Data protection

Data privacy policy (*)

Update 1.2: 21 septembre 2018

AGORA s.à r.l. et Cie (“Agora” or “we”), the controller for the processing of your personal data, pays particular attention to protecting the information that concerns you and that we process in accordance with Regulation (EU) 2016/679 of 27 April 2016.

The purpose of this data privacy policy is to describe our practices in relation to your personal data that we collect or that you supply to us:   

  • Via the websites www.agora.lu and www.belval.lu which are operated by Agora and from which you can access this data privacy policy (the “websites”),
  • Via our social media pages and app pages: Twitter, LinkedIn, YouTube, (collectively our “social media pages”):
    - Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; twitter.com/privacy
    - LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy
    - Youtube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA; policies.google.com/privacy
  • Via email messages (including also messages via MailChimp - The Rocket Science Group, LLC; 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA; https://mailchimp.com/legal/privacy) letters sent by post or phone calls that we address to you or receive from you.
  • Via our purchasing, tender or recruitment procedures;
  • Via our document exchange platform which enables documents to be exchanged between authorised persons working on a project on our behalf.

Collectively under the term “Services” we refer to:

  • the functionalities of the websites and social media pages, email messages, letters sent by post or phone calls enabling us to respond to your requests
  • the functionalities enabling you to register for an account so that you can consult the documentation relating to calls for tenders;
  • the files we set up at the time of launching purchasing, tender or recruitment procedures;
  • the functionalities enabling access to and use of the document exchange platform.

 

 

1. Personal data

“Personal data” are defined by the Regulation as “any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Collection of personal data

It is not necessary to input personal data if you wish to consult our websites.
Agora collects personal data in various ways, in particular:

  • We collect personal data via the Services, for example when you send us an enquiry via a contact form on our websites, an email, a phone call, when you register for an account in order to access calls for tenders or our document exchange platform, when you respond to our calls for tenders, our purchasing or recruitment procedures.
  • We also collect personal data when you give us your business card, send us a letter by post or when you submit an enquiry to us by any other means.
  • We collect personal data through other sources, for example: databases accessible to the public, joint business partners.

We require your personal data in order to provide you with the Services. In this respect, if you provide us with personal data concerning persons other than yourself, you declare that you have the power and authority to do so and to permit us to use the personal data concerned in accordance with this data privacy policy.

Use of personal data

Agora uses your personal data for operational purposes, in particular for:   

  • Implementing the Services, including responding to your enquiries, complaints or claims, and analysing your bids for calls for tenders.
  • Providing you with information and information documents.
  • reparing personalised Services following your enquiries, our calls for tenders, our purchasing procedures, our recruitment activities, your use of the document exchange platform.
  • Analysing our websites users’ preferences in order to prepare reports on aggregate trends in the way our content is used, so as to improve our Services.
  • Sending you invitations to our events, trade fairs and exhibitions in which we are participating or other events we are supporting.
  • Anonymising personal data: We are able to aggregate and anonymise personal data so that they are no longer regarded as personal data. We do this to generate other (non-personal) data for our own exclusive use.

Legal bases for the use of your personal data

We process your personal data on the basis of your consent. For example, when you provide us with personal data via the contact forms on our websites, by email, post or a phone call, we consider that you consent to the processing of your personal data that you communicate to us so that we can follow up your enquiry and contact you again with an answer.

We also process your personal data when this is necessary:

  • (i) For the performance of a contract to which you are a party, or of precontractual measures taken at your request, for example when you participate in a call for tenders for which you supply us with a tender file;
  • (ii) For realising our legitimate interests, which consist principally of undertaking our tasks of developing sites, launching calls for tenders, and following up candidates and their tender files, organising events and undertaking marketing operations;
  • (iii) For complying with our legal obligations and regulations to which we are subject.

Disclosure of personal data 

We disclose personal data:  

  • To our third-party service providers, to facilitate the services they supply to us. These can include providers of services such as website hosting, for the purpose of data analysis, the technical analysis of the data you provide to us within the framework of our calls for tenders, purchasing or recruitment procedures, or other services.
  • When you choose to directly disclose or authorise us to disclose your personal data on our websites, social media pages and other communication media.

Apart from cases provided for by laws and regulations or by this data privacy policy, Agora undertakes not to disclose personal data outside its organisation.

