privacy policy
Last modified on January 1st, 2026.
First of all, we are excited that you are interested in SPENCER.
In this privacy statement we document the way Personal Data is processed by us.
It is possible that we will ask you to share certain Personal Data with us, including but not limited to your first name, last name, e-mail address (identification data). In relation to certain legal obligations (electronical registration of attendance) you might have to provide us with additional data, such as, for example, payment and billing data.
We only collect Personal Data that is necessary to inform you about our products and services, to execute agreements with you and to contact you.
The legal grounds for the processing of your Personal Data is the execution of an agreement, a legal obligation, our legitimate interest and, sometimes, your consent (article 2).
The processing of your Personal Data is subject to this privacy statement. In case you have questions or remarks, please contact privacy@spencer.co.
Article 1 – DEFINITIONS
“Affiliated Company” means a company which SPENCER is affiliated to, provided that such company meets the conditions for an “affiliated company” as set out in article 1:20 of the Belgian Code on Companies and Assocations.
“Controller” has the meaning as defined in the General Data Protection Regulation 2016/679, which determines the purposes and means of the processing of Personal Data.
“Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any information relating to an identified or identifiable natural person (also called the “data subject”).
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679. SPENCER will be qualified as the Processor which processes Personal Data on behalf of the Controller.
“SPENCER” means RECNEPS NV, a company with registered office situated at 2000 Antwerp (Belgium), Scheldestraat 11 and registered in the Belgian Crossroad Bank for Enterprises with number 0667.513.616.
“Website” means SPENCER’s website: www.spencer.co.
Article 2 – PURPOSES AND LEGAL GROUNDS
Client data
In the framework of our services and commercial activities we collect and process identity and contact data of our clients, their personnel and associates. The purposes of this processing are the execution of the agreements with our clients, customer care, bookkeeping and direct marketing purposes such as the sending of promotional or commercial information. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation), our legitimate interest and, sometimes, your consent.
Supplier and subcontractor data
We collect and process identity and contact data of our suppliers and subcontractors, their subcontractors, their personnel and associates. The purposes of this processing are the execution of the agreement(s), supplier/subcontractor care and bookkeeping. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.
Personnel data
We process Personal Data of our employees in relation to our personnel and our staffing services and our salary administration services. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.
Data of applicants
We process the identification and contact data, as well as the work history and other data that is usually indicated on a curriculum vitae of applicants when they provide us with this information. The Personal Data is processed to determine whether you qualify for a job with us on the ground of our legitimate interest.
If we wish to retain your Personal Data for a longer period of time after the relevant vacancy has been filled, we will inform you and request your consent to do so.
Other data
In addition to the data of customers, suppliers/subcontractors, employees and applicants, we also process Personal Data of others, such as possible new customers/prospects, useful contacts within our sector, network contacts, etc. This is done via our Application, Website or other channels. The purposes of this processing are in the interest of our activities, direct marketing and public relations. The legal grounds for this processing are our legitimate interest, the execution of an agreement and, in some cases, your explicit consent.
More specifically, we can use the Personal Data we collect from you for the following purposes:
(i) to provide you with information about our products and services;
(ii) to execute agreement(s) with you;
(iii) to inspect and process potential complaints or requests;
(iv) to help us evaluate, correct or improve our Website and all related products and services of SPENCER;
(v) for direct marketing purposes;
(vi) for internal reasons, such as corporate administration and archiving purposes.
Article 3 – THE CONFIDENTIALITY OF YOUR PERSONAL DATA
Every time you as a user submit Personal Data, we shall handle this information in accordance with the stipulations of this privacy statement and any legal obligations applicable to the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.
We establish reasonable measures and procedures to secure and protect the Personal Data we collect through the Website or via electronic correspondence. This way, we undertake, as far as can reasonably be expected, to prevent illegal processing of Personal Data and unintentional loss or removal of your Personal Data.
