Privacy Policy INOOPA S.A.

Last updated: 24 September 2024

Download

Our Privacy Policy contains the following sections

• INTRODUCTION
• DATA PROTECTION OFFICER (DPO)
• Article 1 - What personal data do we process about you?
• Article 2 – Why do we collect your data?
• Article 3 – What is the legal basis for the processing of your personal data?
• Article 4 – The Duration of Data Retention
• Article 5 – Will data be used for direct communication and marketing purposes?
• Article 6 - What are your rights?
• Article 7 – What security measures are in place?
• Article 8 – To what extent is your data shared with third parties?
• Article 9 – Will data be transferred to a country outside of the European Economic Area (EEA)?
• Article 10 – Amendments to the Policy
• Article 11 – Validity of the Contractual Clauses
• Article 12 – Applicable Law and Jurisdiction

INTRODUCTION

Inoopa SA (hereafter: we, us or Inoopa) may collect and process personal data and, within this framework, is committed to protecting your Personal Data and respecting your privacy in accordance with the pertinent data protection legislation and the conditions set forth herein. This Privacy Policy governs the processing of personal data by the Data Controller, identified as Inoopa SA, with its registered office at Av. Arnaud Fraiteur 15, 1050 Ixelles (Belgium), registered with the Crossroads Bank for Enterprises under the VAT number BE0649.973.640

This Privacy Policy applies, among other things, to the following:

• Our general and informative website (https://www.inoopa.com henceforth referred to as the "General Website"), and the Software as a Service (SaaS) Platform (comming soon, henceforth referred to as the "Solution"),, its subdomains, and related services are collectively referred to as the "Site."
• All existing commercial relations between Inoopa and its clients, prospects, and business partners, and
• Anyone with whom we may have a relationship.

Regarding the Site, the Privacy Policy applies to all pages hosted on the Site and registrations relating to this Site. This Privacy Policy does not apply to pages hosted by third parties to which Inoopa may refer, as their privacy policies may differ. It thus follows that Inoopa cannot be held liable for any data processed on these websites or by them. Furthermore, individuals below the age of 18 and those lacking full legal capacity are prohibited from using the Site. Inoopa requests that users under 18 refrain from providing any personal data. In the event of any infringement of this provision, it is imperative that the matter be reported without delay to the following email address: dpo@Inoopa.com.

It is also important to note that Inoopa is committed to ensuring compliance with all applicable data protection laws, including European privacy laws, such as:

• (i) Regulation (EU) 2016/679, adopted on April 27, 2016, also known as the General Data Protection Regulation (“GDPR”)
• (ii) Directive 2002/58/EC of 12 July 2002 ("e-Privacy Directive"), and any legislation replacing the GDPR and the e-Privacy Directive;
• (ii) any law, statute or regulation relating to the protection of personal data of a Member State of the European Economic Area ("EEA"), which may apply to one of the parties in the context of its data processing activities or its establishment in the EEA, and all subordinate legislation made under them. In addition, any codes of practice or other guidance issued by the data protection regulator in the territory must be observed.

It is imperative that this Privacy Policy is carefully read in conjunction with Inoopa's [Terms of Services](TODO: add link) , [Terms of Use](TODO: add link) of the Website, and [Cookies Policy](TODO: Add link). This document contains essential information regarding the processing of personal data. By accessing the Site, by sharing personal data on the Site, by contacting us by email, phone or any other means, or by submitting a question, complaint or file you declare that you have read this Privacy Policy and expressly agree to its contents.

Should any further queries arise, the DPO may be contacted at the following address: dpo@inoopa.com.

DATA PROTECTION OFFICER (DPO)

In accordance with Article 37 of the GDPR, Inoopa has appointed a Data Protection Officer (DPO) to serve as a single point of contact within our organisation. Our DPO has been selected based on her professional qualifications and, in particular, her expertise in data protection law and practice, as well as her capacity to fulfil the obligations set forth in the GDPR. His full contact details are as follows:

KAIZEN LAW Charlotte De Raef SRL +32494883623 dpo@inoopa.com

Article 1 - What personal data do we process about you?

