Privacy Notice
Last update: October 2024
Belgacom International Carrier Services SA/NV (hereafter BICS), with registered office at Boulevard du Roi Albert II, 27 B-1030 Brussels – Belgium and registered with the Crossroads Bank of Enterprises (RPM Brussels) under number 0866 977 981, and with VAT BE 0866 977 981 understands your need for privacy and knows that privacy is an important issue for you. That is why we do everything possible to respect your privacy when you use our website or our services and when you interact with us for any matter.
In this Privacy Notice, the words “our”, “us”, “we” and “BICS” refer to, our affiliates (which includes any person or entity that controls us, is controlled by us, or is under common control with us, such as our subsidiaries, parent companies) or our employees. In this Privacy Notice, the words “your” and “you” refer to the individual visiting the Website in his/her own name or on behalf of the company or entity he/she represents, as well as the individual whose personal data may be processed by BICS as part as our Services, such as an end-user of one of our customers.
This Privacy Notice describes how BICS collects, processes and protects personal data as a data controller. We also outline the rights you may have in respect to that data. The Notice relates to the information we gather in our publicly accessible websites, for recruitment purposes or the data in relation to products we sell and the services we provide or procure through commercial agreements, by which we collect, store or process otherwise your personal data or personal data of your end users or employees, and for which we become controller upon collection of the data.
Who are we?
As an international wholesale carrier of telecommunications, BICS is transferring the communications it receives from its telecommunications customers (the “Customer“) to worldwide destinations, for further conveyance of those communications to the destination end user by local operators. In other words, if you want to call someone abroad, in order for you to communicate with that person, your telecom network will need to connect your call with the network of the operator to which that person is connected. For technical reasons, this connection is often routed via international wholesale carriers, such as BICS. This principle also applies when someone abroad tries to call you. For the conveyance of traffic as explained above, BICS will act as a data controller.
As a result, where BICS acts as a wholesale carrier, it will only convey your communications, and process data in that context, if a telecom operator with whom you have contracted a telecom service (i.e. the Customer) engages with BICS for the use of our Services in view of allowing you to make or receive an international communication.
Scope
This Privacy Notice contains essential information on how BICS, as the data controller, collects and processes your personal data, for what purposes, on what legal basis and it explains your rights as a data subjects. You will find a more detailed description on each of these activities below:
- When you use BICS website, and our customer portals (collectively “Website”)
- When BICS uses personal data for recruitment purposes (“Job Application”)
- When BICS processes data of individuals to deliver our services to BICS Customers for the purpose of allowing the individual to make or receive an international communication, (and to the extent such data constitutes personal data) (“Services”)
- When BICS processes personal data of its business contacts such as representatives or prospective customers, suppliers and business partners at events, via email and phone and when visiting our offices. (“Business Contacts”)
For a detailed description on each of these activities download the pdf or find all information below:
What personal data does BICS collect and why?
Website
Information provided voluntarily
BICS collects personal data to provide the best possible experience. When you use our Website, we collect information in a variety of ways, for example by completing online forms to contact us. The information we collect about you may include some of the following, depending on what information you have chosen to share with us:
- Name and job title;
- Company or organisation;
- Contact information, including email address and telephone number(s);
- Demographic information such as postcode, preferences and interests;
- Information pertinent to fulfilling our Services to you; and
- Any other personal information that you voluntarily choose to provide to us.
Information that we collect automatically
When you visit our Website, we may collect certain personal information automatically from your device.
Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.
Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
Some of this information may be collected using cookies and similar tracking technology.
The table below provides more details on the purposes, categories and lawful basis for processing your personal data in the context of our Website.
|
Purpose |
Which kind of information |
Lawful basis for processing |
|---|---|---|
|
Responding to your request via the Website contact form, via e-mail or telephone |
|
Necessary for our legitimate interest to respond to your request |
|
To create and administer your self-service account (myBICS portal) |
|
Necessary for the performance of a contract with our Customers |
|
To administer and protect our business and our Website (including troubleshooting, security, data analysis, testing, system maintenance, support, reporting and hosting of data) |
|
Necessary for our legitimate interest to administer and protect our business (e.g. troubleshooting, network security, data analysis, testing, system maintenance, support, reporting and hosting of data, improvement of the user experience) |
Recruitment process
Information provided voluntarily
The types of personal data we collect and process when you apply for a role with BICS include (but are not limited to):
- Identification data and contact details – including your name, address, email address, phone number and other contact information.
- Employment history – such as previous employers and job titles/positions.
- Background information – such as academic/professional qualifications, job qualifications, education, details included in your CV/résumé (which might include details of any memberships or interests constituting sensitive personal information), transcripts and employment references.
- Details of your nominated referees (including their name, contact details, employer and job role).
- Details of your immigration/visa status.
- Previous applications/roles (information relating to previous applications you have made to BICS and/or any previous employment history with BICS).
- Other information you voluntarily provide throughout the process, including through assessment centres / exercises and interviews.