We seek to optimize the security of your Personal Data by limiting the access to your Personal Data to persons on a “need-to-know” basis (for example: only those employees, associates or subcontractors who need your Personal Data for the purposes as described in article 2 shall receive permission to access the data).
Article 4 – HOW DO WE COLLECT YOUR PERSONAL DATA AND HOW LONG IS IT KEPT?
SPENCER collects your Personal Data:
(i) when you book/request a demo using the button provided for that purpose on the Website;
(ii) when you enter into an (employment) agreement with us;
(iii) when you call or mail us or correspond with us via another way than the Website.
We avoid the collection of Personal Data which are not relevant for the purposes as set out in article 2.
Retention of data
Personal Data will be stored and processed by us for the duration that is required in relation to the purposes of the processing.
Customer data and supplier or subcontractor data will be removed from our systems 7 years after the termination of the agreement involved, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).
Personal Data of our employees will be removed 5 years after the termination of the employment agreement.
Personal Data of applicants will be removed after the relevant vacancy has been filled or 2 years after obtaining the consent to inform applicants about future job opportunities.
Other data will not be stored longer than 2 years after the last useful contact with you, except in the case of your consent to retain this data for a longer period of time.
Article 5 – TRANSFER OF PERSONAL DATA
We will not transfer Personal Data to third parties outside the European Economic Area, except to subcontractors or associates who retain the Personal Data in accordance with the European Commission’s Standard Contractual Clauses and thereby provide an adequate level of security for the processing of Personal Data.
Furthermore, we will not transfer Personal Data to third parties inside the European Economic Area without your permission, except:
(i) when such transfer is necessary to permit associates, agents or subcontractors to provide a service or accomplish a task in our name (including but not limited to providing marketing support, accomplish market research or providing customer services);
(ii) if it is required by applicable laws and regulations.
Any transfer of Personal Data to one of the third parties mentioned in the list above, is in accordance with the stipulations of the General Data Protection Regulation 2016/679.
We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned in article 2, and that these third parties have undertaken the necessary technical and organizational measures to protect the data involved.
We will have data processing agreements in place with the aforementioned third parties and, if applicable, Standard Contractual Clauses as provided by the European Commission, in order to ensure the security of the Personal Data.
Finally, we shall take all necessary precautionary measures to assure that our employees and associates who have access to Personal Data will process these Personal Data exclusively in accordance with this privacy statement and the obligations under the General Data Protection Regulation 2016/679.
Article 6 – RIGHTS OF THE DATA SUBJECT
By virtue of both Belgian and European legislation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send us a written request to privacy@spencer.co. If there is no reasonable assurance of your identity, we may ask you to send a copy of the frontside of your identity card.
We will provide you with information within one (1) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of three (3) months, in which case you will be informed about the reasons for such delay within one (1) month of the original request.
The right of access to Personal Data
You have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected.
The right to rectification of Personal Data
We kindly ask you to help to make sure that the Personal Data in our records are as accurate and up-to-date as possible. If you believe that the Personal Data submitted to us are incorrect or incomplete, please notify us as described above. We will correct or adapt your Personal Data as soon as possible.
The right to erasure of Personal Data
In some circumstances you have the right to the erasure of your Personal Data without undue delay. Those circumstances include:
(i) the unnecessity to hold the Personal Data any longer in relation to the purposes for which they were collected or otherwise processed;
(ii) the withdrawing of the consent to consent-based processing;
(iii) the processing that is for direct marketing purposes; and
(iv) in case the Personal Data have been unlawfully processed.
However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary:
(i) for exercising the right of freedom of expression and information;
(ii) for compliance with a legal obligation; or
(iii) for the establishment, exercise or defence of legal claims.
The right to restrict the processing of Personal Data
In the following circumstances you have the right to restrict the processing of your Personal Data:
(i) for contesting the accuracy of the Personal Data;
(ii) when the process is unlawful but you don’t want the Personal Data to be erased; or
(iii) when you objected to processing, pending the verification of that objection.
