At Alpha Card, we are committed to safeguarding and preserving your privacy when you are visiting our site ( www.alpha-card.com ) and all underlying pages) and/or when you are communicating with us. We want you to know how we may collect, use, share, and keep information about you as a customer (or prospective customer) and the choices that are available to you. We endeavour to process your personal data in a lawful, fair and transparent fashion.

When we provide products or services to you, we may also give you specific additional details about how we will use your personal information.

This online privacy statement applies to Alpha Card Sites, online related applications that run on smart phones, tablets, and other mobile devices (“apps”) as well as your use of, or access to any of our online services or content and other online programs that we offer with our partners that link to this statement. It does not apply to those websites of which personal data is being governed by the sites own online privacy statements.

Personal data is any information on an identified or identifiable natural person (referred to as the “data subject” in the Belgian Privacy Act of 8 December 1992 on data protection). It may involve a person’s name, a photograph, a telephone number (including a work number), a PIN, a password, a bank account number, a link with a company or other persons, an e-mail address, etc.

Data processing refers to any single processing operation or entire processing procedure for personal data. The processing procedure is very wide-ranging, and includes collecting, saving, using, amending, and divulging data.

More information on data protection legislation in Belgium is available on the website of the Belgian Privacy Commission: www.privacycommission.be.

Notification

In order to have proper authorisation to collect personal data, prior notification at the Belgian Privacy Commission has been submitted. This concerns both personal data collected from our site in Luxembourg as the site in Belgium.

Data Controller – Data Processor

Pursuant to the Belgian Act of 8 December 1992 on data protection (commonly known as the ‘Privacy Act’), Alpha Card is responsible for the processing (‘controller’) of the personal data of, inter alia, existing or potential customers. This implies that Alpha Card is responsible for compliance with the legal requirements regarding the processing of your data for the purposes determined by Alpha Card itself (see below – ‘For what purposes does Alpha Card collect and process your personal data?’).

Changes to the Privacy Statement

Since we may change this online privacy statement, we recommend that you check the current version available from time to time.

What is in this online privacy statement?

What information does this online privacy statement cover?

This online privacy statement describes how we (and our Service Providers) may collect, use, share, and keep information that we get about you online. We gather online information if you:

  • Visit or use our websites or apps;
  • Participate in the online programs we offer with our Business Partners;
  • Receive or reply to electronic communications from us;
  • View or click on our ads or other online content;
  • Interact with us through social media websites and other websites and apps;
  • Apply for an Alpha Card product or service

In this statement, we also explain how we may combine Online Information with other information and how we then use the combined information.

What about the personal data of applicants for jobs posted on this website?

Accountability

The personal data of applicants for jobs posted on this website www.alpha-card.com is under the joint controllership and accountability of (hereinafter the Controllers):

  • Alpha Card CVBA/SCRL, Vorstlaan 100 Boulevard du Souverain, 1170 Brussels, VAT BE 0463.926.551 (RPR/RPM Brussels);
  • Alpha Card Merchant Services CVBA/SCRL, Vorstlaan 100 Boulevard du Souverain, 1170 Brussels, VAT BE 0475.933.171 (RPR/RPM Brussels)

Once the applicant enters into an agreement with one of the Controllers, that employing company will be accountable for and the controller of the processing of the personal information.

Consent

 By applying for a job at one of the Controllers, you consent to the use of your data in accordance with this privacy statement, including:

  • the potential sharing of your data among the Controllers
  • the possibility to contact the references and former employers you mention e.g. in your resume
  • the possibility to process any data, even when classified as sensitive, you provide in the context of the application
  • the entry of your applicant’s data in the 1 year selection pool

Your rights as data subject

 You have the following rights regarding the processing of your personal data:

  • You are entitled to access the data that is being processed about you.
  • Where necessary, you can request in writing that incorrect details are corrected or that information which should not be kept is blocked or deleted.
  • You can object to the processing of your personal data for direct marketing purposes (which does not apply in this context, see purposes).

The fact that there are several controller or that third parties may be involved in the application process does not detract from you considering Alpha Card as the contact to avail yourself of your rights as data subject. If you wish to exercise your rights:

  • In the first place you can contact the person with whom you are/were in contact during the application process,
  • Should you have further concern you can direct your request to the Compliance department of Alpha Card at its corporate seat mentioned above,
  • Please give as much detail as possible when exercising your rights, so that we can deal with your request as efficiently as possible. Please also remember that it must be reasonably easy for us to establish your identity when you exercise your rights, so that we can prevent anyone else from trying to exercise your rights.