• 1.1. Upon registering or completing a form available on Inoopa's website or in paper format (e.g., subscription to Inoopa's newsletter, contact form, demo registration, downloadable content form, screening questions for applications, etc.), the data subject authorizes Inoopa to record and store the following information for the purposes mentioned in Article 2:

• 1.2. In the event that the data subject is a User of the aforementioned Sites, the following data is automatically recorded upon accessing the Inoopa Sites:

  • In the context of services that require authentication, identification data is also recorded, such as: name and surname, email address, telephone numbers, and postal addresses.
  • the IP address assigned to the User (when connected);
  • the date and time of access to the Inoopa Sites and other data related to traffic;
  • demographic attributes of the User (for the public website only) or other data relating to communication;
  • pages consulted by the User on the Sites of Inoopa ;
  • the type of browser, platform, and/or operating system used by the User;
  • the search engine and keywords used to find our Sites;
  • and the browsing preferences of Users who accept cookies. Cookies may be utilized on the Sites to improve site navigation and enhance technical management. To illustrate, Inoopa will automatically record which sections of the website are visited, the web browser used, and the websites visited prior to gaining access to the Inoopa site. It should be noted that the aforementioned data does not permit the identification of the user; however, it does enable Inoopa to compile statistics regarding the use of the Site. Further information regarding the use of cookies can be found in the [Cookie Policy](TODO: add link).

• 1.3. When a User accesses and utilizes the Solution, Inoopa will also process:

  • data and information related to the user when creating or using their User Account. This may include details such as the user's surname, first name, email address, and password. Such data may include the user's country, company, and other information related to the company they work for and Client of Inoopa (such as their full legal name, email address, language, and, if applicable, their company name, billing address, and tax ID number).
  • data from third-party applications that the User has requested to be integrated into their user account may be included.
  • The data may also include a user's subscription history.
  • any personal data that the User has voluntarily disclosed to Inoopa (for example, during the contact procedure),
  • Additional information that Inoopa may request for identification purposes or to prevent any violations of the Privacy Policy. It should be noted that the processing of some personal data is a prerequisite for Users to benefit from our services.

• 1.4. If the data subject is a job applicant:

• identification data (such as the first name and surname, EU citizenship/visa and/or permit allowing the applicant to work in the country where the position will be based, email address, telephone numbers, if the applicant is based in the country where the position will be based); a picture (not mandatory);

  • any other personal data included in the applicant's curriculum vitae, cover letter, or a profile on the professional networking platform LinkedIn. Such information may pertain to the candidate's academic and professional background, education, interests, and linguistic competence.
  • the candidate's diploma may also be requested in the event of a successful hire
  • Our communications (by email or other);

• 1.5. If the data subject is a freelancer/service provider for Inoopa:

  • Identification data (such as first name, surname, email address, postal address, telephone number)
  • Professional information (such as the CV and academic and professional background, office address, position and function)
  • Financial information (such as VAT number, bankaccount number, etc.)
  • Our communications

• 1.6. If the data subject is a decision maker:

  • Identification data (such as surname, first name and email address)
  • Position in his company
  • Linkedin URL

Inoopa may obtain the aforementioned personal data directly from the candidate or via third parties, such as recruiting services or temporary agencies. In the absence of the aforementioned information, it will not be possible for us to proceed with the recruitment process.

Article 2 – Why do we collect your data?

• 2.1. The data is processed for several different purposes. For each purpose, only the data pertinent to the fulfilment of that purpose is processed. The term "processing" encompasses any operation, whether manual or automated, conducted on personal data.

• 2.2. In the event the data subject is a User of the Site, Inoopa will process your data in order

  • to process and respond to information requests and questions from data subjects submitted via the contact form, or by any other means of communication. A contact form is available on the website. Furthermore, contact may be made via telephone, email, or post. In order to honour your requests, it will be necessary to process some of your personal data, which you have indicated is useful
  • To disseminate and promote communicating with us and answering your questions.
  • To schedule a demonstration with one of our experts. The information requested allows us to optimize the content of our meetings and to adapt our commercial proposals.
  • Disseminate and promote topical information about our activities and services,
  • To receive news and tips from Inoopa (such as Inoopa's monthly newsletter). This information is collected as part of the various services offered. Subscribing to Inoopa's monthly newsletter is an option available to interested parties. The newsletter will keep subscribers informed of promotional offers and product/feature releases, provide tips about BtoB databases, and announce upcoming webinars and events. This processing is based on the consent of the data subject.
  • to allow the data subject to receive messages
  • to provide information on Site upgrades and functionality As well as
  • to personalize the user's experience when using our Sites. To facilitate the use of our Sites and to analyse, adapt and enhance the content of said Sites. In order to improve the quality of your visits to our Site, we use certain cookies which allow us to memorize some of your personal data. Nevertheless, the utilization of long-lasting cookies is constrained to a minimum.
  • For the purpose of conducting statistical surveys,
  • For any other purpose for which the data subject has provided express consent.