Where processing has been restricted on this basis, we may continue to store your Personal Data. However, we will only process it with your explicit consent, for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.
The right to object
You have the right to object to our processing of your Personal Data, under the following circumstances:
(i) when we process your Personal Data for direct marketing purposes (including profiling for these purposes) based on our legitimate interest; and
(ii) on grounds relating to your particular situation (special personal circumstances).
The right to data portability
If you wish to exercise your right to data portability, we will send the Personal Data in a structured, commonly used and machine-readable format to a controller of your choice.
The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing before the withdrawal.
The right to complain to a supervisory authority
You can file a complaint with the Data Protection Authority (“Gegevensbeschermingsautoriteit”) by sending an e-mail to contact@apd-gba.be or by sending a written request to the Data Protection Authority with registered address located at 1000 Brussels, Drukpersstraat 35.
Article 7 – THIRD PARTY LINKS
The Website may contain links to websites of third parties which are not controlled by us. Although we will do our utmost to make sure that the links on the Website lead exclusively to websites which share the safety and confidentiality standards of SPENCER, we are not responsible for the protection and confidentiality of data, among Personal Data which you submit on other websites after you have left the Website.
Before submitting Personal Data we recommend that you proceed carefully and consult the privacy statement which applies on the website concerned.
Article 8 – AMENDMENTS
We have the right to change this privacy statement at any time by publishing a new version on our Website.
We recommend to consult the Website on a regular basis in order to verify that you agree to any changes made to this privacy statement.
In any event, you will be informed of any changes to this privacy statement by e-mail, if we do have your emailadres.
Article 9 – COOKIES
SPENCER might use “cookies” whenever you make use of the Website. A “cookie” is information that is sent via the server to your device and that is stored on the hard drive of your device. Cookies can help SPENCER to identify your device whenever you use the Website. That allows SPENCER to make the Website more user friendly and to provide you with a personalized service.
For more information, we refer to our cookie statement which can be found on the Website.
Last modified on 22 June 2022.
First of all, we are excited that you are interested in SPENCER.
In this privacy statement we document the way Personal Data is processed by us.
It is possible that we will ask you to share certain Personal Data with us, including but not limited to your first name, last name, e-mail address (identification data). In relation to certain legal obligations (electronical registration of attendance) you might have to provide us with additional data, such as, for example, payment and billing data.
We only collect Personal Data that is necessary to inform you about our products and services, to execute agreements with you and to contact you.
The legal grounds for the processing of your Personal Data is the execution of an agreement, a legal obligation, our legitimate interest and, sometimes, your consent (article 2).
The processing of your Personal Data is subject to this privacy statement. In case you have questions or remarks, please contact privacy@spencer.co.
Article 1 – DEFINITIONS
“Affiliated Company” means a company which SPENCER is affiliated to, provided that such company meets the conditions for an “affiliated company” as set out in article 1:20 of the Belgian Code on Companies and Assocations.
“Controller” has the meaning as defined in the General Data Protection Regulation 2016/679, which determines the purposes and means of the processing of Personal Data.
“Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any information relating to an identified or identifiable natural person (also called the “data subject”).
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679. SPENCER will be qualified as the Processor which processes Personal Data on behalf of the Controller.
“SPENCER” means RECNEPS NV, a company with registered office situated at 2000 Antwerp (Belgium), Scheldestraat 11 and registered in the Belgian Crossroad Bank for Enterprises with number 0667.513.616.
“Website” means SPENCER’s website: www.spencer.co.
Article 2 – PURPOSES AND LEGAL GROUNDS
Client data
In the framework of our services and commercial activities we collect and process identity and contact data of our clients, their personnel and associates. The purposes of this processing are the execution of the agreements with our clients, customer care, bookkeeping and direct marketing purposes such as the sending of promotional or commercial information. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation), our legitimate interest and, sometimes, your consent.