For more information, or if you do not agree with Alpha Card’s views, you may contact the Belgian Privacy Commission via the website: www.privacycommission.be.

Personal Data

 The Controllers, during the selection process, collect and process the following personal data on the applicants:

  • The information provided by the applicant in the application form, his motivation letter and his resume as well as during contact moments (physical, phone,…), correspondence (letter, email,…),
  • The information resulting from any tests performed by the applicant in the course of the application process
  • The information provided by third parties on the applicant with the consent of the applicant
  • The information publically available on the applicant e.g. (mini-)blogposts, public elements of social network sites (e.g. LinkedIn), google search results,…
  • The internal evaluation(s) of the applicant

Purposes

The personal data of the applicant will only be used for an adequate, effective, efficient recruitment and selection process which entail the following sub-purposes:

  • Contacting the applicant (e.g. communicating results, planning of meetings,…)
  • Matching the applicant with the (near future) vacancies at the Controllers
  • Assessing the applicant’s fitness for specific vacancies
  • Transition to employment (e.g. startup of the employee file)

Retention

The data on the applicant is retained as follows:

  • In case of an employment: the relevant application data is transferred to the employee file
  • In case of non-employment: the relevant application data of applicants assessed as good, but not fit for the specific vacancy is retained for maximum 2 years to serve as a selection pool

Security (internal)

 The controllers have technical and organizational measures in place to keep the applicant’s data confidential and secure. These entail amongst others:

  • The access to the applicant’s data within the Controllers is limited to the HR department and the persons that contribute to the recruitment and selection e.g. interviewers of the applicant or the head of the department with the vacancy. These persons are held to a duty of confidentiality.
  • The applicant’s data is digitally stored on a server where only the HR department and a small IT maintenance crew have access to.
  • The physical access to the premises of the Controllers, and in particular the HR department, is limited through amongst. other a reception desk, the use of badges, …
  • The information is not to be transferred to third parties, besides specialized service providers (see below).

For some specific tasks the Controllers use the services of specialized service providers like assessment centres, IT service providers. In the relationship with those service providers the Controllers have contractual safeguards in place so the service provider respects the purpose set for the data and the instructions of the Controllers, maintains a high level of technical and organizational measures, allows follow-up by the Controllers, and respects the rights of the applicants.
It must be noted that communication over the internet such as the contact form and email is not 100% secure. The applicant, in using these means of communication, accepts the risks thereof.

What other information do we collect online and how do we collect it?

The types of information we collect depends on which product or service you use.

Sometimes you give information directly to us (or to our Service Providers). For example, you might give us your name, account number, email, mailing address, phone number, or date of birth when you:

  • fill out an online form or survey, including when you complete a card application or book travel with us;
  • register, log into or update the settings on your account using our online services;
  • register or enroll in our programs;
  • enter a contest or register for a marketing offer; or
  • buy something on our website.

We (and our Service Providers or Third-Party Ad-Servers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our website, a cookie will store your username.

We (and our Service Providers or Third-Party Ad-Servers) may collect information using Cookies and Similar Technologies about:

  • the device you use to browse our websites or use our apps (for example, we may collect information about the operating system or the browser version and the type of device you use to open electronic communications from us);
  • the IP Address and information related to that IP Address (such as domain information, your internet provider and general geographic location);
  • browsing history on our websites or apps (such as what you search for, the pages you view, how long you stay, and how often you come back);
  • how you search for our websites, from which website or app you came from, and which of our Business Partners’ websites you visit;
  • which ads or online content from us and our Business Partners you view, access, or click on;
  • whether you open our electronic communications and which parts you click on (for example, how many times you open the communication); and
  • the location of your mobile device (for example, to help prevent fraud or when you register to receive location-based content on our mobile websites or apps).

We (and our Service Providers or Third-Party Ad-Servers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained. For an overview of our cookie policy we kindly refer to www.alpha-card.com/cookie-policy

How do we use the information we collect about you?

