We appreciate the trust you place in RHEA when sharing your personal data. The security of your personal data is very important to us. In the following sections, we will explain how we collect, use and protect your personal data.
We will also explain what rights you have with regards to your personal data and how you can exercise those rights.
This Privacy Policy applies to the personal data of our Website User, Candidates, Clients, Suppliers, and other people whom we may contact in order to find out more about our candidates. It also applies to RHEA’s employees and the emergency contacts of our employees.
This Privacy Policy applies in relevant countries throughout our international network. Different countries throughout our international network may approach data privacy in slightly different ways and so we also have country-specific parts to this Privacy Policy. You can find country-specific terms for your jurisdiction on Section 10. This allows us to ensure that we are complying with all applicable data privacy protections, no matter where you are.
In this Privacy Policy, when we refer to “RHEA”, “us”, “we” or “our”, we mean the RHEA System S.A. which is responsible for any personal information collected about you.
RHEA is a Engineering Group operating on service delivery of systems, software and solutions to the aerospace, defence and security markets. This includes Information and Communications Technology (ICT) solutions involving information security risk management, information security engineering, information and critical infrastructure protection and applications for cyber defence and cyber forensics. RHEA has a consolidated experience and a broad set of ongoing activities and capabilities in the field of Security with a prominent focus on Cyber and Space applications;
Our Data Protection Officer can be contacted directly here:
We collect your personal data:
We process your personal details that are necessary to perform our service and desirable to better align our services to your expectations or to meet more specific questions or obligation coming from RHEA’s client namely:
You are responsible for the correctness and relevance of the data you provide RHEA. Please provide any changes in your personal details to privacy@rhearoup.com
We do not collect any Specific Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Subject to specific and exceptional request from the client, we do not collect any information about criminal convictions and offences.
The personal data we collect will be used for the following purposes:
RHEA will collect, use and share your personal information only when this is legally justified.
We can summarize our relevant legal basis for processing your personal data as follows:
Our legitimate interests include:
You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our websites may become inaccessible or not function properly. For more information on cookies please go to the Cookies Policy.
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Generally, RHEA does not rely on consent as a legal basis for processing your personal data in any other case than sending certain direct marketing communications to you via email or to perform active recruitment activities.
You may withdraw consent at any time by sending an email to:
Internal Disclosure
RHEA may share internally your personal information with its affiliates where such disclosure is necessary to provide you with our services or to manage our business
External Disclosure
RHEA may share your information with other third parties named in the following cases:
RHEA will not pass on or sell your personal data to third parties for their own marketing purposes without first obtaining your consent.
RHEA shall give access to your personal information only to trusted partners or services providers who require the use of such information for business purposes. These third parties are entities for whom we have established they have adequate and sufficient data protection and security controls in place and with whom we have also implemented contractual obligations to ensure they can only use your data to provide services to RHEA limited to the purposes listed above. Moreover, these third parties shall not use or process your Personal Data for any purpose other than to provide the Service to RHEA.
International transfers
Personal Information which you supply to us is generally stored and kept in our own servers located in Belgium. However, due to the nature of our global business and the technologies required (some cloud-based tools), your Personal Information may be transferred to an internal or external third party located outside the EEA, in countries where there may be a lower legal level of data protection.
In such situations, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
General Principle
RHEA guarantees not to keep your personal data for longer than required by law or such other period necessary to fulfil the purposes we collected them for.
For Applicants
When you apply for a job, you allow us to retain your personal information to support you in your search for work (CVs, education, work expectations, contact information, etc.) for a period of 3 years. If any other opportunities become available which you may be interested in, we will contact you by email, telephone or by skype.
After this initial period of 3 years you will automatically get an e-mail asking you whether you authorize us to keep your personal information in our recruitment database or not.
In case of a negative answer we will delete all your personal data (including your contact details).
In absence of reply we will only file your contact details for archives for a period of five years unless you decide to give us a new consent in the meantime.
In case of a positive answer we will again inform you by e-mail 3 years later that we will only file your data for archives for a period of five years due to certain statutory periods of limitation, unless you decide to give us a new consent.
For employees
If you work or have worked at RHEA, we will save all your employment data (identification, performances, wage information, multifunctional declaration at the social security department, tax declaration, …) for a period of 10 years after the end of your employment contract. This is in order to satisfy with a variety of social, fiscal and other legal obligations and periods of time limitation.
For marketing purposes
RHEA will process and store personal data for 3 years.
While we are in possession of, or processing your personal data, you, the data subject, have the following rights:
All of the above requests can be sent to privacy@rheagroup.com
RHEA does everything in its power to optimally protect your personal information against unlawful use. We do this on the basis of physical, administrative and technological measures. For ensuring notably the security of its Information processing, RHEA is currently implementing ISO 27001 international standard which describes namely how to manage information security in a company. The focus of ISO 27001 is to protect the confidentiality, integrity and availability of the information in a company.
RHEA has been ISO 27001 certified since January 2020.
In the event that you wish to make a complaint about how your personal data is being processed by RHEA, or about how your complaint has been handled internally by RHEA, you have the right to lodge a complaint directly with the supervisory authority or/and RHEA’s Data Protection Officer (DPO).
The details for each of these contacts are:
This Privacy Policy was last reviewed and updated in August 2018.
It is important to point out that we can amend this Privacy Policy from time to time. Please make sure you visit our “privacy notice” page from time to time if you want to stay up to date.
JURISDICTION: Belgium
COUNTRY-SPECIFIC LEGAL REQUIREMENT:
As described in the main body of our Privacy Policy, we are entitled to rely on “soft opt-in” consent in respect of certain marketing messages that we wish to send you. In all other e-marketing circumstances, active “opt-in” consent is required by law and RHEA is required to keep records of each specific consent provided by you.
NOTE: THIS SECTION WILL BE UPDATED WHEN LOCAL IMPLEMENTING LAW SHALL BE FINALISED
Website by ELDO™