, how they can contact you (postal address, phone number, mobile phone, etc.) and often your birth date. These informations are registered in a "clients and prospects" file so that they can re-contact you afterwards. 

In some cases, data are the result of survey or publication executed in collaboration with your business itself or are publicly available on line.

We advise you to browse the data policy of companies with which you are in contact. They are available on their website. You will see that some explain that they can transmit your data to Bisnode Belgium or to other partners and for which purposes. 
The law authorizes this transfer, either with your explicit consent, or with transparent information and the possibility of opposing it.
Bisnode Belgium systematically checks that their partners comply with this obligation.

Yes, the law allows the BCE/KBO (Banque Carrefour des Entreprises / Kruispuntbank van Ondernemingen) to market the data present in their file. However, the license that we have concluded prohibits us from using nominative data (your personal details) for direct marketing purposes. In this case, we only use the data available on the companies.

Yes, for business-related data, we can also collect data from National Bank, National Social Security Office (ONSS/RSZ),...

Your authorization

Legal basis: Article 6a of GDPR:

Especially when you freely communicate data on our site or on a survey that we or our partners can edit or when you address us directly for a specific request or when freely consent to the processing of your data by any other channel. 

 

Based on the pursuit of our legitimate interest, as part of our marketing activities (including improving the quality of our customers' databases)

Legal basis: article 6f of GDPR:

We have a legitimate interest in continuing the activities just described above. Indeed GDPR provides in its preamble No. 47 that activities related to "direct marketing" constitute a legitimate interest.

It goes without saying that this interest must be constantly weighed against the rights of the people registered in our file. It is to this end that we strive to be as transparent as possible regarding the use of the data and we respect scrupulously the GDPR as for the rights of the person (see further)

This legal basis is used for any data processing for which we do not ask for your explicit consent.

Finally, for all intents and purposes, we remind you that when we only process business-related data, GDPR does not apply.

In order to guarantee your rights, we have implemented a series of measures:

 

1. First of all, we scrupulously check that our source business partners respect the GDPR, whether it is at the level of the collection of your data or at the level of the information they give you about the processing of your data. In particular, we ask them to be as transparent as possible regarding the transmission of data to Bisnode Belgium and to refer to these web pages for more information on our activities.

2. We have procedures in place to allow you to exercise your rights easily (see your rights)

3. You are not against receiving advertising but you would prefer to receive it through us, only via a specific medium (eg only to your postal address but not by phone), no problem, just we report it via this form

4. The security of your data is of paramount importance to us, and we do regular internal and external checks to ensure that the tools and procedures put in place work properly.

5. We have appointed a "Data Protection Officer" to ensure that your rights are respected (see below)

6. Finally, in compliance with the GDPR, we carried out a data protection impact assessment. This document analyzes all the possible risks of harm to your data and all the measures to be taken to avoid or limit this risk to a maximum. The recommended measures have been implemented in our IT system and in our procedures.

We send your data to the following customers:
• Business partners (eg telecom, energy, automotive, banking, insurance, mass retail, online sales, etc.),
• The partners in the charity sector and of in the associative world (eg. associations which collect funds to support them in their activities, market research offices)
• Public sector partners (if an administration wants to advertise one of its services)
• Interest and opinion groups (associations that defend specific causes, political parties, ...)
• Social networks or other media that use our data to show you the advertising of our clients which suits best to your interests (or, on the contrary, not showing you advertising that will not interest you)

 

Your data may also be disclosed to third parties in the following cases:
• To our potential beneficiaries and companies belonging to the same group, for the same purposes as those mentioned here.
• to third parties, in the context of services that we ask them to perform on our behalf. For example to our partners who market our data, advertising agencies, our IT service providers, call center, ... In this case, these companies can only use your data within the strict limits of the instructions we gave them, in the compliance with this data protection policy. They are subject to important confidentiality and security obligations with respect to your data. In no case do they become the owners of your data.
• In the context of legal proceedings, to respond to the request of the authorities or to comply with other legal obligations.

Our activities evolve around personal data. The conservation period of this data must be long enough to maintain the best possible quality and thus reduce the risk of errors. Thus, we keep your data for a period of 15 years from their last record in our database. It is possible that another source also communicates your data to us, in this case, the delay starts again from this new communication.

This relatively long time is also explained by the fact that we carry out many treatments on personal data. The companies on whose behalf we work require us to keep the traceability of these treatments.

As we already indicated before, it goes without saying that if you wish that we do not use anymore your data for advertising purposes (right of opposition) or be forgotten, you just have to follow the procedure described here. In this case, the 15 years is obviously not applicable and your will prevails.

We make every effort to ensure the highest confidentiality and security for your data. In this context, we take all necessary technical and organizational measures.

In this context, our network, our infrastructure and our information systems are protected. Access to your personal data is authorized only to the persons necessary for the accomplishment of their mission. They are held in strict professional discretion and must comply with all the technical prescriptions provided to ensure the confidentiality of personal data. We want to prevent unauthorized people from accessing, processing, modifying or destroying your data.

In the case of data breaches, which may entail risks to your privacy, you are personally notified, as is the Commission for the Protection of Privacy, in accordance with our legal obligations. In this case, we will make every effort to stop this state of affairs as quickly as possible and to limit all the consequences.

We transmit some of our data to our call center established in Morocco. It is obvious that all the processing of your data carried out there is protected in accordance with the legal provisions. We make sure that the envisaged treatments respect a level of protection of your data equivalent to the protection existing in the European Union, in particular by signing the contractual clauses of the European Commission.