We may use Online Information we collect about you on its own or combine it with Other Information to:

  • deliver products and services, including to:
    • recognize you when you return to our websites or use our aps;
    • complete transactions;
    • tell you about updates to your accounts, products, and services;
    • update you about new features and benefits;
    • answer questions and respond to your requests made through our websites or aps and through third-party websites (including social media);
    • use the location of your mobile device for location-based services that you may request;
    • determine how to best provide services to you and manage your accounts, such as the best way and time to contact you;
    • improve our websites or apps and make them easier to use;
    • advertise and market our products and services – and those of our Business Partners – including to:
    • present content that is tailored to your interests, including Targeted Advertising;
    • send or provide you with ads, promotions, and offers;
    • analyse whether our ads, promotions, and offers are effective;
    • help us determine whether you may be interested in new products or services;
  • conduct research and analysis, including to:
    • better understand our customers and our website or apps users;
    • allow you to give feedback by rating and reviewing our products and services and those of our Business Partners;
    • produce data analytics, statistical research, and reports;
    • review and change our products and services;
  • manage fraud and security risk, including to:
    • detect and prevent fraud or criminal activity;
    • safeguard the security of your information;
    • honour specific measures directed against countries or persons, for which your transactions must be checked and, in some cases, blocked, in compliance with the legislation on specific measures (including Council Regulations (EC) 2580/2001 and 881/2002);
    • assess credit risks relating to our business;
    • evaluate and process your applications for our products and services and manage your existing accounts; (for example, to contact you with important information about your account) and
  • use it in other ways as required or permitted by law or with your consent.

Alpha Card itself imposes a number of restrictions, including:

  • Alpha Card does not gather any data for children under 18 regarding their financial situation or on people other than these children without the consent of the legal representative,
  • Alpha Card does not sell or lease your personal data to third parties.

Under direct marketing, Alpha Card does not use:

  • automatic data collection techniques, i.e. applications that siphon off certain personal data from the Internet without human intervention,
  • spyware,

Alpha Card sometimes facilitates the publication of (personal) data via social media such as Twitter and Facebook. These social media have their own terms of use which you yourself are required to take into account and observe if you make use of them. Publication on social media may have (undesired) consequences, including for your privacy or that of persons whose data you share, such as the impossibility of withdrawing publication in the short term. You must estimate these consequences yourself, for you are taking the decision about the publication on these media. Alpha Card does not accept any responsibility in that regard.

How do we share your information?

Some Online Information is Personal Information.

How we treat your Personal Information

We do not share Personal Information with anyone except as described below. We may share Personal Information as required or as permitted by law, such as:

  • with credit bureaus and similar institutions to report about your financial circumstances, and to report or collect debts you owe;
  • with regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and government requests;
  • with our Service Providers, regulatory authorities, and governmental agencies to detect and prevent fraud or criminal activity, and to protect the rights of Alpha Card or others;
  • with our Service Providers who perform services for us and help us operate our business (we require Service Providers to safeguard Personal Information and only use your Personal Information for the purposes we specify);
  • with financial institutions or Co-brand Partners with whom Alpha Card jointly offers or develops products and services (but they may not use your Personal Information - in particular your email address – to independently market their own products or services to you unless you consent that they can do so);
  • in the context of a sale of all or part of the Alpha Card Group Family of Companies or their assets; or
  • for specific products or services, when you have given your consent.

We may transfer Personal Information to Service Providers (e.g. Worldine), for example, to process transactions and provide you with our products or services. Regardless of where we process your information, we still protect it in the manner described in this online privacy statement and according to the applicable laws.

How we handle Aggregated Information and De-identified Information

Aggregated Information or De-identified Information does not identify you individually; it helps us to analyse patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:

  • for the same reasons as we might share Personal Information;
  • with Business Partners to help develop and market programs, products or services and present targeted content including Targeted Advertising;
  • with Business Partners to conduct analysis and research about customers, website and app users; or
  • with Third-Party Ad-Servers to place ads (including ads of our Business Partners) on various websites and apps, and to analyse the effectiveness of those ads.

How do we keep and safeguard your information?

We, or our carefully selected partners use administrative, technical and physical security measures to protect your Personal Information. These measures include computer safeguards and secured files and facilities. We, or our carefully selected partners take reasonable steps to securely destroy or permanently de-identify Personal Information when we no longer need it. We will keep your Online Information only as long as we must to deliver our products and services, unless we are required by law or regulation or for litigation and regulatory investigations to keep it.

What are your rights?

You will always have a right to access, update, and change or correct your Personal Information.