• 2.3. In the case of a data subject who is a User of the solution, Inoopa will process their data for the following purposes:

  • To start a free trial. In order to proceed, it is necessary to create an online account and select a plan, which requires the input of personal data that will be used to link your account to your identity.
  • To register your user account on our site. You are then able to place orders online via your user account on our site. In order to do this, it is necessary to create an online account and select a plan, which requires the insertion of personal data that is used to link the account to the individual in question. It should be noted, however, that we do not have access to your bank details. This processing is necessary for the performance of a contract and is also based on our legal obligation to provide (pre)contractual information.
  • The performance of services, processing of your transactions, and execution of your instructions are also subject to this processing. Inoopa processes your data to carry out the services you have requested. This implies that your personal data will be held by Inoopa for the duration required to provide you with the subscribed service(s). The processing is based on the fulfilment of a contractual obligation.
  • Invoice issuance and payment collection. Subsequently, the data will be processed by the accounting department for the purpose of effective financial management, including the creation of billing records, the compilation of surnames and first names, and the maintenance of billing addresses. This processing activity is based on the performance of a contract and legal obligations.

• 2.4. In the event that the data subject is a job applicant, the personal data in question is collected and processed for the purposes of entering a contract or taking steps at the applicant's request prior to such an agreement being formed. This is based on our legitimate interest or to fulfil a legal obligation. The following purposes justify the processing of personal data:

  • The recruitment of employees, interns, and other staff members.
  • The response to requests for information and questions from applicants.
  • The establishment and execution of the contractual relationship with the data subject.
  • The response to legal obligations to respect national labour laws.
  • The response to requests for information from the relevant authorities.

• 2.5. If the data subject is a freelancer/service provider for Inoopa, the personal data is collected and processed for the purposes of entering a contract or taking steps at your request prior to such an agreement, and for the execution of the contractual relationship with you.

• 2.6. If the data subject is a decision maker inside an organisation, Inoopa may process their personal data for marketing and communication purposes.

• 2.7. Regardless of the category of data subject, we will process personal data for the purpose of:

  • ensuring compliance with applicable laws and regulations. In order to fulfil this obligation, it may be necessary to process some of your personal data. This processing is prompted by our obligation to comply with legal requirements,
  • Protection of our rights or the rights of third parties. Inoopa may process your information for the purpose of safeguarding our own rights or those of third parties. Such processing will primarily occur in the context of the defence or protection of legal rights and interests, legal proceedings, the management of complaints or conflicts, and corporate restructuring, mergers, or acquisitions. It will be conducted on the basis of a legal obligation or a legitimate interest.

• 2.8. In the event that the data in question has been collected by a third party the aforementioned data may be processed for the following purposes: For the fulfilment of the purposes of personal data processing conducted by this third party, whether or not jointly with Inoopa. Within the framework of reporting and statistical analysis.

Article 3 – What is the legal basis for the processing of your personal data?

The legal basis for the processing of your personal data is as follows:

• 3.1. Consent: This may be given, for example, in order to receive direct communications. If consent is the legal basis for the processing of personal data, the data subject has the right to withdraw consent at any time without affecting the lawfulness of the processing that has occurred prior to withdrawal. When data subjects receive information in the context of direct communications, they may unsubscribe at any time from newsletters and other commercial communications from the controller (e.g. invitations to training, events or webinars). The individual will be placed in the "opt-out" category. Should you wish to unsubscribe, you may do so by sending an email to the following address: info@inoopa.com or by clicking on the "Unsubscribe" button located at the bottom of all direct communications. Please be advised that the processing of your opt-out request may take up to ten working days.
• 3.2. The processing of personal data is also justified by the necessity of fulfilling contractual obligations and executing requests from data subjects. It is necessary for us to collect certain data in order to respond to any requests that you may submit. In the event that the data is not shared with us, the performance of the contract may become impossible.
• 3.3. A legal obligation may necessitate the processing of the data; for example, the collection and storage of certain data is required to fulfil various legal obligations, including those pertaining to taxation and accounting.
• 3.4. The protection of vital interests.
• 3.5. The performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
• 3.6. Our legitimate interest, provided that it is in accordance with your interests, freedoms and fundamental rights.

We have a legitimate interest in providing you with this information and interacting with you, especially to respond to your requests or improve our services. The aforementioned interests are exercised in order to prevent abuse and fraud, control the regularity of our operations, exercise, defend and preserve our rights, for example in litigation, as well as evidence of a possible violation of our rights. Furthermore, they are exercised in order to manage and improve our relations with you, and to continually improve our Site and our products/services. However, such interests are not exercised in a manner that is contrary to your interests or your fundamental rights and freedoms requiring the protection of your personal data.

