Privacy Statement

The importance of data protection

VITO sets great store by ensuring that the data that it processes are granted the correct level of protection, especially personal data. This privacy statement explains how VITO processes and protects personal data and outlines the rights you have in relation to your data.

Scope of this privacy statement

This privacy statement applies to the entire lifespan of information within VITO websites, from obtaining information to final deletion of information within the organization.

What personal data do we collect? 

We collect various types of personal data:
  • personal data that you provide us with via web forms: for example, your name, email address and telephone number when you use our contact form;
  • personal data that we obtain as a result of you using the websites:
  • log file information: we keep the following data in server logs, amongst other data:
    • IP address;
    • browser information;
    • the external web page from which you visited us;
    • the pages that you have visited on our websites;
    • time and duration of the visited pages;
    • device details: we can track the device you use to visit our websites;
    • cookies: we use cookies to identify our visitors and to obtain visitor statistics.
For more information regarding cookies, we kindly refer you to our cookie policy.

What do we use the personal data for?

We use the personal data that we collect in order to provide the correct service and to maintain, protect and improve it. Your personal data are only retained for as long as this is required to fulfil the objective for which we have collected it. We remove your data when we no longer need it.

We can use your personal data to inform and communicate with you: 

  • mainly to respond when you have submitted a question via the contact form;
  • when sending our newsletters if you have subscribed to them.

We only share your personal data: 

  • With your consent: we only share your personal data with other organizations than VITO if we have your consent. When you click on a social media button, the privacy policy of this provider applies;
  • for legal reasons: it may be the case that we need to share your personal data in order to comply with a legal obligation;
  • with parties that process personal data for us: these parties may only process personal data on behalf of VITO. These processing activities are documented in a processing agreement between VITO and this party.

What do we do to protect your personal data? 

In particular, VITO makes every reasonable effort to ensure that the data of website users and the personal data they provide are protected against: 

  • loss: data are no longer available;
  • leaks: data falling into the wrong hands;
  • errors: data are not correct, for example, obsolete or incomplete;
  • not accessible: data are not accessible when required;
  • unauthorized access: viewed by persons who are not authorized;
  • the inability to trace who viewed, modified or deleted the data;
  • processing that is not in line with legislation, guidelines and standards.

Your rights

You can ask us (free of charge): 

  • what data we have about you;
  • what the aim is of specific processing;
  • who processes your personal data. 

You have the right (free of charge): 

  • to obtain a copy of your personal data that we process for a specific purpose;
  • to submit a request to delete your data;
  • to ask us to no longer process your personal data (if you have a valid and legal reason for this). 

VITO will never process personal data relating to political or religious preferences or beliefs, race, or any other data relating to your health or sexuality. 


Do you have additional questions about the processing of your personal data? Do you want to submit a request to modify, view or delete your data? Do you want to report a data breach regarding your information? Please contact us.

We kindly request proof of identity and we will process your request within 30 days after receiving your request.  

Policy principles for data protection 

VITO, both in its role as a controller and processor: 

  • is transparent regarding the personal data that it processes and the processing purpose, both to those involved, the clients and the supervisors. The communication is honest, easily accessible and comprehensible. The transparency principle also applies when personal data are being exchanged.
  • only processes the data that are relevant to the execution of its tasks. Each task where personal data are processed is justifiable. This is also evaluated each time a new processing purpose arises, if necessary based on a data protection impact assessment.
  • only processes the personal data that are strictly necessary to carry out its activities. As a result, the identifying factors associated with personal data are reduced to a minimum.
  • assesses the integrity of personal data during the entire processing cycle.
  • does not store data for longer than is necessary. The necessity has been assessed based on legal obligations and the rights and freedoms of those affected.
  • prevents infringements that ensue as a result of processing personal data. Information security, data protection by design and privacy-friendly standard settings are useful resources for this. If an infringement occurs, reporting is carried out in this regard in line with relevant legislation in this area.
  • is able to implement all valid rights of anyone affected, such as the right to access, copy and even delete data.
  • actively ensures that the rights and freedoms of the person affected are safeguarded when processing personal data for a specific purpose.
  • processes data in line with the rights and freedoms that apply in the European Economic Area (EEA) and checks the application of these rights and freedoms when data is exchanged outside the EEA.
  • can demonstrate compliance with all policy objectives in accordance with the legal provisions. This accountability is monitored by internal supervision and control and is enforceable in accordance with the legally applicable principles.

This policy applies across VITO: 

  • the head office and VITO’s other registered offices;
  • all VITO employees and external parties who work within VITO on a fixed or non-fixed contract;
  • all company resources and information processing systems managed by VITO, as well as systems managed by external parties for information processing on behalf of VITO such as databases, information regardless of its carrier, networks, data centers, etc.;
  • all processing activities, both as a controller and processor.