Privacy Charter
PRIVACY CHARTER
Preamble
Beventup values your privacy and applies a personal data protection policy in accordance with its legal obligations. We therefore inform you of the way in which we process this personal data and we ensure that this processing is done in your interest.
Please also note that all terms contained in this Privacy Policy must be understood in their epicene sense.
ARTICLE 1. PARTS AND PURPOSE OF THE PRIVACY CHARTER
1.1. General
The Data Controller is Beventup SRL, headquartered at Chemin Noulez, 7 7870 Lombise , registered with the Banque Carrefour des Entreprises under number BE 1008.061.810 (hereinafter referred to as “Beventup” or “Data Controller”). Beventup is the publisher of the Beventup platform (hereinafter referred to as the “Application”), hosted in France.
The term “User”, also used in the plural, refers to any user, i.e. any natural person, who has created an account on the Application, who consults the Application or its content, who inserts personal data on the Application, who downloads files, uses them, registers via any form available on the Application, becomes a member, subscribes or contracts with the Data Controller.
The User can contact the Beventup team by email/mail at the following address(es): contact@beventup.com.
1.2. Purpose of the Charter
Beventup establishes this Privacy Charter, the purpose of which is to transparently inform the User of the Application of the way in which their personal data is collected and processed by Beventup.
Users must necessarily read the Privacy Charter and expressly consent to it by checking the box provided for this purpose on the Application, in accordance with article 5 of this Charter.
1.3. Measures
As such, Beventup – and/or its service providers acting in its name and on its behalf – determine(s) all the technical, legal and organizational means and purposes of the processing of the User’s personal data. To this end, Beventup undertakes to take all necessary measures to guarantee the processing of personal data in compliance with the law of July 30, 2018 relating to the protection of individuals with regard to the processing of personal data (hereinafter , the “Law”) and the European Regulation of April 27, 2016 relating to the protection of the data of individuals with regard to the processing of personal data and the free movement of such data (hereinafter the “Regulation” ).
1.4. Appointment of a subcontractor
Beventup is free to designate as a subcontractor any natural or legal person who processes the User’s personal data at their request and on their behalf (hereinafter the “ Subcontractor ” ).
The Data Controller undertakes to select a Subcontractor offering sufficient guarantees as to the implementation of appropriate technical and organizational security measures so that the processing meets the requirements of the Regulation and the Law and guarantees the protection of the rights of the data subject.
Where applicable, the processing by a Subcontractor is governed by a contract or other legal act which binds the Subcontractor with regard to the Data Controller, defines the purpose and duration of the processing, the nature and the purpose of the processing, the type of personal data and the categories of data subjects, the obligations and rights of the Data Controller. This contract or other legal act also mentions the obligations of the Subcontractor contained in article 28, paragraph 3 of the Regulation and article 53, paragraph 3, al. 2 of the Act.
ARTICLE 2: PROCESSING OF PERSONAL DATA
2.1. Data communication
The creation of a User account and the use of it by the User could result in the communication of personal data. The personal data likely to be processed are referred to in Article 4 of this Charter. The processing of this data by Beventup in its capacity as Data Controller, and/or by service providers acting in the name and on behalf of Beventup, will comply with the Law and the Regulations.
2.2. Means of data processing _
Personal data will be processed by Beventup, in accordance with the purposes mentioned in article 3, via:
● a procedure automated ;
● the form for creating a User account;
● sharing free content;
● investigations _ Or questionnaires;
The Data Controller also collects non-personal data provided indirectly by Users. This data is anonymous in that it does not allow Users to be directly or indirectly identified. They may therefore be used, for example, to carry out anonymous statistical studies, improve the Application as well as the products and services offered or the Data Controller’s advertisements. Such use of non-personal data cannot be carried out if this data can be combined with other personal data in such a way that identification of the User is possible.
ARTICLE 3. PURPOSES OF PROCESSING PERSONAL DATA
In accordance with Article 13, paragraph 1, c) of the Regulation, the purposes of the processing of personal data are communicated to the User and are as follows:
● ensure the execution of the services offered and agreed on the Application;
● ensure control of the execution of the services offered;
● answer the User’s questions;
● produce statistics in order to improve the Application, the services offered and the internal organization of its operation;
● allow better identification of the User’s interests;
● allow the User to exercise their rights set out in Article 8;
ARTICLE 4. PERSONAL DATA LIKELY TO BE PROCESSED
When creating a User account and using it, the User consents, in accordance with Article 5 of the Charter, to the Data Controller collecting and processing, according to the terms and principles described in this Charter, the following personal data:
● information concerning the User that the latter communicates to Beventup, namely: name, first name or pseudonym, email address, telephone number ; and more generally, any information voluntarily communicated by the User;
● information provided by the User when filling out forms or contacting Beventup by telephone, email address or any other means, such as their name, address, email address and telephone number;
With regard to each of the User’s visits to the Application, the information automatically collected is: IP address, browser type and model, time zone, operating system.
