LEGAL INFORMATION

Privacy Policy

Corporify BV, a company incorporated and existing under the laws of Belgium, having its registered office at Belgium, B-9000 Ghent, Rooigemlaan 532, with company registration number 0633.855.705 (hereinafter “Corporify”) values and respects your privacy and the security of your personal data. Any reference in this Privacy & Cookies Policy to “we”, “us” or “our” will be meant to designate Corporify.

This privacy & cookies policy (hereinafter the “Policy”) applies to this website (hereinafter the “Website”) and explains how your personal data may be collected on this Website, how it may be used and with whom it might be shared. By browsing the Website and sharing your personal data with us, you expressly agree to the terms of this Policy and to the way in which we collect and process your personal data, as further explained below.

We may amend this Policy from time to time. You can always view the latest version of our Policy (date of last amendment: March, 2021), on this web page.

If you have any question about our Policy, please feel free to contact us by sending an email to myprivacy@corporify.com.

We may amend this Policy from time to time. You can always view the latest version of our Policy (date of last amendment: November, 2021), on this web page. In the event that this Policy will materially and/or substantially change and provided that we your contact details, we will actively inform you of this change and provide you with the new version.

If you have any question about our Policy, please feel free to contact us by sending an email to myprivacy@corporify.com.

All personal data collected by us as data controller will be stored and processed in accordance with the EU General Data Protection Regulation (GDPR) and the Belgian Law of 30 July 2018 for the protection of natural persons with regards to the processing of personal data. As soon as the information collected may be used to identify you, we will treat it as “personal data”.

Where you provide personal data to us, which relate to another individual than yourself (for example of the legal representative of the company you are representing), please provide the concerned individual with (a copy of) this Policy before providing us with his/her personal data.

 

Which information is collected and how do we use this information?

Whenever you contact us, for example via our Website, you may choose to give us certain personal information (such as your name, address, telephone number, e-mail address). We may use that data for different purposes:

  • If you send us an e-mail or fill out our contact form, we will use your personal data for the purpose of responding to your questions or comments; 

  • If you register for an event (e.g. a seminar, demo, marketing call, workshop, or round table event), we will use your personal data to register you for the event and to keep you posted about any changes or updates regarding the event;

  • If you sign up to receive one of our publications (e.g. newsflashes, alerts or other publications) or to be informed of our upcoming events, we will use your personal data to send you the requested information;

  • If you sign up to request a trial account for our business solutions, we will use your personal data to respond to your request and, upon approval of your request at our own discretion, to enable and maintain this trial account and your access to it.

  • Our CRM system, HubSpot, aggregates the personal data we collect. It uses profiling to categorize some forms of user behaviour in order to understand the level of interest the user might have in our offerings, so we can focus our marketing efforts.

  • Our CRM system, HubSpot, also aggregates personal data from social media, such as your public profile information from LinkedIn (www.linkedin.com) and Facebook (www.facebook.com), to keep track of any interaction with our social media presence, as well as from third party software, such as your IP-address, location information, the owner of the profile used to browse our Website (which can indicate your employer) from Google (www.google.com), Pipedrive (www.pipedrive.com), Leadfeeder (www.leadfeeder.com) and/or Hotjar (www.hotjar.com) to understand the use of our Website. Both on our website and on the social media platform you are using, appropriate consent mechanisms are implemented for this purpose. We use this data for the same purposes as the data we collect directly from our Website, and under the same conditions; and

  • Some of the described personal data is collected through the use of cookies. Our Cookies Policy, to be found on our Website, contains more information on the use of cookies.

In short, we collect and process your personal data for the following purposes and based on the following legal grounds:

 

Data

Purpose

Legal basis

Identification data and contact details, name of the company you work for and your function/title, other professional information

General contract management, accounting and invoicing purposes, and to deal with possible disputes, to establish, defend and exercise our (legal) position

Execution of a contract (if contract is entered into with data subject itself)

+ In all other cases: our legitimate interest to be able to send contract updates, communications, invoices and other contractual notices to one or more contact persons at our clients, suppliers, business partners and other contracting parties and to deal with disputes and claims

Identification data and information from sanctions lists

Compliance with anti-money laundering, anti-fraud and anti-terrorism laws, tax laws and financial administration laws

Compliance with our legal obligations

 

 

Name, gender, address and email address, IP address, public profile information, browser location, profile owner

Direct marketing (newsletters and updates), prospecting, direct contact, booking meetings/demos, assessing interest in commercial contact, evaluating the use of our Website and social media interactions with us

Our legitimate interests as commercial undertaking wanting to promote our activities

+ For electronic direct marketing and where personal data is gathered through cookies or similar technologies: your consent hereto

Limited Platform user data:

Name, email address, mobile number, user log files

Security and integrity purposes (e.g. to detect abuse of the Platform, assess vulnerabilities and threats and provide appropriate security to our Platform

Our legitimate interests as a software developer and service provider to be able to provide a secure and operational service to our clients and to detect abuse of our Platform or any other malicious actions and to help us monitor the load of our servers and general traffic of our Platform

+ Where personal data is gathered through cookies or similar technologies: your consent hereto

Limited Platform user data:

Name, email address, mobile number, user log files

Generating platform usage analytics for statistical and product improvement purposes

Our legitimate interests as commercial undertaking wanting to gain insights into the use of our service and the way in which users interact with the Platform

+ Where personal data is gathered through cookies or similar technologies: your consent hereto

In addition, all the personal data listed above can – where necessary – also be used for the handling of inquiries and complaints, and for the management of our legal disputes. This is based on our legitimate interests to defend our legal rights both inside and outside of court proceedings.