Supplier and subcontractor data
We collect and process identity and contact data of our suppliers and subcontractors, their subcontractors, their personnel and associates. The purposes of this processing are the execution of the agreement(s), supplier/subcontractor care and bookkeeping. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.
Personnel data
We process Personal Data of our employees in relation to our personnel and our staffing services and our salary administration services. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.
Data of applicants
We process the identification and contact data, as well as the work history and other data that is usually indicated on a curriculum vitae of applicants when they provide us with this information. The Personal Data is processed to determine whether you qualify for a job with us on the ground of our legitimate interest.
If we wish to retain your Personal Data for a longer period of time after the relevant vacancy has been filled, we will inform you and request your consent to do so.
Other data
In addition to the data of customers, suppliers/subcontractors, employees and applicants, we also process Personal Data of others, such as possible new customers/prospects, useful contacts within our sector, network contacts, etc. This is done via our Application, Website or other channels. The purposes of this processing are in the interest of our activities, direct marketing and public relations. The legal grounds for this processing are our legitimate interest, the execution of an agreement and, in some cases, your explicit consent.
More specifically, we can use the Personal Data we collect from you for the following purposes:
(i) to provide you with information about our products and services;
(ii) to execute agreement(s) with you;
(iii) to inspect and process potential complaints or requests;
(iv) to help us evaluate, correct or improve our Website and all related products and services of SPENCER;
(v) for direct marketing purposes;
(vi) for internal reasons, such as corporate administration and archiving purposes.
Article 3 – THE CONFIDENTIALITY OF YOUR PERSONAL DATA
Every time you as a user submit Personal Data, we shall handle this information in accordance with the stipulations of this privacy statement and any legal obligations applicable to the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.
We establish reasonable measures and procedures to secure and protect the Personal Data we collect through the Website or via electronic correspondence. This way, we undertake, as far as can reasonably be expected, to prevent illegal processing of Personal Data and unintentional loss or removal of your Personal Data.
We seek to optimize the security of your Personal Data by limiting the access to your Personal Data to persons on a “need-to-know” basis (for example: only those employees, associates or subcontractors who need your Personal Data for the purposes as described in article 2 shall receive permission to access the data).
Article 4 – HOW DO WE COLLECT YOUR PERSONAL DATA AND HOW LONG IS IT KEPT?
SPENCER collects your Personal Data:
(i) when you book/request a demo using the button provided for that purpose on the Website;
(ii) when you enter into an (employment) agreement with us;
(iii) when you call or mail us or correspond with us via another way than the Website.
We avoid the collection of Personal Data which are not relevant for the purposes as set out in article 2.
Retention of data
Personal Data will be stored and processed by us for the duration that is required in relation to the purposes of the processing.
Customer data and supplier or subcontractor data will be removed from our systems 7 years after the termination of the agreement involved, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).
Personal Data of our employees will be removed 5 years after the termination of the employment agreement.
Personal Data of applicants will be removed after the relevant vacancy has been filled or 2 years after obtaining the consent to inform applicants about future job opportunities.
Other data will not be stored longer than 2 years after the last useful contact with you, except in the case of your consent to retain this data for a longer period of time.
Article 5 – TRANSFER OF PERSONAL DATA
We will not transfer Personal Data to third parties outside the European Economic Area, except to subcontractors or associates who retain the Personal Data in accordance with the European Commission’s Standard Contractual Clauses and thereby provide an adequate level of security for the processing of Personal Data.
Furthermore, we will not transfer Personal Data to third parties inside the European Economic Area without your permission, except:
(i) when such transfer is necessary to permit associates, agents or subcontractors to provide a service or accomplish a task in our name (including but not limited to providing marketing support, accomplish market research or providing customer services);
(ii) if it is required by applicable laws and regulations.
Any transfer of Personal Data to one of the third parties mentioned in the list above, is in accordance with the stipulations of the General Data Protection Regulation 2016/679.
We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned in article 2, and that these third parties have undertaken the necessary technical and organizational measures to protect the data involved.