  •  In the first place you can contact our call centre if you wish to exercise your rights. You will be asked to complete a form in certain cases.
  • Any complaints may be addressed to Mark Saevels, CEO, Alpha Card CVBA, 100 Boulevard du Souverain, 1170 Brussels

For more information, or if you do not agree with Alpha Card’s views, you may contact the Belgian Privacy Commission via the website: www.privacycommission.be.

Please note that Alpha Card may contact you, even if you have objected to direct marketing, for other purposes, such as a legal requirement or for the performance of a contract and servicing (e.g. account statements, fraud prevention, …).

What are your choices about how we market to you?

You can choose if and how you would like to receive marketing communications, including direct marketing – whether we send them to you through postal mail, email and/or telephone. If you choose to not receive marketing communications from us, we will honour your choice. Please be aware that if you choose not to receive such communications, certain offers attached to the products or services you have chosen may be affected. We will still communicate with you in connection with servicing your account, fulfilling your requests, or administering any promotion or any program in which you have elected to participate.

Security and confidentiality

Only people properly authorized may access personal data that is relevant to performing their job. These people may only use the data to the extent this is essential to do their job and the purposes as set out in this Privacy Policy. They are bound to observe strict professional secrecy and to comply with all technical instructions and requirements designed to safeguard the confidentiality of the personal data and the security of the systems that contain this data.

Alpha Card takes internal technical and organisational measures to prevent personal data being accessible to and processed by unauthorised parties, or being accidentally changed or deleted. There are internal security measures in place to protect the premises, servers, network, data transfers and the data itself. This security is supervised by a specialist department.

But Alpha Card does not have any, or adequate, influence on certain aspects of (the technical process of) data processing. This is true, for instance, of Internet or mobile communication methods (e.g. smartphones), where it is not possible to provide full security. When criminals, (including computer criminals such as hackers), are active, Alpha Card cannot be expected to always succeed in preventing attacks. Sometimes Alpha Card itself is unaware of such crimes, for instance if someone succeeds in using your identity details by installing spyware on your computer or by means of phishing. That is why you are also asked to take into account that certain channels are less secure than others when transferring data to Alpha Card or requesting Alpha Card to transfer certain data to you.

There are things you can do to prevent potential misuse, or at least make it more difficult. These include:

  • installing antivirus software and keeping it up to date
  • not leaving your equipment and means of access unattended and reporting the loss of means of access immediately
  • logging out if you are not using an application (even temporarily)
  • keeping your passwords strictly confidential and using strong passwords, i.e. avoiding obvious combinations of letters and figures and combining enough of both
  • being vigilant about anything out of the ordinary, such as an unusual website address (e.g. www2.alphacard.be), or unusual requests (e-mail requests for customer details), etc.
  • complying with special instructions and guidelines from Alpha Card.

Glossary

Aggregated Information - data or information, relating to multiple people, which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.

Business Partners- any third parties with whom we conduct business and have a contractual relationship, such as a business that accepts Alpha Card branded cards.

Co-brand Partners - businesses we partner with to offer cards featuring both brand logos.

Cookies and Similar Technologies - a cookie is a small data file that a website transfers to your computer’s hard drive. We may place cookies when you visit our website or another company’s website where our ads appear or when you make purchases, request or personalize information, or register for certain services. If you accept the cookies used on our website, websites that are “powered by” another company on our behalf, or websites where our ads appear, you may give us access to information about your interests. We may use that information to personalize your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way. For more information about cookies, please click here .
De-identified Information - data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies.

IP Address - a number assigned to a device when connecting to the Internet.

Online Information - data or information collected on the Alpha Card website and apps as well as on websites and apps of third parties relating to topics about our business which includes Personal Information, Aggregated Information and De-Identified Information.

Other Information - Alpha Card internal information (for example, transaction data), external data that financial companies use to process applications and complete transactions, and other online and offline information we collect from or about you.

Personal Information- information that can identify a person, such as name, addresses, telephone number, and email address.

Service Providers - any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing, servicing, collections, or ad management.

Targeted Advertising - ads we, or our Service Providers, display on websites outside the Alpha Card Family of Companies based on the preferences or interests inferred from our data, such as transaction data, or data collected from a particular computer or device regarding web viewing behaviours over time and across different websites. Targeted Advertising includes Online Behavioural Advertising.
Third-Party Ad-Servers - companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our websites is in a form that does not identify you personally.