 

 

2. Other information

“Other information” means any information that does not directly reveal your specific identity or is not directly associated with an identifiable person. This includes in particular:

  • Information about the browser and device used to access the websites.
  • Information collected using cookies.
  • The geolocation and other information provided by you which does not directly reveal your specific identity.
  • Information that has been aggregated in such a way that it no longer reveals your specific identity.
    Websites

Websites

We and our service providers can also collect other data in various ways, in particular when you visit our websites.

tenders or do not provide us with information yourself, we only collect the personal data that your browser transmits to our server. If you wish to consult our websites, we collect the following data, which are technically necessary for us to present these websites to you and to guarantee their stability and security: IP address, date and time of activities, time zone, content of your enquiry, access status/HTTP status code, quantity of data transferred, referring website, browser, operating system and interface, language and version of the browser software.

 

 

3. Use of cookies

As well as the data mentioned above, when you use our websites cookies are stored on your computer. Cookies are small text files that are stored on your hard disk in the browser you use, and by means of which certain information is disseminated to the location that placed the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offering more user-friendly and more efficient as a whole.

Our websites use the following types of cookies: session cookies and persistent cookies.

Session cookies are automatically deleted when you close your browser. Persistent cookies are automatically deleted after a specific period, which can vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.

You can also configure the settings of your browser according to your wishes and needs. Please note that depending on your choices you might not be able to use the full functionalities of our websites.

Use of Matomo (formerly Piwik)

Our websites use the web analysis service Matomo to analyse the traffic and regularly improve the use of our websites. Cookies are stored on your computer for this evaluation. You can configure the settings of your browser to delete existing cookies and prevent such cookies being stored. If you prevent the storage of these cookies, we wish to point out that you might not be able to use the whole of this website. 

More information: matomo.org.

Matomo Opt-out

Use of social media plug-ins

We use the following social media plug-ins: Twitter, LinkedIn, YouTube. We have no influence over the data collected and the operations used by these social media for processing these data, and we do not assume any liability for their use. These plug-ins enable you to access our social media pages and subscribe to news feeds. They also enable social media platforms (LinkedIn, Twitter, YouTube) to place cookies on your internet browser and access this, in particular when you interact with these platforms via the plug-ins placed on our websites. These cookies enable the social media to identify you and monitor your internet activity for the purposes of targeted advertising, analyses or market research.

Link to Google Maps

On the website www.agora.lu we provide a link to Google Maps. We have no influence on the data collected by Google Maps and their data processing and assume no responsibility for their use.

 

 

4. Security

To protect personal data within our organisation we take adequate organisational, technical and administrative measures that are in accordance with the applicable laws and regulations.

To ensure security during the processing of your personal data, Agora has put SSL (Secure Socket Layer) certificates in place on its websites. These certificates guarantee the encryption of the data exchanges between you and the Agora web servers. Nonetheless, if you have reason to believe that your interaction with us is no longer secure, please advise us of this immediately as described in the section “Contacting us” below.

 

 

5. Access to personal data and the rights of individuals

Every user enjoys a right of access, modification and objection to the processing of their personal data, a right to restrict the processing, a right of deletion and a right to the portability of their personal data. However, these rights can only be exercised within the limits of any contractual or legal obligation.

Right to information – confirmation

You have the right to ask us to confirm that we process personal data concerning you. If your personal data are processed, you can ask at any time for information about these personal data and their processing, and to receive a copy of them.

Right of correction - modification

You have the ability to ask us to correct or modify any incorrect personal data concerning you. Bearing in mind the purposes of such processing, you have the right to ask us to complete any incomplete personal data.

Withdrawal of consent

When the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing undertaken prior to the withdrawal of such consent.

Right of objection

You have the right to object at any time to the processing of your personal data for the purposes of direct marketing or to realise other legitimate interests. However, we can continue to process your personal data if they are necessary for us within the framework of our pre-contractual or contractual relationship.

Right to the restriction of processing

You have the ability to request the restriction of the processing of your personal data with a view to limiting the instances in which we are able to use them.

Right of withdrawal (“Right to be forgotten”)

You have the right to ask for the deletion of the personal data concerning you. However, please note that we reserve the right to continue to send you administrative or contractual messages within the context of important contractual, technical or regulatory relations from which we are unable to withdraw.

Right to portability

You have a right to the portability of your personal data, which enables you to receive the personal data you did not provide to us yourself, in a structured format that is currently used and machine-readable, and, if technically possible, to have these personal data transmitted to a third party.

In all cases we will do our best to reply to your requests within a reasonable period.

How to access your personal data and exercise your rights?

If you wish to ask to consult, correct, update or delete your personal data or restrict the processing or object to this, or if you wish to receive an electronic copy of your personal data, including so as to be able to transmit them to another company (insofar as this right to the transferability of the data is granted to you by the applicable law), you can do so using the contact details in the section entitled “Contacting us” below. We will reply to your request in accordance with the legal and regulatory provisions in force.