ARTICLE 5. CONSENT
5.1. Acknowledgment and agreement of the User
When creating a User account and using it, the User declares to have read and to have given their consent in a free, specific, informed and unequivocal manner to the processing of personal data concerning them. This agreement concerns the content of this Privacy Charter.
5.2. Act positive consent _
Consent is given by the positive act by which the User has checked the box offering the Charter as a hyperlink. This consent is an essential condition for carrying out certain operations on the Application.
5.3. Consent to data processing _
The User consents to the Data Controller processing and collecting, in accordance with the terms and principles included in this Charter, the personal data that he communicates on the Application or by any other means.
5.4. Withdrawal of consent
The User has the right to withdraw consent at any time. Withdrawal of consent does not compromise the lawfulness of processing based on consent previously given. The exercise of this right is carried out in accordance with article 8 of this Privacy Charter.
ARTICLE 6. DURATION OF STORAGE OF USERS’ PERSONAL DATA
In accordance with Article 13, paragraph 2, a) of the Regulation, the Data Controller provides the User with information regarding the retention period of personal data.
In this case, the latter will only be kept during the period of activity of the User account. In the event of prolonged inactivity of said account, this retention period is a maximum of 36 months (i.e. three years) in application of the right to be forgotten enjoyed by the User. In the event of termination of the contractual relationship between the User and the Data Controller, the data is kept for a period of 36 months from said termination.
For statistical purposes, Users’ personal data may be kept for a period exceeding 36 months, they will then be anonymized beforehand.
ARTICLE 7. RECIPIENTS OF DATA AND DISCLOSURE TO THIRD PARTIES
Personal data may be transmitted to possible Beventup employees who, located in Belgium or in the European Union, collaborate with the Data Controller in the context of the provision of services. They act under the direct authority of Beventup, and are notably responsible for collecting, processing or subcontracting this data.
In all cases, the recipients of the data and those to whom it has been disclosed respect the content of this Charter. Beventup ensures that it will process this data only for the purposes provided for in Article 3 of the Charter, in a discreet and secure manner.
In the event that the data is disclosed to third parties for direct marketing or prospecting purposes, the User will be informed in advance so that they can express their consent to the use of their personal data.
Finally, the Data Controller may be required, in execution of a law, in the context of legal proceedings or a request from public authorities, to disclose personal data.
ARTICLE 8. USER RIGHTS
At any time, the User can exercise their rights by sending a message electronically to the address contact@beventup.com or by post to the following address: Chemin Noulez 7, 7870 Lombise, attaching the following information to their request:
● his full name ;
● their User name ;
● his address electronic ;
● the reason for contacting the Data Controller.
When the Data Controller can reasonably doubt the identity of the User submitting a request, he reserves the right to ask to attach any additional information necessary to prove his identity.
8.1. Permission to access
In accordance with article 15 of the Regulations, Beventup guarantees the User’s right of access to their personal data. The User has the right to obtain access to said data as well as to the following information:
● the purposes of the processing ;
● the categories of personal data concerned;
● the recipients or categories of recipients to whom the data have been or will be communicated, in particular recipients established in third countries of the European Union or international organizations;
● where possible, the planned retention period of the personal data or, where this is not possible, the criteria used to determine this period;
● the existence of the right to request from the Data Controller the rectification or erasure of personal data, or a restriction of the processing of said data relating to the data subject, or the right to object to such processing;
● the right to lodge a complaint with a supervisory authority;
● where applicable the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the Regulation, and, at least in such cases, the information used regarding the underlying logic , as well as the importance and anticipated consequences of this processing for the User;
● where personal data is not collected from the data subject, any available information as to their source.
If the User exercises the right of access, the Data Controller provides a copy of the personal data being processed. The Data Controller may require payment of a reasonable fee based on administrative costs for any additional copies requested by the data subject.
