0471/12.08.14

Privacy Policy – MedicAssistance

ARTICLE 1: PREAMBLE

This privacy policy applies to the website: www.medicassistance.be

The purpose of this privacy policy is to inform users of the site: How their personal data is collected and processed. Personal data refers to any data that can identify a user. This includes, but is not limited to, first and last name, age, postal address, email address, user location, or IP address; What rights users have regarding their data; Who is responsible for the processing of the collected and processed personal data; To whom this data is transmitted; Possibly, the site’s policy regarding “cookies” files.

ARTICLE 2: GENERAL PRINCIPLES REGARDING THE COLLECTION AND PROCESSING OF DATA

In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of user data on the site respect the following principles:

Lawfulness, fairness, and transparency: Data can only be collected and processed with the user’s consent. Whenever personal data is collected, the user will be informed that their data is being collected, and for what purposes their data is being collected; Limited purposes: Data collection and processing are carried out to meet one or more specific objectives set out in these terms and conditions of use; Minimization of data collection and processing: Only data necessary for the proper execution of the objectives pursued by the site are collected; Limited data retention: Data is retained for a limited period, of which the user is informed. When this information cannot be provided, the user is informed of the criteria used to determine the retention period; Integrity and confidentiality of collected and processed data: The data controller undertakes to ensure the integrity and confidentiality of the collected data. In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data can only take place if they comply with at least one of the following conditions:

The user has expressly consented to the processing; The processing is necessary for the performance of a contract; The processing complies with a legal obligation; The processing is necessary to protect the vital interests of the data subject or of another natural person; The processing may be explained by a necessity related to the performance of a task carried out in the public interest or in the exercise of official authority; The processing and collection of personal data are necessary for the purposes of the legitimate interests pursued by the data controller or by a third party.

ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF NAVIGATION ON THE SITE

COLLECTED AND PROCESSED DATA AND COLLECTION METHOD When you access, visit, or browse the site, or when you receive and/or respond to emails related to the site www.medicassistance.be, the site’s server automatically records details about your access and actions:

the date and time of your visit; the browser you are using; your IP address; the location of connection; the volume of data transmitted; the duration of your visit. When you log in to the site, you may be asked to provide a certain amount of information such as (including) your contact details: first name, last name, company, postal and email addresses, phone number, country of residence, your registration data on the site such as your login and password.

This data is collected when the user performs one of the following operations on the site:

browsing the site www.medicassistance.be; contacting via the dedicated form. Unless otherwise specified, the data controller will keep in its computer systems of the site and under reasonable security conditions:

your data collected and processed by the site for a period of three years from your last contact with www.medicassistance.be (online request, email or postal mail, telephone call, newsletter registration, click in an email addressed to you by the company, participation in a training session or seminar organized by the company, etc.) or from the end of your contractual or commercial relations with the latter; login, browsing, and traffic data are retained for a maximum period of one year. Data collection and processing are used for:

management, processing, and monitoring of requests and exchanges with the site (for example: contact, information, documentation request, or other), and the site’s relations with its contacts in general (customers, prospects, internet users, etc.); the management of your relations with the site regarding contracts, registration for training sessions or seminars, orders, invoices, payments, and transactions (including the management of outstanding payments and litigation, and associated accounting); the conduct of commercial, communication, prospecting, solicitation, and marketing operations (emails including newsletters and postal mail, telemarketing, targeting, segmentation, and personalization of exchanges, sending gifts/products); the management and implementation of commercial, communication, prospecting, solicitation, and marketing operations by the company at large; access to and benefit from the functionalities offered on the site; understanding and studying the use of the site by users and their browsing behavior in order to improve our online communication; improvement and optimization of the quality and functionalities of the site; conducting studies, analyses, reports, and statistics; conducting satisfaction surveys; management and processing of requests from users of the site, and more generally contacts of the site, aiming at the exercise of their rights regarding the protection of personal data; compliance with legal and regulatory obligations resulting in particular from the activity of the company. The data processing carried out is based on the following legal bases:

legal obligation as defined in the document GDPR and its consequences on Belgium, available at this address: https://www.inami.fgov.be/fr/professionnels/information-tous/Pages/reglement-general-protection-donnees.aspx The administrative authority responsible for monitoring and ensuring compliance with the GDPR in Belgium is the Data Protection Authority (DPA). TRANSMISSION OF DATA TO THIRD PARTIES Personal data collected by the site may be transmitted to third parties to improve your web experience.

DATA HOSTING The site www.medicassistance.be is hosted by: OVH

The data collected and processed by the site is transferred to the following country(ies): Belgium.

ARTICLE 4: DATA CONTROLLER AND DATA PROTECTION OFFICER

DATA CONTROLLER The Data Protection Officer can be contacted at the following address:

MedicAssistance – info@medicassistance.be – 0471 12 08 14

The Data Protection Officer is responsible for determining the purposes and means of processing personal data.