In your request please clearly indicate the personal data you would like to have modified, the uses to which you wish to object, whether you wish your personal data to be deleted from our database, or indicate to us the limits you would like to impose on the use of your personal data. For your protection, we can only implement requests concerning the personal data associated with the particular email or personal address you use to send us your request. We might also need to verify your identity before implementing your request.

Please note that we might possibly need to retain certain personal data for the purposes of record-keeping and/or to complete any transaction that you commenced before requesting a modification or deletion.

 

 

6. Retention period

We retain personal data for as long as is necessary in terms of the purposes for which they were obtained, and in accordance with the applicable laws and regulations.

The criteria used to determine our retention periods comprise:

  • The duration of our relationship with you and the period for which we have provided you with the Services to ensure the proper maintenance and follow-up of your file (for example, while you have an open account under the heading Call for tenders -  www.agora.lu/fr/appels-doffres/ - or while you continue to use the Services);
  • Whether there is a legal obligation to which we are subject; or
  • Whether such retention is desirable taking account of our legal situation (for example with regard to limitation periods, disputes or regulatory enquiries).

Unless there are requirements relating to public order, contractual provisions or legal disputes, we shall make every effort not to store your data beyond a period of thirteen (13) months from the last time they were transmitted.


 

7. Third-party services

This data privacy policy does not address, and we are not liable for, the confidentiality of the information or other usages of any third party, including any third party operating a website or a service with which our Services are connected. The inclusion of a link on our websites and social media pages does not imply that Agora approves of the site in question or the associated service. We are also not liable for any hypertext links provided by third parties that might redirect you to our websites. We reserve the right at any time and without prior notice to prohibit and/or block any link to our websites that has been placed without our authorisation.

In addition we are not liable for the collection, use, disclosure or security policies or practices of other organisations, application developers, application providers, providers of social media platforms, providers of operating systems, providers of wireless services or equipment manufacturers, including with regard to the personal data you disclose to other organisations by means of or in connection with mobile applications or our social media pages.

 

 

8. Use of the Services by minors

The Services are not intended for underage persons. The use of the Services by underage persons takes place under the responsibility of their parents or legal guardian. We do not knowingly collect personal data from underage persons. 

 

 

9. Jurisdiction and cross-border transmission

Your personal data can be stored and processed in any country of the European Union where we have facilities or in which we use service providers (for more information please refer to the section “Imprint”[A1] on our websites). When using the Services, you understand that your personal data can be transmitted to countries outside your country of residence.

 

 

10. Sensitive information

As far as possible and unless explicitly required or mandated by the applicable laws and regulations, we ask you neither to communicate to us nor to disclose sensitive personal data (for example, social security numbers, information connected with race or ethnic origin, political opinions, religion or other beliefs, health, biometric or genetic characteristics, or criminal history) on our websites and social network pages or otherwise via the Services.

 

 

11. Acceptance of conditions

By using the Services, users confirm that they have read, understood and accepted this data privacy policy. If a user does not accept this data privacy policy, Agora recommends that this user does not use the Services. Continued use of the Services after the publication of modifications made to this data privacy policy shall be regarded as acceptance of such modifications.

 

 

12. Updates to the data privacy policy

The heading “Updated” in this data privacy policy indicates the date on which this data privacy policy was last revised. Any change shall come into force when we display the revised data privacy policy on the websites. Such changes can take place without you being directly informed of them. We therefore invite you to consult the data privacy policies of the websites regularly in order to verify whether you still agree to these. Your use of the Services following such changes indicates that you accept the revised data privacy policy.  

 

 

13. Contacting us

Agora is responsible for the collection, use and disclosure of your personal data in accordance with this data privacy policy. 

For any question or intervention relating to this data privacy policy you can contact Agora:

  • By email to the following address:
    privacyagora.lu

  • By post to the following address:
    Société de développement AGORA s.à r.l. et Cie
    Attention: Délégué à la Protection des Données (FAO Data Protection Officer)
    3, avenue du Rock’n’ Roll
    L-4361 Esch-sur-Alzette

 

14. Supervisory authority

Every user has the right to submit a complaint to the competent supervisory authority, in particular to that of the member state of their usual place of residence or place of work, or for an infringement of the regulations concerning the protection of personal data (in Luxembourg, the National Commission for Data Protection (https://cnpd.public.lu/fr.html).

 

(*) Only the text in French shall be binding.

Top NavigationSitemap