DATA PROTECTION TERMS
In the delivery of our Services and Platform, we may have access to certain data which qualifies as Personal Data. These Data Protection Terms govern the Processing by the Company of such Personal Data. These Data Protection Terms apply in addition to the other provisions as set out in the Agreement. Capitalized notions used throughout the Data Protection Terms shall have the meaning attributed to them as set out in the Terms, unless as otherwise expressly specified in these Data Protection Terms. Where and to the extent the terms of these Data Protection Terms would contradict the Terms, the former shall prevail over the latter.
All use of the Services is expressly subject to full acceptance of these Data Protection Terms.
- Who are we?
- The Platform and Services are offered by Webfuse BV. We trade under the name Webfuse. Our company is established under the laws of Belgium, and has its registered seat at Evangeliestraat 145a, 9220 Hamme, Belgium. Our VAT number is ___________________.
- The Customer can contact Company via the Contact Us page where all contact details are provided.
- Throughout the Terms, we will refer to ourselves as “we”, “us”, “our” and “Company”.
- Additional definitions
- “Data Protection Legislation” means any applicable legislation in force regarding the processing and protection of Personal Data.
- “Controller“, “Processor“, “Data Subject“, “Personal Data”, “Personal Data Breach” and “Processing“/”Processed”/”Process” shall have the same meanings as in the Data Protection Legislation.
- “End Customer” means a potential, current or former individual which (intends to) make(s) use of or has made use of the products and / or services offered by the Customer and whose Personal Data, to a certain extent, are used within the Services.
- Processing of customer data
- The Company shall act as a Controller with respect to Customer business representative Personal Data, including addresses, email, telephone number and other information which is shared generally and necessarily as a result of the (potential) business relationship between the Company and the Customer and their respective representatives and Users.
- The data referred to in clause 3.1 shall be Processed for purposes of contract management and customer relationship management (including the promotion of the Company’s Services).
- Customer shall ensure, through its contractual arrangements, that all Personal Data provided to the Company by its representatives / Users can be used according to the clauses above and that the relevant Data Subjects have been properly and fully informed by Customer and that Customer either has obtained the relevant consent of each such Data Subject or made appropriate contractual arrangements to this end. Any claims to the contrary shall be Customer’s sole responsibility.
- Processing of End Customer data
- Nature and purpose of Processing End Customer Personal Data. As a result of the nature of the Services supplied, the Company may have (remote) access to and Process certain End Customer Personal Data which the Customer decides to Process through the use of the Services / Platform.
- Roles of the Parties. In respect of what is set out in clause 4.1:
- the Company shall in such capacity act solely as a Processor, not a Controller, and respect the obligations imposed on it as set out in Data Protection Legislation. The Customer agrees and acknowledges that the Processing activities referred to in this clauses 4 and 5 are an integral part of the standard Product offering of the Company and are thus performed on the instruction of the Customer, who wishes to make use of the same. The Agreement and its provisions are Customer’s documented instructions to the Company for Processing End Customer Personal Data. Additionally, where the Company is obliged by applicable law to Process Personal Data, it shall have the right to do so.
- Customer shall at all times act as a Controller in relation to Personal Data supplied to the Company (except as set out in clause 3), including Personal Data of End Customers. As a result, Customer shall comply with all of its obligations as a Controller under Data Protection Legislation, including without limitation obtaining and maintaining all necessary and valid consents and providing sufficient transparency. Without limiting the generality of the foregoing, Customer shall (i) have sole responsibility for the accuracy, quality, integrity, legality and reliability of Personal Data and of the means by which it acquired Personal Data and (ii) comply with all applicable Data Protection Legislation in collecting, compiling, storing, sharing, transferring, accessing and using Personal Data when making use of the Services and the Platform.
- Additional purposes of Processing
- On the basis of our legitimate interest, we have the right to aggregate the data, for example for business and statistical analysis which can be used for development, marketing, advertising, research or other purposes (including using and depicting such data on the Website).
- In addition to the foregoing we can also use the Personal Data for:
- Logging and support. We shall log Personal Data used and made available through the Services and Platform for the purposes of the provision of services of support and analysis to the Customer. Personal Data shall be logged for a standard period of thirty (30) calendar days, but such period can be adapted by the Customer in accordance with the functionalities provided on the Platform. The legal basis of this Processing is the execution of the Agreement between the Customer and the Company.
- Analysis of the use of the Services. We can Process Personal Data to better understand access to and use of our Platform and Services. To this end, we are allowed both to aggregate Personal Data or use it on an individualized basis. This can also be used to respond to our Customers’ and/or Users’ desires and preferences, and for other research, analytical, and statistical purposes. The legal basis for this kind of Processing of Personal Data is our legitimate interest we have in acquiring commercial and business intelligence in relation to our Services.