Personal data we collect from other sources
(In each case, only where permissible and in accordance with applicable law).
- References provided by referees.
- Other background information provided or confirmed by academic institutions and training or certification providers.
- Information provided by background checking agencies and other external database holders (for example employment and education verification agencies,).
- Information provided by recruitment or executive search agencies.
- Information collected from publicly available sources, including any social media platforms you use for professional purposes (such as LinkedIn) or other information available online.
As a general rule, during the recruitment process, we try not to collect or process any of the following: information that reveals your racial or ethnic origin, religious, political or philosophical beliefs or trade union membership; genetic data; biometric data for the purposes of unique identification; or information concerning your health/sex life (“Sensitive Personal Data”), unless authorised by law or where necessary to comply with applicable laws.
However, in some circumstances, we may need to collect or request on a voluntary disclosure basis, some Sensitive Personal Data for legitimate recruitment-related purposes: for example, information about your racial/ethnic origin, gender and disabilities for the purposes of equal opportunities monitoring, to comply with anti-discrimination laws and for government reporting obligations; or information about your physical or mental condition to consider accommodations for the recruitment process and/or subsequent job role. You may provide, on a voluntary basis, other Sensitive Personal Data during the recruitment process.
|
Purpose |
Which kind of information |
Lawful basis for processing |
|---|---|---|
|
Recruitment |
|
Necessary for our legitimate interest to find the right candidate Our legal obligation to comply with anti-discrimination laws or government reporting obligations Your explicit consent if you decide to share Sensitive Personal Data on a voluntary basis. |
If you are accepted for a role at BICS, the information collected during the recruitment process will form part of your ongoing staff member record and will be processed in accordance with our Employee Privacy Notice, which will be provided to you at the relevant time. If you are not successful, we may still keep your application to allow us to consider you for other suitable openings within BICS in the future unless you request that we delete your application.
Services
In relation to our Services, we may collect data depending on the services our Customers engage us for and whether or not your data is contained in the information we receive from third party data sources:
Data sent to us by BICS Customers (to the extent it constitutes personal data)
- End user content data: content of SMS/voice messages sent by Customers.
- Support Data: Information sent by the Customer to BICS for troubleshooting, for example screenshots which could include Personal Data about you.
- Customer Relationship Data: Information about the Customer employee used to operate their account such as name, log-in details, job title, company name of Customer, preferences and settings.
- Device Identifiers: Information about the devices used by Customer employees such as their device identifier and IP address.
Data we generate on our network when providing our Services (to the extent it constitutes personal data)
- Call Detail Records (CDRs) which include where a call was made from and to as well as its date, time, duration, cost and location (but excluding the content of the communications).
- Reports on confirmed telecommunication fraud.
|
Purpose |
Which kind of information |
Lawful basis for processing |
|---|---|---|
|
To provide the Services to our Customers such as ensuring that international communication and traffic are correctly routed |
Only to the extent it is to be considered personal data:
|
Necessary for our legitimate interest to provide the Services (deciding on the best route to convey international traffic to its destination). |
|
To prevent and detect telecommunication fraud |
Only to the extent it is to be considered personal data:
|
Legal obligation (Articles 121/8, 124, §4, subparagraph 1 of the Belgian Electronic Communications Act). Necessary for our legitimate interest to provide the Services to avoid that BICS, our Customers or end-users are the victim of telecommunication fraud. |
|
To manage billing and billing queries of Customers |
|
Necessary for our legitimate interest to provide the Services (being able to invoice the fees for conveying international communications and related services to our Customers). |
|
Respond to law enforcement requests (LEA) by government bodies |
|
Legal obligation (Articles 126 – 126/3 of the Belgian Electronic Communications Act. |
|
To protect our business and the Services (including troubleshooting, security and system maintenance, and to detect non-compliance with the contractual terms by our Customers) |
|
Necessary for our legitimate interest to provide the Services in accordance with the service levels agreed in our contracts with Customers. |
Business contacts
BICS collects the following personal data either from you or third parties:
- Business Contact Data: Name, email address, phone number, job title, company, links to business networking online profiles.
- Enquiry Data: Information submitted to us relating to questions about our Services or products and services provided by your business.
- Marketing and Contact Preferences: Details of the choices you have made to receive marketing from us.
|
Purpose |
Which kind of information |
Lawful basis for processing |
|---|---|---|
|
To contact existing Customers about products, services, sector developments and events BICS thinks may be of interest to you |
|
Legitimate interest for sending out marketing materials for already existing Customers |
|
To manage our relationship with our Customers which will include:
|
|
Legitimate interest to manage existing relationship with our Customers |
|
BICS offices access management |
|
Legitimate interest to ensure proper access management and security |
Why do we share that data with others?
Unless you give us your permission, we don’t share your data with third parties, except as described below:
- Other parties involved in the performance of the Services we provide to our Customers, such as other network connectivity services providers and communications operators
- Third-party service providers or consultants. We may share data collected from you on the Website with third-party service providers or consultants who need access to the data to perform their work on BICS’ behalf, such as a website analytics company or our third-party advertising partners. These third-party service providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances that they will appropriately safeguard the data.
