Privacy Policy by Senior Home Plus

Rules on the protection of natural persons with regard to the processing of personal data by Retraite Plus

1. Background and legal framework

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), sets out the legal framework for the processing of personal data.

In this context, we present the provisions for complying with this regulation in accordance with the requirements thereof. Indeed, Retraite Plus manages personal data within the scope of its activity, which is primarily to assist elderly individuals or their relatives to search for appropriate accommodation (Care Home, Extra Care Home, etc.) or Domiciliary Services.

2. Elements relating to our application of the regulations

The following elements relate to the management of personal data, in accordance with the regulation:

  • The contact details of the Data Protection Officer: Retraite Plus
  • The purposes of data processing:
  • To collate requests for assistance in choosing Care Homes or Domiciliary Services via our websites or prescribers (Social Workers, etc.)
  • To help our contacts search for care homes or domiciliary packages
  • To forward these requests to the Care Homes or Domiciliary Services most likely to meet the needs of these contacts, in order to assist our contacts in the decision-making process
  • To follow-up these requests with the Care Homes or Domiciliary Services
  • To carry out satisfaction surveys based on the solutions proposed.
  • Data source:
  • Request made by a family on a website
  • Request made by a family or a prescriber by phone
  • Request received from a prescriber in writing
  • Telephone conversation and exchange of emails/faxes/sms with families/partners
  • The typology of data processed in this way:
  • Identification data: Name, first name of the elderly person and of the contact, telephone, email, address, age of the elderly person.
  • Financial data: budget and general financial aspects to be taken into consideration in order to deliver our service, as requested by our contacts.
  • Health data: level of loss of autonomy and other general health aspects to be taken into consideration in order to deliver our service, as requested by our contacts.
  • The data recipients: Care Homes or Domiciliary Services best suited to meet the needs of these contacts.
  • Personal data storage period: 5 years
  • Other human rights: As per the regulation, individuals must be informed of their rights, which is the main purpose of this documentation (explanation given above and below).

Note on health data: Retirement Plus does not keep a medical record and does not act as an intermediary between the family and the facility or domiciliary service in terms of providing medical records.

3. General principles for collecting and processing personal data

Retraite Plus makes every effort to comply with the legislation when collecting and processing personal data:

  • Both internally and externally, with our partners (care homes, domiciliary services, etc.).
  • Both at IT and organisational levels (protection of servers and IT databases, management of internal procedures, management of authorisations, information for individuals, etc.).

4. Rights of individuals

Clients and contacts have the right to ask Retraite Plus to respect their rights with regard to the processing of personal data. These rights include the following:

  • Consent/withdrawal of consent
  • Right of access
  • Right to change
  • Right to be forgotten
  • Right to limit processing

These rights are conditional subject to compliance with the following:

  • The request comes from the individual himself/herself and is accompanied by
  • either a copy of an up-to-date identity document
  • or is sent from the email address specified in the request for assistance
  • The request must be forwarded in writing to the following address: Retraite Plus, 14 Quai de la Marne 75019 Paris or emailed to: donnees-personnelles@retraiteplus.be
  • The request must accurately state the exact purpose of exercising one’s rights, in accordance with the GDPR regulation.

In accordance with legislation governing the protection of personal data, customers and contacts are informed that this is an individual right that can only be exercised by the person concerned in relation to his or her own information. For security reasons, the service in question will therefore have to verify your identity in order to avoid discussing any confidential information about you with a third party.

Clients and contacts have the right to request a copy of their personal data being processed from Retraite Plus. However, if an additional copy is requested, Retire Plus may ask customers and contacts to pay for the service.

If customers and contacts request a copy of the data electronically, the requested information will be provided in a currently used electronic format, unless requested otherwise.

Customers and contacts are informed that this right of access may not relate to confidential information or data, or data for which communication is not permitted by law.

The right of access must not be exercised in an abusive manner, i.e. on a regular basis with the sole aim of destabilising the service concerned.

Important note on "Consent”

When a person provides information (Name, First Name, Telephone, email, location of the search, level of urgency, etc.), on one of our websites, by email or otherwise, to enable them to be assisted by Retraite Plus in their search for accommodation or domiciliary services, and request a call back, they are explicitly giving their consent to the processing of the personal data they have provided / data they will subsequently give our advisers or any other Retraite Plus employee during telephone conversations and the exchange of data via computer or telephone (email, sms, fax, etc.).

Any individual has the right, at any time, to revoke their consent to the processing of their personal data, in accordance with the legislation. Retraite Plus shall undertake to acknowledge this right as soon as possible.

5. Subcontracting

Retraite Plus informs its customers and contacts that it may appoint a subcontractor of its own choice to process personal data.

In this case, Retraite Plus shall ensure that the subcontractor complies with their obligations under the GDPR, regardless of whether it is located within or outside the European Union.

Retraite Plus shall undertake to sign a written contract with all its subcontractors and imposes the same data protection obligations as Retraite Plus follows. Furthermore, Retraite Plus reserves the right to conduct subcontractor audits to ensure compliance with the provisions of the GDPR.

6. Security

Retirement Plus shall define and implement any technical, physical or logical security measures that it deems appropriate in order to combat the destruction, loss, alteration or unauthorised disclosure of data in an accidental or illicit manner.

These measures mainly comprise the following:

  • Information Systems Security Policy
  • Management of identification and authorisation for data access
  • Safeguarding and archiving measures
  • Disaster recovery plan
  • Security audits

7. Data breach

In the event of a personal data breach, Retraite Plus shall undertake to notify the CNIL (French National Data Protection Agency) under the conditions prescribed by the GDPR.

If this breach poses a significant risk to customers and contacts and the data have not been protected, Retirement Plus shall:

  • notify relevant customers and contacts
  • provide the necessary information and recommendations to the relevant customers and contacts.

8. DPO - Data Protection Officer

Retraite Plus has appointed a Data Protection Officer.

The Data Protection Officer’s contact details are as follows:

The DPO (Data Protection Officer)

Retirement Plus

14, Quai de la Marne 75019 Paris

Email: donnees-personnelles@retraiteplus.be

Tel.: +32 2 318 04 78

If personal data are to be reprocessed, Retraite Plus will initially refer the matter to the Data Protection Officer.

If customers and contacts wish to obtain specific information or ask a specific question, they can contact the Data Protection Officer, who will answer the question asked or provide the necessary information within a reasonable timescale.

In the event of problems relating to the processing of personal data, customers and contacts may contact the designated Data Protection Officer.

9. Processing Register and Impact Assessment

As the Data Controller, Retirement Plus shall undertake to keep an up-to-date record of all processing activities carried out.

This register is a document or application listing all of the processing operations carried out by Retraite Plus, as the Data Controller.

Retirement Plus shall also undertake to prepare an Impact Assessment of the risks associated with personal data.

Retraite Plus shall undertake to provide the supervisory authority, on receipt of the initial request, with information allowing the said authority to check the compliance of the processing in line with current data processing legislation.

10. Right to lodge a complaint with the CNIL (French National Data Protection Agency)

Customers and contacts who have concerns regarding the processing of their personal data are entitled to lodge a complaint with the supervisory authority, namely the CNIL (French National Data Protection Agency) in France, if they consider that their personal data are not being processed in accordance with European data protection regulations. Complaints should be sent to the following address:

Commission De La Protection De La Vie Privée
Rue de la Presse 35, 1000 Brussels, Belgium

Close

Find a suitable care home for your loved one