- Complying with legal requirements and requests from competent authorities. We may also Process Personal Data (or information containing Personal Data) in order to comply with obligations resulting from applicable laws and regulations or with any request from a competent authority.
- Protecting our rights and interests. We may also Process Personal Data (as well as non-personal data) to protect the legitimate rights and interests of the Company and its Customers and Users, as well as to enforce these Data Protection Terms and our Terms and to verify Customer’s compliance therewith. Furthermore, we may disclose information when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to our business, the safety of any person, violations of our Terms or these Data Protection Terms, or as evidence in litigation in which we are involved. The Processing of your Personal Data for this purpose is based both on the execution of the Terms entered into when using these Services as well as on our legitimate interest to protect our rights and interests.
- Corporate restructuring. We reserve the right to disclose and/or transfer information to another entity if we are acquired by or merged with another company, if we sell or transfer a business unit, shares or assets to another company, as part of a bankruptcy proceeding, or as part of any other similar business transfer.
- After termination of the Agreement, the Company shall have no access to (End) Customer Personal Data. Where, after termination of the Agreement, any (End) Customer Personal Data would remain on any of the systems of the Company, Customer has the right to request the deletion or return of such Personal Data. Any such request must be submitted to the Company in writing.
- Customer acknowledges and agrees that the Company may rely on sub-Processors to support the provision of the Platform and/or Services described in the Agreement, including without limitation hosting providers as set out in the Terms. The Company may, from time to time, make use of third party IT tools which allow the Processing of Personal Data, including standard email programs, enterprise resource planning tools and issue and project tracking tools.
- For the avoidance of doubt, use of sub-Processors will not relieve, waive or diminish any obligation the Company has under these Data Protection Terms. Notwithstanding the foregoing and where relevant, the Customer accepts that the use of the technical means to allow remote access to End Customer Personal Data is approved by the Customer.
- Such use may entail the transfer of said Personal Data to countries not pertaining to the European Union, but the Company shall undertake reasonable efforts to cooperate with such entities offering a sufficient level of data protection.
- The Customer understands and agrees that in essence, the Platform provides for an integration platform which allows for integration with third parties. In such event, the integration (including data transfers) will be performed in agreement with and under the full and exclusive responsibility of the Customer. No data shall be shared with parties other than as set out in these Data Protection Terms, including as stated in this clause.
- Data Subject rights
- Data Subjects have specific rights attributed to them, including a right to access, rectify and have erased data. Such requests can be emailed directly to us via firstname.lastname@example.org and shall be followed up within the shortest delays.
- During the term of the Agreement, the Company shall, to the extent possible for the Company and to the extent Customer (who shall at all times be the first contact point of the End Customer) has no other means to meet its obligations under Data Protection Legislation towards End Customers, provide Customer with reasonable assistance to meet its obligations under Data Protection Legislation. In the event the Company would receive any request from an End Customer or other Data Subject related to the Customer to access, delete, correct, block or otherwise Process Personal Data Processed under the Agreement, the Parties agree that the Company shall inform Customer of the same and hand over all relevant communications to Customer.
- Individuals can also at all times lodge a complaint with the competent supervisory authority.
- We value the security of our Customer’s information, including but not limited to the Personal Data collected via the Platform and/or Services. We have taken technical and organizational steps to help protect the information we collect from loss, misuse, unauthorized access, disclosure, alteration, destruction and any other form of unauthorized processing. Please be aware, however, that no data security measures can guarantee 100% security. The relevant provisions of the Terms shall apply in this respect.
- Company shall undertake all reasonable efforts to ensure that access to Personal Data by Company personnel is limited to those personnel who require such access to perform the Agreement and that those personnel to whom it grants access to such Personal Data are directed to keep such Personal Data confidential.
- To the extent relevant, and unless notification is delayed by the actions or demands of a law enforcement agency, the Company shall report to Customer the unauthorized acquisition, access, use, disclosure or destruction of Personal Data, (a “Breach”) promptly following determination by Company that a Breach occurred on its systems.
- Upon Customer’s reasonable request, the Company shall provide such information to Customer necessary to demonstrate its compliance with Data Protection Legislation. Customer can also request an independent third-party auditor, to be approved in writing by the Company, to conduct an audit. The contract with such auditor shall require the auditor to respect the Company’s confidentiality obligations, trade secrets and Confidential Information and shall solely relate to compliance with Data Protection Legislation for Customer. An audit can only be required taking into account reasonableness and for a maximum of once (1) per two (2) years. Audits shall be conducted at a time agreed with the Company in writing, and in each event during normal business hours and without interruption to the Company’s normal business operations. Customer shall bear all costs related to such audits.
- Changes to these Data Protection Terms
- We may change these Data Protection Terms from time to time, so please be sure to periodically check the latest version. We will post any changes to these Data Protection Terms via a message on the Platform.
- Third party links
- Our Platform and Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by these Data Protection Terms but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information security nor privacy practices of such third-party websites.