Personal Data Protection

The following information relates to the protection of your personal data. These are the data that make it possible to identify you directly or indirectly, such as your first name, surname, e-mail address and IP address.

Personal data is collected when:

  • You surf on the portal pages. In your browser, these pages start with « (www.)ccb.belgium.be », « (www.)cert.be » ou « (www.)safeonweb.be ».
    When you are directed via a link to another website, an online application or a social network, you must check the conditions for the processing of personal data used by the persons responsible for these services.
  • You contact us

You are protected under European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (which entered into force on 25 May 2018) on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR).

Legal grounds and purposes for processing

The Royal Decree of 10 October 2014 establishing the Centre for Cyber Security Belgium sets out the legal missions of the CCB:

  1. follow up and coordinate of and monitor the implementation of the Belgian policy on cybersecurity;
  2. from an integrated and centralised approach, manage the various projects in the field of cyber security;
  3. to ensure coordination between the services and public authorities concerned, and public authorities and the private or scientific sector;
  4. formulate proposals to adapt the regulatory framework in the field of cyber security;
  5. in collaboration with the Government Coordination and Crisis Centre, ensure crisis management in the event of cyber incidents;
  6. drawing up, disseminating and monitoring the implementation of standards, guidelines and security standards for the various information systems of the administrations and public institutions;
  7. coordinating Belgian representation at international cyber-security forums, monitoring international obligations and proposals for the national position in this area;
  8. coordinating the evaluation and certification of the security of information and communication systems;
  9. Informing and raising awareness among users of information and communication systems.

Personal data are collected and processed for the purpose:

  • inform you;
  • an answer to your questions;
  • treat the files and documents that concern you.

Data are also collected and processed anonymously: 

  • for statistical and qualitative purposes, with the aim of improving our service;
  • to give you an answer in your language.

If your request for information or services is intended for another department, we will provide you with the contact details of that department and you are free to choose whether or not to contact them.

Data processed

Personal data will only be collected and processed to provide you with the requested information. Personal information is information that identifies you, such as your name, e-mail address or other information that can reasonably be linked to such information.

When you register on this site, we ask you to provide us with certain information (last name, first name, e-mail address). This information will be used to manage the site and the information provided.

The personal data provided will not be used for marketing purposes and will not be provided to third parties.

In accordance with Article 29 of the Code of Criminal Procedure, members of the CCB may be asked to report offences of which they have become aware in the course of their duties and to provide the public prosecutor with all information relating thereto.

In the situations listed in the table below, personal data are collected and processed automatically.

The other personal data that may be processed are listed in the register for data processing.

Data that are not of a personal nature are automatically collected without linking them to your IP address and thus respecting your privacy. These are used to generate statistics and improve the content of the portal site:

  • Language selection
  • Used search engine
  • Used keywords
  • The website where you come from
  • The pages you have viewed
  • The duration of each page view
  • The list of downloaded files
  • The date and time of access
  • The browser used
  • The platform and/or operating system installed on your computer

The CCB also collects information in log files. Those logs stored contain only web traffic data. This information is used by the CCB for internal processing and analysis of web traffic.

Usage of cookies

We use cookies to provide an optimal service. A cookie is a small file that is stored on your computer. The cookie can be restored when you visit the same site at a later time. We also use cookies to generate anonymous visitor statistics (Google Analytics). None of this contains information that allows us to contact you by e-mail.

You can also configure your browser to warn you when cookies are being created or to block the creation of cookies.

This site uses the following cookies:

Cookies needed for the proper functioning of the site:

  • language: choice of language
  • has_js: to determine whether your browser accepts JavaScript or not (session status)
  • unam: this cookie records the number of times a page has been clicked and shared

Google Analytics statistical cookies:

  • _ga
  • _gid
  • _gat

Storage period

Storage time:

  • of your IP address is 24 hours;
  • of the cookies is 13 months;
  • of the exchanges via the contact form and via e-mail is 12 months;
  • of logs is 13 months.

In exceptional cases, e.g. in the context of legal proceedings, your personal data may be stored for a longer period of time.

Security

The Centre for Cyber Security guarantees the security (integrity and confidentiality) of your personal data. Your data are protected against unauthorised access, unauthorised use, loss and unauthorised changes.

We use security methods and procedures that we do not describe in detail here for security reasons. 

N.B.: Appropriate physical, technical and organisational measures shall be taken to ensure a level of security appropriate to the risks.

Right of access, amendment, objection and deletion

You have certain rights with regard to the personal data we use: the right of access, the right of amendment, the right to object and the right to have data erased.

Your application will be processed within 30 calendar days. If your application is complex or if our service has to process a large number of applications, this period can be extended by 60 days.

In order to exercise your rights, please send an e-mail or letter to our Data Protection Officer, together with a scanned or paper copy of your proof of identity with your signature, to the following address:

Centre for Cyber Security Belgium
With regard to the Data Protection Officer
Rue de la Loi 18
1000 Brussels
E-mail: privacy@ccb.belgium.be

More information on the protection of personal data can be found on the website of the data protection authority: https://www.dataprotectionauthority.be.

Complaints

If you believe that the Centre for Cyber Security Belgium has not processed your personal data in accordance with the applicable rules, you have the right to lodge a complaint with the data protection authority:

Data protection authority
Pressstraat 35
1000 Brussels
E-mail: commission@privacycommission.be

Contact

For more information about our privacy policy, please contact our Data Protection Officer at privacy@ccb.belgium.be.