When the data subject submits their request electronically, the information is provided in commonly used electronic form, unless the User requests otherwise.
A copy of their data will be communicated to the User no later than the month following receipt of the request.
8.2. Right of rectification
In accordance with article 16 of the Regulations, the User has the right to obtain from the Data Controller, as soon as possible, the rectification of his personal data which proves to be inaccurate. Taking into account the purposes of the processing, the User also has the right to have incomplete personal data completed.
The User first makes the necessary modifications himself from his User account, unless these cannot be carried out independently. If necessary, the request can be made to Beventup via email to the following address: contact@beventup.com.
In accordance with Article 19 of the Regulation, the Data Controller notifies each recipient to whom the personal data has been communicated of any rectification thereof, unless such communication proves impossible or requires disproportionate effort. The Data Controller provides the User with information about these recipients if the User requests it.
8.3. Right to erasure
The User has the right to obtain the erasure of his personal data as soon as possible, in the cases listed in Article 17 of the Regulations, that is to say when:
● the personal data are no longer necessary for the purposes for which they were collected or are otherwise processed;
● the User withdraws the consent on which the processing is based, in accordance with Article 6, paragraph 1, a) or Article 9, paragraph 2, a) of the Regulation, and there is no other basis treatment ;
● the User objects to the processing of their data under Article 21, paragraph 1 of the Regulation. and there is no overriding legitimate reason for the processing, or the User objects to the processing pursuant to article 21, paragraph 2 of the Regulation;
● the personal data have been the subject of unlawful processing;
● the personal data must be erased to comply with a legal obligation which is provided for by European Union law or by the law of the Member State to which the Data Controller is subject; Or
● the personal data were collected as part of the provision of information society services referred to in Article 8, paragraph 1 of the Regulation.
Where the Data Controller has made personal data public and is required to erase them pursuant to the previous paragraph, the Data Controller, taking into account available technologies and implementation costs, shall take reasonable measures , including of a technical nature, to inform other data controllers who process these data that the User has requested the erasure of any link to their personal data, or any copy or reproduction thereof.
Paragraphs 8.3.1. and 8.3.2. do not apply to the extent that such processing is necessary:
● to the exercise of the right to freedom of expression and information;
● to comply with a legal obligation which requires processing provided for by European Union law or by the law of the Member State to which the Data Controller is subject, or to carry out a mission of public interest or relating to the exercise the public authority vested in the Data Controller;
● for reasons of public interest in the field of public health, in accordance with Article 9, paragraph 2, h) and i), as well as Article 9 paragraph 3 of the Regulation;
● for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89, paragraph 1 of the Regulation, to the extent that the right referred to in paragraph 1 is likely to make it impossible or seriously compromise the achievement of the objectives of said processing; Or
● for the establishment, exercise or defense of legal rights.
In accordance with article 19 of the Regulation, the Data Controller notifies each recipient to whom the personal data has been communicated of any erasure thereof requested by the User, unless such communication proves impossible or requires disproportionate efforts. The Data Controller provides the User with information about these recipients if the User requests it.
8.4. Right to restriction of processing
The User has the right to obtain the limitation of the processing of his personal data in the cases listed in Article 18 of the Regulations, that is to say when:
● the accuracy of the personal data is contested by the User, for a period allowing the Data Controller to verify the accuracy of the personal data;
● the processing is unlawful and the User opposes their deletion and instead demands the limitation of their use;
● the Data Controller no longer needs the personal data for the purposes of processing but they are still necessary for the User for the establishment, exercise or defense of legal rights; Or
● the User has objected to the processing pursuant to Article 21, paragraph 1 of the Regulation during the verification whether the legitimate grounds pursued by the Data Controller prevail over those of the User.
In accordance with Article 19 of the Regulation, the Data Controller notifies each recipient to whom personal data have been communicated of any restriction of processing carried out, unless such communication proves impossible or requires disproportionate effort. The Data Controller provides the User with information about these recipients if the User requests it.
8.5. Right of data portability
In accordance with Article 20 of the Regulations, Users have the right to receive personal data concerning them from Beventup in a structured, commonly used and machine-readable format. Users have the right to transmit this data to another data controller without Beventup obstructing this in the cases provided for in Article 20, paragraph 1, points a) and b) of the Regulation.
When the User exercises his right to data portability pursuant to the previous paragraph, he has the right to obtain that the personal data concerning him be transmitted directly from one data controller to another, when this is technically feasible. possible.