We will have data processing agreements in place with the aforementioned third parties and, if applicable, Standard Contractual Clauses as provided by the European Commission, in order to ensure the security of the Personal Data.
Finally, we shall take all necessary precautionary measures to assure that our employees and associates who have access to Personal Data will process these Personal Data exclusively in accordance with this privacy statement and the obligations under the General Data Protection Regulation 2016/679.
Article 6 – RIGHTS OF THE DATA SUBJECT
By virtue of both Belgian and European legislation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send us a written request to privacy@spencer.co. If there is no reasonable assurance of your identity, we may ask you to send a copy of the frontside of your identity card.
We will provide you with information within one (1) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of three (3) months, in which case you will be informed about the reasons for such delay within one (1) month of the original request.
The right of access to Personal Data
You have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected.
The right to rectification of Personal Data
We kindly ask you to help to make sure that the Personal Data in our records are as accurate and up-to-date as possible. If you believe that the Personal Data submitted to us are incorrect or incomplete, please notify us as described above. We will correct or adapt your Personal Data as soon as possible.
The right to erasure of Personal Data
In some circumstances you have the right to the erasure of your Personal Data without undue delay. Those circumstances include:
(i) the unnecessity to hold the Personal Data any longer in relation to the purposes for which they were collected or otherwise processed;
(ii) the withdrawing of the consent to consent-based processing;
(iii) the processing that is for direct marketing purposes; and
(iv) in case the Personal Data have been unlawfully processed.
However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary:
(i) for exercising the right of freedom of expression and information;
(ii) for compliance with a legal obligation; or
(iii) for the establishment, exercise or defence of legal claims.
The right to restrict the processing of Personal Data
In the following circumstances you have the right to restrict the processing of your Personal Data:
(i) for contesting the accuracy of the Personal Data;
(ii) when the process is unlawful but you don’t want the Personal Data to be erased; or
(iii) when you objected to processing, pending the verification of that objection.
Where processing has been restricted on this basis, we may continue to store your Personal Data. However, we will only process it with your explicit consent, for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.
The right to object
You have the right to object to our processing of your Personal Data, under the following circumstances:
(i) when we process your Personal Data for direct marketing purposes (including profiling for these purposes) based on our legitimate interest; and
(ii) on grounds relating to your particular situation (special personal circumstances).
The right to data portability
If you wish to exercise your right to data portability, we will send the Personal Data in a structured, commonly used and machine-readable format to a controller of your choice.
The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing before the withdrawal.
The right to complain to a supervisory authority
You can file a complaint with the Data Protection Authority (“Gegevensbeschermingsautoriteit”) by sending an e-mail to contact@apd-gba.be or by sending a written request to the Data Protection Authority with registered address located at 1000 Brussels, Drukpersstraat 35.
Article 7 – THIRD PARTY LINKS
The Website may contain links to websites of third parties which are not controlled by us. Although we will do our utmost to make sure that the links on the Website lead exclusively to websites which share the safety and confidentiality standards of SPENCER, we are not responsible for the protection and confidentiality of data, among Personal Data which you submit on other websites after you have left the Website.
Before submitting Personal Data we recommend that you proceed carefully and consult the privacy statement which applies on the website concerned.
Article 8 – AMENDMENTS
We have the right to change this privacy statement at any time by publishing a new version on our Website.
We recommend to consult the Website on a regular basis in order to verify that you agree to any changes made to this privacy statement.
In any event, you will be informed of any changes to this privacy statement by e-mail, if we do have your emailadres.
Article 9 – COOKIES
SPENCER might use “cookies” whenever you make use of the Website. A “cookie” is information that is sent via the server to your device and that is stored on the hard drive of your device. Cookies can help SPENCER to identify your device whenever you use the Website. That allows SPENCER to make the Website more user friendly and to provide you with a personalized service.
For more information, we refer to our cookie statement which can be found on the Website.