I.            Preamble

Our main objective is to optimise the distant and mobile activities of companies. In order to provide you with this service, we need to collect personal data. When collecting and processing this personal data, we keep in mind the importance you attach to the confidentiality of your personal data.

1. We undertake to remain transparent regarding the collect and process of your personal data.

We ensure that you are perfectly informed of the data (concerning you or provided by you) that we collect and process, the purposes, the storage period and any third parties who have access to them.

2. We make sure that you retain control of your personal data

The collect and processing of data will only be carried out for the purposes determined by the data controller. The data subject remains the owner of his or her rights over his or her personal data and may exercise them at any time.

3. We protect your data

We deploy all means that may be reasonably implemented to prevent your personal data being diverted for improper purposes.

 

II.           General principles regarding the collect and processing of personal data

 

In accordance with the provisions of Article 5 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data (hereinafter "GDPR"), the collect and processing of personal data of the application’s Users comply with the following principles:

-       Lawfulness, fairness and transparency: Data may only be collected and processed with the consent of the User who owns the personal data. The User shall be informed that his data is collected and for what purposes;

-       Limited purposes: The collect and processing of personal data is carried out to meet one or more of the purposes set out herein. The Solution Provider will collect personal data for specified, explicit and legitimate purposes, and undertakes not to further process it in a manner incompatible with such purposes; 

-       Minimisation of the collect and processing of personal data: Only the data necessary for the proper performance of the purposes set by the data controller is collected; 

-       Retention of personal data reduced in time: Personal data are only kept for a limited period of time, of which the User is informed. When this information cannot be communicated, the User is informed of the criteria used to determine the storage period;

-       Integrity and confidentiality of the data collected and processed: The data controller undertakes to guarantee the integrity and confidentiality of the personal data collected.

In accordance with the requirements of Article 6 of the GDPR, the collect and processing of personal data may only take place if it complies with one of the conditions listed below:

-       The User has expressly consented to the processing;

-       The processing is necessary for the proper execution of a contract;

-       The processing meets a legal obligation;

-       The processing may be necessary for the performance of a task carried out in the public interest or in the exercise of official authority;

-       The processing is necessary to protect the vital interests of the data subject or of another natural person;

-       The processing and collect of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.

For the purposes hereof, the terms below shall be defined as follows:

-       Personal data: any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity;

-       Processing of personal data ("processing"): any operation or set of operations which is performed upon personal data, whether or not by automatic means, in particular the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction;

-       Controller: the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller may be designated or specific criteria for his or her designation may be laid down by Union law or the law of a Member State;

-       Processor: the natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller;

-       Customer: means the person using the services offered by the Solution Provider.

-       Customer: means the person using the services offered by the Solution Provider. User: means a person authorised by the Customer to access and use the services.

-       Solution Provider: refers to the company, legal entity or natural person, that proposed and signed the purchase order and the contract with the Customer.

III.          Data collected by the Solution Provider as Controller

 

The data collected by the Solution Provider acting as Controller are as follows

  • User contact data such as surname, first name, position, e-mail address, telephone number
  • Data about your company, such as the name of the company, sector of activity, address, country

These personal data are collected and processed to enable the creation and administration of User accounts, to enable the Solution Provider to process your requests and respond to your messages.

Please note that in order to perform the processing activities mentioned above, the Solution Provider relies on its legitimate interest which requires it to ensure appropriate communication and exchange of information between you and the Service Provider.

We retain your personal data for as long as your account is active. You may exercise your rights of access, rectification, deletion, portability or objection by written request to the Solution Provider's support department.

We do our best to keep your personal data accurate and up to date as long as you provide us with the information we need to do so. If your personal data changes (for example, if you have a new email address), you are responsible for notifying us.

IV.          Data collected by the Solution Provider as a Subcontractor :

The data collected by the Solution Provider acting as a Subcontractor, at the request of the Customer for the use of the Services and the application, are as follows:

  • Customer personal data: name, postal address, country, VAT number, name of contact, e-mail address, mobile phone number, telephone number, language, time zone, BCE (central business database) (CAW), list of workers, list of subcontractors (CAW), users
  • User contact personal data, such as surname, first name, e-mail address, language, time zone
  • Data on your company, such as the name of the company, the ID of the social secretariat
  • In the context of Checkin@Work, the contact data of the worker, such as working partner status (CAW), share register status, validity end date, nationality of foreign worker, A1 form, A1 form expiry date, NISS (national registration number / Limosa (declaration for foreign workers, Limosa, home postal address
  • Unique identifiers, such as user name
  • Name and e-mail address receiving notifications and alarms when these functions are activated
  • Information on the vehicle and the way it is driven: location of vehicle, data relating to acceleration and engine (fuel consumption, engine speed and odometer reading, start/stop time, stop time with engine running, distance covered, braking, bends, acceleration, levels and condition of the battery, engine charge, acceleration level; useful information for diagnosis). The precise nature of the data collected depends on the transmission equipment installed in the vehicle.
  • In addition to the above, the following personal data may be collected:
    In order to manage customer relations, our customers can collect the surname, first name, e-mail address, identification type, the key to your contacts via the "import contacts” function.
  • Other drivers of your vehicle: If you share your vehicle with other drivers and it has a telematics box, it is your responsibility to explain to them that the data on driving and on the vehicle generated by this box are collected and used to prepare reports to which you have access.