The exercise of the right to data portability is without prejudice to the right to erasure referred to in article 8.3. of the Charter. This right does not apply to processing necessary for the execution of a mission of public interest or relating to the exercise of public authority vested in the Data Controller.
The right to data portability does not infringe the rights and freedoms of third parties.
8.6. Right of opposition and automated individual decision-making
The User has the right at any time to object to the processing of their personal data due to their particular situation, including the automation of data processing carried out by Beventup. In accordance with article 21 of the Regulation, Beventup will no longer process personal data, unless there are legitimate and compelling grounds for the processing which override the interests and rights and freedoms of the User, or for the establishment, exercise or defense of legal rights.
8.7. Right to complain
The User has the right to lodge a complaint concerning the processing of his personal data by Beventup with the Data Protection Authority competent for Belgian territory. Further information can be found on the following website: https://www.autoriteprotectiondonnees.be/ .
Submission of a complaint can be made to the following addresses:
Data Protection Authority
35 Rue de la Presse
1000 Brussels.
Such. + 32 2 274 48 00
Fax. + 32 2 274 48 35
Email: contact@apd-gba.be
Or, by completing the appropriate form on the website of the Belgian Data Protection Authority at the following address: Submit a complaint | Data Protection Authority .
The User can also file a complaint with the court of first instance of his domicile.
ARTICLE 9. COOKIES
The Application uses cookies to distinguish Users. This helps provide Users with a better experience and improvement of the Application. The purposes and terms of use of cookies can be found in the “Cookies Policy” document, available at the following URL address: https://beventup.com/index.php/cookie-policy/ .
ARTICLE 10. LIMITATION OF LIABILITY OF THE CONTROLLER
10.1. References towards other sites
The Application may contain links to other websites or applications owned by third parties not linked to Beventup. The content of these sites and their compliance with the Law and Regulations are not the responsibility of Beventup.
10.2. Consent of minors
The holder of parental authority must give express consent for the minor under 13 to disclose personal information and/or data on the Application.
In accordance with Article 8(2) of the Regulation, the Data Controller shall make reasonable efforts to verify that consent is given or authorized by the holder of parental responsibility for the child, taking into account the means technologies available.
The Data Controller therefore undertakes an obligation of means and cannot be held responsible for the collection and processing of information and personal data of minors under the age of 13 whose consent is not effectively covered by that of their legal parents due – in particular – to incorrect data entered by minors concerning their age. Under no circumstances will personal data be processed by the Data Controller if the User specifies that he or she is under 13 years of age.
10.3. Data loss, corruption and theft
Beventup is not responsible for the loss, corruption or theft of personal data caused in particular by the presence of viruses or following computer attacks in compliance with article 11.
ARTICLE 11. SECURITY
The Data Controller implements organizational and technical measures to guarantee a level of security appropriate to the processing and collection of data. These security measures depend on the costs of implementation with regard to the nature, context and purposes of the processing of personal data.
The Data Controller uses standard encryption technologies within the IT sector when transferring or collecting data on the Application.
ARTICLE 12. MODIFICATION OF THE PRIVACY CHARTER
Beventup reserves the right to modify this Privacy Policy in order to comply with legal obligations in this matter.
In the event of modification, the Service Provider will publish the new Privacy Charter on the Application for 15 days. The User will then have a period of fifteen days to possibly end their use of the Application if the proposed new Privacy Charter does not suit them. The modifications will come into force the day after the expiration of this fifteen-day period and in the absence of reaction from the User within this period. As soon as they come into force, these modifications will be binding on the User. The Service Provider will also inform the User of the modifications by email to the address provided on their account.
ARTICLE 13. APPLICABLE LAW AND COMPETENT JURISDICTION
13.1. Applicable right
The provisions of this Charter are governed by and interpreted in accordance with Belgian law.
13.2. Amicable resolution
The parties to this Charter will endeavor, in good faith, to resolve by mediation any dispute arising from or relating to this agreement. Thus, any disagreement, whatever its nature, will first be notified by the User to the Data Controller at the e-mail address contact@beventup.com or by registered mail to the following postal address chemin Noulez 7, 7870 Lombise.
13.3. Competent courts and tribunals
If the parties do not reach a resolution of the dispute by mediation, the Courts and Tribunals territorially competent to hear the dispute are the courts of the judicial district of Brussels, unless these are not designated as territorially competent under of article 624, 1°, 2, or 4° of the Judicial Code.