- Compliance with Laws. We may disclose your data to a third party if we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or government request (including to meet national security or law enforcement requirements). If BICS is required by law to disclose any of your data that directly identifies you, then we will use reasonable efforts to provide you with notice of that disclosure requirement, unless we are prohibited from doing so by statute or court or administrative order. Further, we object to requests that we do not believe were issued properly.
- BICS group of companies. We may share data with our affiliates as well as with other companies within our group when there is a reasonable need to process your data for the purposes described in this Notice.
- Business transfers. If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be shared in connection with due diligence for any such transaction. Any acquirer or successor of BICS may continue to use the data we collect from you as described in this Notice.
We might also share data with a third party if that data has been aggregated in a way that does not directly identify you. We may also pseudonymize your data before sharing them with third parties to be able to associate you again with these data once they are returned to us, but without allowing such third parties receiving the pseudonymized data to identify you. We do not share your data with third parties for their direct marketing purposes unless you give us your consent to do so.
When the use and sharing of your data involve international transfer of data, we have taken appropriate safeguard to require from the third-party recipients that the data will remain protected in accordance with this Notice.
Retention of your personal data
BICS acknowledges the importance of the protection of personal data. We do not retain your personal data no longer than strictly necessary for the realization of the purposes for which we process the data.
The personal data that we collect based on your consent will be kept by us as long as there is an ongoing legitimate business need to do so, or until you withdraw your consent, whichever event occurs first-.
In all cases, personal data may be retained for a longer period if there is a legal or regulatory reason to do so, or for a shorter period if the data subject objects to the processing of his/her personal data and if there is no longer a legitimate reason to retain them.
When we have no ongoing legitimate business need to process your data, we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Protection of personal data
We will process your personal data in accordance with this Notice, as follows:
- Fairness: We will process personal data fairly. This means that we are transparent about how we process personal data and that we will process it in accordance with applicable law.
- Purpose limitation: We will process personal data for specified and lawful purposes and will not process it in a manner that is incompatible with those purposes.
- Proportionality: We will process personal data in a way that is proportionate to the purposes which the processing is intended to achieve.
- Data accuracy: We take appropriate measures to ensure that the personal data that we hold is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your personal data is kept as accurate, complete and current as possible by informing BICS of any changes or errors. Data security: We have taken technical and organizational measures to protect the databases in which your data is kept against unauthorized access, unauthorized use, theft or loss. Our security measures are regularly evaluated and adapted so that we can continue to provide a high level of protection. Please note, though, that no website or internet transmission is completely secure, so while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
Your wish for privacy
You can read below how you can inform BICS of your preferences with regard to your privacy. We do our best to update our systems and databases to the extent technically feasible and as quickly as possible but bear in mind that it nevertheless takes some time to implement your choice in practice.
- If you are not a customer of BICS, see the ‘How to contact us’ section.
- If you have a MyBICS account, use the contact tab in the customer portal to reach to our customer care department or your account manager.
Your rights in relation to personal data
You have certain rights in relation to your personal data that is held by us, and we respect and observe these rights.
Such rights may include the rights to: ask us to confirm that we are processing your personal data, ask us for a copy of your personal data (including information regarding who we share your personal data with); to correct, delete or restrict (stop any active) processing of your personal data; to limit the use and disclosure of your personal data; and to ask us to share (port) your personal data to another person.
In addition, you can object to the processing of your personal data in some circumstances (in particular, where we you can invoke grounds relating to your particular situation which override our legitimate interest)). Where applicable, you can also withdraw the consent you have given us to process your personal data and request information on the consequences of not providing such consent.
These rights may be limited, for example: if fulfilling your request would reveal personal data about another person; where it would infringe the rights of a third party (including our rights); or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Nevertheless, we will consider each of the cases individually and try to satisfy your request to best of our ability.
In order to make use of these rights, please send a request (dated and signed) to the BICS Data Protection Officer (dpo@bics.com).
If, at any time, you believe that BICS infringes your privacy, you have the right to lodge a complaint with the Belgian Data Protection Authority: Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussels, Tel +32 (0)2 274 48 00, e-mail: contact@apd-gba.be.
Changes to our Privacy Notice
We may change our Privacy Notice from time to time. If we make changes, we’ll revise the “Last Updated” date at the top of this Notice, and we may provide additional notice such as on the Website homepage. If we make any material changes to this notice, BICS will notify you of those changes through a notice on the Website or through other reasonable means of communication, such as email. We will comply with applicable law with respect to any changes we make to this notice.
How you can contact us
You may write to us at the following address: BICS SA, Privacy Office, Boulevard du Roi Albert II 27, 1030 Brussels, Belgium or send an e-mail to dpo@bics.com.
LEAs having the authority to send requests to BICS SA/NV may send their requests to lea@bics.com.