Important: Whenever we rely on your consent for direct marketing purposes, you are free to withdraw such consent at any moment by simply contacting us (or through the unsubscribe link that is provided), without having to justify such objection or withdrawal. Whenever we rely on our legitimate interests as legal basis, you may also object hereto by providing us an explanation of your particular situation that outweighs our legitimate interests.

 

 

How do we protect your personal information?

We take the necessary administrative, technical and organizational measures to ensure the security and confidentiality of your personal data and we protect your personal data against accidental loss, misuse, unauthorized access, disclosure, alteration and accidental or unauthorized destruction. All personal data collected through our Website and third party software, as described in this policy, is aggregated in HubSpot, our CRM provider, behind two-factor authentication security. You can more on their level of security here: https://www.hubspot.com/security.

For how long will we keep your personal data?

Your personal data will only be stored in an identified form for the period necessary for the purposes for which we process these data (or if we have a legal obligation to keep them for a longer period). In other words, unless you have become a customer, we will only store your data for as long as you are a possible prospective customer to us or for as long as your information is relevant to fulfil the purposes listed above.

For cookies specifically, the data retention periods are specified in our Cookies Policy (https://www.corporify.com/en/cookies-policy).

If you would like to receive more specific information about our data retention periods, you can reach out to us by simple request to myprivacy@corporify.com.

Who will have access to your personal data?

We may share your personal data with our hosting partners, CRM partners (such as HubSpot) and other IT service providers which may act as data processors for us, with our affiliates, and with some of our contractual partners, e.g. in order to ensure the proper processing of your data in accordance with the purposes outlined above.

We sometimes also transfer your personal data to our contractual partners located in countries outside the European Economic Area, in particular in the following countries: the United States of America. In such cases, we take all necessary steps to ensure an adequate level of protection within the meaning of EU data protection legislation. Generally, we will enter into data transfer agreements incorporating the Model Clauses approved by the European Commission. You may contact us by sending an email or a letter to the contact details indicated below, if you wish to obtain a copy of the Model Clauses entered into or insight into other adequate measures taken.

In the context of our collaboration with HubSpot, note that personal data are transferred outside the EEA, to the United States of America. HubSpot maintains a very high level of security. You can find the details
here:
https://www.hubspot.com/hubfs/security_documents/HubSpot_Security_Overview.pdf and here: https://legal.hubspot.com/dpa.

Finally, we may also transfer your personal data to:

  • any appropriate law enforcement agency, regulator, government agency, court, or other third party, when such disclosure is necessary (i) under applicable laws, (ii) to exercise, establish, or defend our rights, or (iii) to protect your vital interests or those of any other person;

  • our auditors, advisors, legal representatives and similar agents in connection with consulting services they provide to us for legitimate business purposes and pursuant to a contractual prohibition on the use of personal data for other purposes; and

  • any prospective purchaser (and its agents and advisors), in connection with a proposed purchase, merger or acquisition of a portion of our business if this is required in the context of that transaction;

Your legal rights & how to exercise them

As “data subject”, you have the following legal rights:

 

Right to request information and to have access to your personal data

You may ask us to provide you more information regarding our data processing activities and your personal information file.

Right to request rectification of incorrect or incomplete personal data

You may ask us to correct or supplement incorrect or incomplete data.

Right to request the erasure of your personal data (‘the right to be forgotten’),

Upon your written request hereto, we will erase your data:

− if they are no longer necessary in relation for the purposes for which they were collected; or

− if the data processing is solely based on your consent; or

− if you have serious grounds to object to the processing of your personal data; or

− if the personal data have been unlawfully processed; or

− if the personal data have to be erased for compliance with a legal obligation.

Limited exceptions to the right to erasure apply (i) for exercising the right of freedom of expression and information; (ii) for compliance with a legal obligation; (iii) for reasons of public interest in the area of public health; (iv) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance; or (v) for the establishment, exercise or defense of legal claims.

Right to request restriction of the processing activity

You have the right to obtain restriction of the processing your personal data where one of the following applies:

− the accuracy of the personal data is contested, for a period enabling us to verify the accuracy of the personal data; or

− if the processing is unlawful and you prefer the restriction of the processing activity over erasure of your data; or

− if we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or

− if you have objected to the processing based on our legitimate interests, pending the verification whether our legitimate grounds override those invoked by you.

Right to object to the processing of your personal data (free of charge)

You have the right to object, on grounds relating to your particular situation, at any time, to processing of personal data concerning you which is based on the legal ground of “legitimate interests” or on your prior consent.

In such case, we will no longer process these personal data, unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.

Where personal data are processed for direct marketing purposes, you will always have the right to object hereto at any time.

You also have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects for you or similarly significantly affects you.

Right to data portability

In some cases, you have the right to receive the personal data concerning you in a structured, commonly used, machine-readable and interoperable format, and to transmit these data in this format to another data controller. This right applies:

− where the processing is based on the legal ground of consent or on the execution of a contract; provided that

− the processing is carried out by automated means.

To exercise any of these rights or if you want to update or adapt your personal information (e.g. if it is no longer accurate, is incomplete or is no longer relevant), please contact us by sending an e-mail

to myprivacy@corporify.com. Upon submitting proof of your identity (where necessary), you can also obtain, at no cost (provided the volume is reasonable), a copy of your personal data record. In principle, you may exercise these rights free of charge. Only where requests are manifestly unfounded or excessive, we may charge a reasonable fee.

If you no longer wish to receive direct marketing or promotional e-mails (newsletters, publications, invitations to our seminars, etc.) from Corporify, you can unsubscribe at any moment, free of charge, by sending an e-mail to myprivacy@corporify.com, by clicking the ‘unsubscribe’ link in our e-mails or by completing the contact form on our website.

For any privacy related issues, you can myprivacy@corporify.com

In addition, you have the right to lodge a complaint with the competent supervisory authority. In Belgium, this is the Belgian Data Protection authority: