PRIVACY POLICY ZAPFLOOR BV – DIRECT MARKETING
1. Introduction
This Privacy Policy applies only to the processing of Personal Data for direct marketing purposes via the Zapfloor platform available via: https://app.zapfloorhq.com/login (the “Platform”) owned by:
|
Zapfloor BV Van immerseelstraat 66 2018 Antwerp (Belgium) |
|
Business Number: BE 0639.786.759 |
Hereinafter “Zapfloor”, “we” or “us”.
The Platform has been licensed to the “Lessor”, being the owner of a business centers, a coworking space, a flexible work space, etc. Personal Data processed by Zapfloor are entered in the Platform by the user him/herself.
Zapfloor deems the protection of privacy of the utmost importance and wishes to enable you – as user of the Platform – to maintain full control over what happens to your Personal Data and your privacy and to inform you accordingly.
All capitalized terms that are not defined in this Privacy Policy shall have the meanings as ascribed to them in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”).
By using the Platform and accepting this Privacy Policy, you expressly agree to the manner in which Zapfloor collects and Processes your Personal Data as described in this Privacy Policy.
2. Who processes your personal data and how can you contact us?
Zapfloor will be considered the Controller of your Personal Data with regard to direct marketing activities by Zapfloor.
Zapfloor has appointed a privacy officer, whom you can contact, whom you can always contact for questions about privacy and Processing of your Personal Data. The privacy officer can be reached at:
|
Privacy officer Email address: [email protected] |
3. What Personal Data are Processed?
Zapfloor Processes the following categories of Personal Data with regard to its direct marketing activities:
|
Contact information |
Personal Data such as name and email address |
4. What are the purposes and grounds for the Processing of your Personal Data?
The purpose and principles of the Processing of your Personal Data mainly depends on the category of Personal Data concerned. Below you will find an overview of the purpose and ground of the various Personal Data that we Process.
|
Contact information |
Purpose |
Personal Data will be Processed for sending you direct marketing messages related to the Zapfloor Platform, other Zapfloor products, updates, events, etc. |
|
Grounds for Processing |
Consent |
The Processing of the above-mentioned Personal Data by Zapfloor will be based on the consent you provide. Your consent is always free, and you have the right to withdraw this consent at any time. Withdrawal of consent does not affect the Processing of Personal Data (i) prior to such withdrawal, (ii) based on a legitimate ground for Processing Personal Data, and (iii) in case of a legitimate interest of the Processing.
5. Withdrawal of your consent
Zapfloor will use your Personal Data for direct marketing purposes. This enables Zapfloor to keep you informed about the Platform, its products, updates, events, etc. You give your explicit consent for this, but you may at any time withdraw this consent and object to the Processing of your Personal Data for direct marketing purposes to the extent that it is related to such direct marketing (free of charge), by sending an email to [email protected].
6. Receiving and sharing Personal Data
Zapfloor receives your Personal Data which it uses for direct marketing purposes in cases as and when you create a profile on the Platform or when you use the Platform.
Zapfloor will always share your Personal Data in a minimal way. However sometimes Zapfloor needs to share Personal Data with third parties. You therefore provide your express consent to share your Personal Data as described in this Privacy Policy.
Subprocessors of Zapfloor always act under the responsibility of Zapfloor. If Zapfloor contracts Subprocessors, this will always be done in accordance with a Data Processor Agreement that meets the requirements of the GDPR and that protects your Personal Data as well as possible. Zapfloor may share your Personal Data with third parties for storing and Processing your Personal Data or sending content to you, etc..
Zapfloor will never share or sell your Personal Data with or to commercial enterprises.
7. Transfer of Personal Data to countries outside the European Economic Area (EEA)
In principle, Zapfloor does not transfer your Personal Data to countries outside the EEA. It is, however, possible that Zapfloor - through its Subprocessors - does transfer your Personal Data to countries outside the EEA. Should a less strict protection for Personal Data apply in a specific country than within the EEA, Zapfloor will then ensure that the same level of protection is achieved (e.g. by concluding an agreement with the Processor located in a country outside the EEA).
8. How will my Personal Data be retained?
Your Personal Data will be retained for (i) as long as you are a user of the Platform, or (ii) until you asks Zapfloor to return or delete your Personal Data, or (iii) until you withdraw your consent.
Zapfloor retains your Personal Data in its own databases and/or in the databases of its Subprocessors. You may ask Zapfloor to provide a copy of the list of these Subprocessors at any time.
9. How are my Personal Data safeguarded?
Zapfloor has developed appropriate technical and organizational measures, safeguards and assurances to Process your Personal Data in accordance with applicable Belgian and European regulations, in particular to protect your Personal Data against loss, misuse, or unauthorized alteration. Zapfloor maintains a team of technicians, automated systems, and advanced technologies, such as:
- Data encryption
- Recovery procedure for restoring Platform at an alternative location in case of a major technical problem
- Only authorised persons have access to Personal Data
- Password protection
- Data breach procedure
- Activity logs
- Secure data centers
Zapfloor makes all reasonable and appropriate efforts to protect the confidentiality of your Personal Data.
Despite the above measures taken by Zapfloor, you should be aware that there are always risks associated with sending Personal Data over the internet. The security and protection of your Personal Data can never be fully guaranteed.
10. What rights do I enjoy?
If and in as far as provided for in the applicable Belgian and European regulations, you have the right:
- to receive confirmation as to whether Zapfloor Processes your Personal Data and, where this is the case, to access the Personal Data that Zapfloor Processes;
- to corrections by Zapfloor, without undue delay, of any inaccurate or incomplete Personal Data;
- to have your Personal Data deleted by Zapfloor;
- to obtain your Personal Data and to transfer them to another Controller or Processor;
- to obtain a limitation of the Processing of your Personal Data from Zapfloor, to the extent possible subject to applicable Belgian and European regulations;
- to receive your Personal Data in a structured, common and machine-readable format;
- to prevent the Processing of your Personal Data and the use of your Personal Data for direct marketing purposes.
You may exercise these rights by contacting the Privacy Officer of Zapfloor and providing him/her with a copy of your identity card (no identification number may be visible).
If and to the extent provided for in the applicable Belgian and European regulations, you have the right to file a complaint with the competent supervisory authority should the Processing of your Personal Data violate the applicable regulations. In Belgium, this is the Data Protection Authority (“Gegevensbeschermingsautoriteit”).
11. Amendments to this Privacy Policy
Zapfloor may amend this Privacy Policy at any time. The date of the most recent version is shown in the top left-hand corner of the Privacy Policy. Amendments are available in the Platform to keep you informed at all times of the information that Zapfloor collects and of how it uses and shares this information.
Amended versions of this Privacy Policy take effect ten (10) days after their publication on the Platform. Where required they will always be submitted for approval.
12. Consent for disclosure
You acknowledge, confirm, and expressly consent that we may disclose your Personal Data if this is required by law, or if Zapfloor determines in good faith that such disclosure is required in order:
- to comply with any pending judicial inquiry, judicial order or litigation pertaining to the Platform;
- to compel observance of the general terms and conditions of Zapfloor;
- to respond to claims against Zapfloor regarding Personal Data that violate any rights of third parties;
- to safeguard the rights, property and safety of Zapfloor, its employees, users, and the general public.
Zapfloor may disclose your Personal Data to competent police or judicial authorities or other official government authorities if Zapfloor deems this useful or necessary, in its sole discretion, for the investigation of fraud, intellectual property infringement or any other harmful activity, or if Zapfloor reasonably suspects that such activity may expose Zapfloor or you to any liability.
13. Liability
If Zapfloor has legitimately transmitted your Personal Data to a third party (not being a Subprocessor), Zapfloor shall not be liable for any direct or indirect damages resulting from faulty or unlawful Processing or unlawful use by that third party.
Zapfloor is also not liable when third parties Process or use your Personal Data illegitimately and Zapfloor has taken the appropriate technical and organizational measures to go against such illegitimate Processing or use.
Zapfloor is only liable for direct damages caused by Processing of your Personal Data if it did not comply with its specific obligations as Processor under the GDPR. Zapfloor shall in no event be liable for any special, incidental, indirect or consequential losses or damages.
14. Applicable law and jurisdiction
This Privacy Policy shall be governed, interpreted, and implemented in accordance with Belgian law, which applies exclusively in the event of any dispute.
The Courts of Antwerp, division Antwerp (Belgium), are exclusively competent to decide on any dispute that may arise from the interpretation or implementation of this Privacy Policy, without prejudice to your right to present a dispute before the competent court on the basis of a mandatory statutory provision.