Article 4 – The duration of data retention

• 4.1. Inoopa will retain the personal data of its data subjects for the duration necessary to achieve the objectives set out in Article 2, except where a longer retention period is required or justified. This may be due to legal obligations in relation to tax matters or other legal obligations. Furthermore, Inoopa may retain personal data concerning data subjects, including all correspondence or requests for assistance sent to it, in order to respond to all questions or complaints that may be sent to it or in the event of an event organized by Inoopa.
• 4.2. In the absence of any exercise of rights, protection of rights, or other storage obligations prescribed by law,
  • a. the data of unsuccessful job applicants will be kept for a maximum of 24 months after notification.
  • b. The data of successful recruitment candidates will be kept for a longer period. Details of this will be provided in the HR privacy policy. Information will be provided to you via the HR privacy policy.
  • c. For public website users' data, your data will generally be kept for a maximum of:
    • 24 months after the last contact for data communicated when contacting us (in the absence of an order);
    • 24 months after your last visit to the Site.
  • d. for Solution users’ data, your data will generally be kept for a maximum of:
    • 10 years after the deletion of your account/the placing of your last order, with regard to the following data:
    • Data and information relating to the User when creating or using their User Account, such as the last name, first name, email address, password, country, and other data related to the company they work for and Client of Inoopa (such as the full legal name, email address, country, and optionally, the company name, billing address, and tax ID number);
    • Subscription history;
    • Data communicated when contacting us (except in the absence of performance of services by Inoopa – in this case, the data is kept for 24 months after the last contact)
  • e. for the data retention period relating to cookies, you can find more information in our Cookie Policy.
• 4.3 Once the aforementioned objective has been accomplished, the personal data in question shall either be deleted or rendered anonymous.

Article 5 – Will data be used for direct communication and marketing purposes?

• 5.1. The personal data will not be used for direct communication purposes for services that are identical or similar to those to which the user has already subscribed, unless the user has previously explicitly consented to such use by indicating their consent via the provided tick boxes ("opt-in").
• 5.2. Should consent be granted for the utilization of the aforementioned information for direct communication purposes, the individual shall retain the right to object to such use at any time, upon request, and free of charge. Should you wish to exercise your right to object to the aforementioned use of your data, you may do so by writing to the following address: dpo@inoopa.com.

Article 6 - What are your rights?

• 6.1. In the context of the processing of personal data, the following rights apply:

  • Right to access your personal data;
  • Right to be informed about the purposes of the processing and the identity of the data controller;
  • Right to rectify, complete or update your personal data. We encourage you from time to time to access your account (if applicable) or to consult us to check that your data is up to date;
  • In certain circumstances, the right to delete your personal data (‘right to be forgotten’). You may, at any time request the deletion of your personal data, with some exceptions such as those we have to keep on record because of a legal obligation;
  • Right to restriction of the processing of your personal data. You may, in particular, obtain a limitation of processing when you have objected to the processing, when you dispute the accuracy of the data, or when you consider that the processing is illegal;
  • Right to the portability of your personal data. You have the right to receive the personal data that you have communicated to Inoopa and may also ask said company to send this data to another data controller.
  • Right to object against the processing of your personal data;
  • Right to withdraw your consent (if the legal basis for processing is consent);
  • Right to lodge a complaint. You have the right to lodge a complaint about the way we process your personal data to the Belgian Data Protection Authority (DPA):
  • Autorité de Protection des Données (APD)
    • Rue de la Presse 35
    • B-1000 Brussels
    • contact@apd-gba.be
    • https://www.autoriteprotectiondonnees.be

• 6.2. In accordance with the GDPR and Belgian law, the exercise of these rights is in certain cases limited to certain assumptions or subject to compliance with certain conditions. In the event a data subject exercises some of their rights, Inoopa indicates that certain services may no longer be accessible or may no longer be provided. For example, if a data subject deletes some information from their user account, some services may no longer be provided to them.

• 6.3. Automated processing which produces legal effects concerning data subjects or similarly significantly affects them, including profiling, is not employed by us.

• 6.4. Should you wish to exercise your privacy rights, you are invited to contact info@Inoopa.com or, should you have any legal issue, our DPO: dpo@Inoopa.com. The requisite steps will then be undertaken with the utmost expediency, and within one month of receipt of the request. In the event that the aforementioned period is insufficient, it may be extended by a further two months, in consideration of the complexity and number of requests.

Article 7 – What security measures are in place?