OBLIGATIONS OF THE DATA CONTROLLER The data controller undertakes to protect the personal data collected, not to transmit it to third parties without informing the user, and to respect the purposes for which this data was collected.

The site has an SSL certificate to ensure that the information and data transfer through the site are secure.

An SSL certificate (“Secure Socket Layer” Certificate) is intended to secure the data exchanged between the user and the site.

Furthermore, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this would involve disproportionate formalities, costs, and procedures for him.

In the event that the integrity, confidentiality, or security of the user’s personal data is compromised, the data controller undertakes to inform the user by any means.

DATA PROTECTION OFFICER Furthermore, the user is informed that there is a Data Protection Officer.

The role of the Data Protection Officer is to ensure the proper implementation of national and supranational provisions relating to the collection and processing of personal data.

ARTICLE 5: USER RIGHTS

In accordance with the regulations concerning the processing of personal data, the user has the following rights.

In order for the data controller to respond to his request, the user is required to provide him with: his first name, last name, and email address.

The data controller is required to respond to the user within a maximum period of 30 (thirty) days.

PRESENTATION OF USER RIGHTS REGARDING DATA COLLECTION AND PROCESSING Right of access, rectification, and deletion The user can be informed, update, modify, or request the deletion of the data concerning him, respecting the following procedure:

Send an email to the data controller specifying the subject of his request via the contact form mentioned above.

Right to data portability The user has the right to request the portability of his personal data, held by the site, to another site, in accordance with the following procedure:

Make a request for the portability of his personal data by specifying the subject of his request to the Data Protection Officer via the contact form mentioned above.

Right to limitation and opposition to data processing The user has the right to request the limitation or to object to the processing of his data by the site, without the site being able to refuse, except to demonstrate compelling legitimate reasons which prevail over the interests and rights and freedoms of the user.

To request the limitation of the processing of his data or to formulate an opposition to the processing of his data, the user must follow the following procedure:

The user must request the limitation of the processing of his personal data by email to the site manager at the following email address: info@r-management.be

Right not to be subject to a decision based exclusively on automated processing In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on automated processing if the decision produces legal effects concerning him, or significantly affects him in a similar way.

Right to determine the fate of data after death The user is reminded that he can organize what should happen to his data collected and processed if he dies, in accordance with Law No. 2016-1321 of October 7, 2016.

PERSONAL DATA OF MINORS In accordance with the provisions of Article 8 of European Regulation 2016/679 and the Data Protection Act, only minors aged 15 or over can consent to the processing of their personal data.

If the user is a minor under the age of 15, the consent of a legal representative will be required for personal data to be collected and processed.

The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he will have obtained the agreement of a legal representative before browsing the site.

ARTICLE 6: USE OF “COOKIES” FILES

The site may use “cookies” techniques.

A “cookie” is a small file (less than 4 kb), stored by the site on the user’s hard drive, containing information about the user’s browsing habits.

These files allow it to process statistics and information on traffic, facilitate navigation, and improve the service for the user’s comfort.

For the use of “cookies” files involving the storage and analysis of personal data, the user’s consent is necessarily requested.

This user consent is considered valid for a maximum period of 6 (six) months. At the end of this period, the site will request the user’s authorization again to save “cookies” files on his hard drive.

User opposition to the use of “cookies” files by the site Cookies not essential for the operation of the site are deposited on the user’s terminal only after obtaining his consent. The user can withdraw his consent at any time, as follows:

Please click on the “withdraw consent” button on the cookie settings page.

More generally, the user is informed that he can oppose the recording of these “cookies” files by configuring his navigation software.

For information, the user can find at the following addresses the steps to follow in order to configure his navigation software to oppose the recording of “cookies” files:

Chrome: https://support.google.com/accounts/answer/61416?hl=en Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences Safari: http://www.apple.com/legal/privacy/en-ww/ Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies Opera: http://www.opera.com/help/tutorials/security/cookies/ In the event that the user decides to deactivate “cookies” files, he will be able to continue browsing the site. However, any malfunction of the site caused by this manipulation cannot be considered the responsibility of the site editor.

ARTICLE 7: CONDITIONS FOR MODIFICATION OF THE PRIVACY POLICY

This privacy policy can be consulted at any time at the following address:

https://medicassistance.be/politique-de-confidentialite

The site editor reserves the right to modify it in order to guarantee its compliance with the law.

Therefore, the user is invited to regularly consult this privacy policy to be informed of the latest changes that will be made to it.

The user is informed that the last update of this privacy policy took place on: 05 / 05 / 2024.

ARTICLE 8: ACCEPTANCE BY THE USER OF THE PRIVACY POLICY

By browsing the site, the user confirms that he has read and understood this privacy policy and accepts its conditions, particularly regarding the collection and processing of his personal data, as well as the use of “cookies” files.