• 7.1. Furthermore, Inoopa has implemented the requisite organisational and technical measures to guarantee a level of security commensurate with the associated risks. These measures are designed to prevent:
  • unauthorized access to, or modification of the personal data
  • improper use or disclosure of such data
  • unlawful destruction or accidental loss of the data.
• 7.2 Consequently, all Inoopa employees and members with access to this data are bound by a strict obligation of confidentiality. Notwithstanding the aforementioned security measures, Inoopa cannot be held liable in the event that the data in question is stolen or hijacked by a third party.
• 7.3. You undertake not to engage in any actions that may be in contravention of this Privacy Policy, the Terms of Service of the Solution, the Terms of Use of the Site, or the Cookies Policy, or, in general, the law. Any violations of the confidentiality, integrity, and availability of information systems and data stored, processed, or transmitted by these systems, or any attempts to commit such violations, shall be subject to penalties.

Article 8 – To what extent is your data shared with third parties?

• 8.1. Inoopa treats personal data as confidential information. It will not divulge such information to third parties under any circumstances other than those specified in the Privacy Policy, such as to achieve the objectives set out and defined in Article 2, or under the conditions in which the law requires it to do so.
• 8.2. In this context, it is possible that your personal data may be communicated to the following categories of organisations:
  • Payment and accounting partners
  • Insurances
  • CRM and communication tool
  • User behaviour analytical tools
  • Internal or external auditors
  • Cloud service providers
  • Social media platforms (such as LinkedIn)
  • Recruiting platform/software
• 8.3. In the event that we transfer your personal data to third parties, the third party in question shall be required to use your personal data in accordance with the General Data Protection Regulation (GDPR) and the provisions set forth in this Privacy Policy.
• 8.4. Nevertheless, it should be noted that Inoopa may transfer your personal data in the following circumstances: To the relevant authorities when required to do so in accordance with the law or within the framework of a judicial or administrative procedure. For example, data may be exchanged with public authorities (including the judiciary, the police, and regulators) in the event of, for example, a cyber incident. To guarantee and defend our rights or allow third parties to defend their rights. If this proves necessary or desirable to meet legal or regulatory obligations. In the event a third party acquires substantially all of our assets, in which case your personal data will be transferred as part of the acquisition. In the event that you have consented to it, if applicable.
• 8.5. The communication of this information to the aforementioned organisations shall, in all circumstances, be limited to what is strictly necessary or required by the applicable regulations.

Article 9 – Will data be transferred to a country outside of the European Economic Area (EEA)?

• 9.1. Inoopa transfers data to a country outside the European Economic Area only when that country ensures an adequate level of protection within the meaning of the legislation in force and, in particular, within the meaning of the General Data Protection Regulation (for further details on the countries offering an adequate level of protection, please see the Adequacy decisions from the European Commission) or within the limits permitted by the legislation in force, for example by ensuring the protection of data by appropriate contractual provisions.
• 9.2. Should you require further clarification on any of the aforementioned points, we kindly request that you contact us at the following address: dpo@Inoopa.com

Article 10 – Amendments to the Policy

• 10.1. The Inoopa Privacy Policy is subject to periodic updates, as necessary, in order to ensure compliance with evolving legislation and regulations. These updates will be published on the Inoopa Site. Such changes may be prompted by developments in data protection legislation, the recommendations of the Belgian Data Protection Authority, the guidelines, recommendations and best practices of the European Data Protection Board and the decisions of the courts and tribunals on this issue.
• 10.2. In this context, any substantial modification subsequently made to the Privacy Policy will be duly communicated to the relevant parties. Nevertheless, it is strongly recommended that users regularly consult the Site and the relevant page on which the Privacy Policy is available in order to ensure awareness of any minor modifications.

Article 11 – Validity of the Contractual Clauses

• 11.1 The failure of Inoopa to invoke a provision of this Policy at any given time does not constitute a waiver of its rights under the said provision at a later date.
• 11.2 The invalidity, expiration, or unenforceability of any provision set forth above or below shall not result in the invalidity of the entire Privacy Policy. Any provision that is wholly or partially invalid, lapsed, or unenforceable shall be deemed to be absent from the Policy. It is Inoopa's intention to replace this provision with another that, to the greatest extent possible, fulfils the same objective.

Article 12 – Applicable Law and Jurisdiction

• 12.1. The validity, interpretation, and/or implementation of the Privacy Policy are entirely and exclusively subject to Belgian law, in accordance with the prevailing rules of private international law.
• 12.2. In the event of a dispute pertaining to the validity, interpretation, or implementation of the Privacy Policy, the courts and tribunals of Brussels (Belgium) shall have exclusive jurisdiction, in accordance with the provisions of applicable private international law.
• 12.3. Prior to pursuing any legal recourse, the data subject and Inoopa shall endeavour to resolve the matter amicably. To this end, they shall first contact each other before, where appropriate, resorting to mediation, arbitration, or any other alternative method of dispute resolution.