These personal data are collected as part of the use of the service(s) made available by the Solution Provider. The contract subscriber (or the fleet manager) decides on the ends for which these personal data will be used, third parties who will have access to them and the period of time they will be kept. Please consult the contract subscriber for more details. This is usually the owner of the vehicle or the person having leased it.

The processing of these personal data is necessary for the execution of the contract to which the Customer and the Solution Provider are parties. This allows the Solution Provider to send you communication about the Service(s) (notifications, maintenance, news,...), to evaluate your business needs and determine or suggest appropriate products, to respond to customer service requests and to facilitate your transactions with other users when you use our Service(s).

As a Subcontractor, the Solution Provider only collects and processes personal data expressly required by the Controller on the basis of the contract binding these two parties.

We will retain your information for as long as necessary to provide you with our services as decided by the end customer. We may also retain and use your personal data to comply with our legal obligations, resolve disputes, prevent misuse and enforce our agreements.

The Solution Provider collects personal data on behalf of its Customers and has no direct connection to the people with whom its Customers may interact using the Service(s). If you are a customer of one of our integrator customers ("end customer") and you no longer wish to be contacted by that integrator, please inform them of your requests. A user seeking access or seeking to correct, amend or delete personal data should address his or her request to the support service (the data controller). If you are asked to delete personal data, the support service will respond within a reasonable time. On request, we will provide you with information on whether we hold or process personal data on behalf of third parties.

V.           Data processing

 
Concerning personal data storage, the box automatically downloads the data collected and sends them to our software solution hosted on our servers.

Your personal data are stored within the European Union and are processed in accordance with European legislation on data protection. The solution Provider uses security methods based on the standards in the sector in order to protect personal data stored and transmitted against any unauthorised access.

Unless otherwise indicated in this Policy, your personal data will never be sold or shared with other companies or organisations for commercial or other purposes. We can transfer personal data to our companies in the group and subcontractors who assist us to provide our services. Subsequent transfers to third parties are covered by the service contracts with our subcontractors. Such subcontractors may include processors who process your personal data but are not authorised to store, keep or use such data.

Other data, such as the terminal models of the end customer and the IP address, are also captured by the Service or Services. These personal data is not used by the Solution Provider, except for the purpose of overall analysis to make strategic choices and target future communication with end customers. The content and text or other messages created by you or your end customers to be sent to or shared with other Users are stored on our servers and are not, under any circumstances, processed by our services.

When you access or use our websites or service(s), or provide information to us, you consent, on behalf of yourself, your agents or your end customers, (and indicating that you are authorised to provide such consent) to the processing. We will take all steps reasonably necessary to ensure that your personal data is processed securely and in accordance with this Policy. We may enter into agreements with our customers located in the EEA to give them access to our Service(s), which includes the processing of information relating to End Customers. We pay particular attention to the processing of your personal data. Therefore, when transfers outside the EEA are made, the Solution Provider will comply with the EU standard clauses with those entities that process your personal data.

It is the responsibility of our integrator customers to inform end customers and obtain the necessary consent for any personal data collected through the use of the service(s) by the customer.

VI.          Application mobile

When you download, install and use our mobile applications, we automatically collect data on the type of device you are using, the version of the operating system and the device identifier (or "UDID").
From time to time, we send you push notifications in order to keep you informed of planned events or notifications. If you no longer wish to receive this type of message, you can deactivate them from the device. To ensure that you receive appropriate notifications, we will need to collect certain data about your device, such as the operating system and the user identification data.

We collect your location data in order to enable the application to fulfil its objective. We only share these personal data with our cartography supplier, solely with the aim of providing you with this service.
You can deactivate the location-based services at any time by modifying the setting on the device.
We use a mobile analysis software program to enable us to better understand the functionality of our mobile application on your mobile or portable device. This mobile application can record data such as the frequency with which you use the mobile application, the events that occur in the mobile application, approved use, performance data and the place where the mobile application was downloaded. We do not link the data that we store in the analysis software program to any identifiable personal data that you enter in the mobile application.

VII.        Analysis

The Solution Provider uses a third-party software program for statistic analysis. All the data on the measures collected from your use of the Service or Services must be forwarded to the analysis supplier. These personal data are used to assess how users use the applications and to compile statistical reports on activity and functionalities. We use these personal data to maintain, improve or add to the functionalities of the Service or Services and to improve the customer experience. The third-party analysis software program does not access your personal data and will not associate your personal data with other data they hold.

VIII.       Cookies

The Solution Provider is likely to obtain information automatically but this may not, under any circumstances, be associated with an individual. The software solution is thus likely to access data already stored in your electronic communication terminal equipment and to enter data there. The software solution uses exclusively ‘strictly necessary’ cookies which do not require your prior consent.

These cookies are used to enable and facilitate browsing on the software solution, in particular by memorising your browsing preferences defined during your session, such as language / display services in the screen resolution and the style sheet adapted to your computing equipment / produce anonymous statistics on visits / the type of internet browser used / the user’s computer system / the domain name through which the user accessed the applications.

These cookies cannot, technically, be deactivated from the software solution. However, you can object to the use of these cookies, exclusively by means of your browser settings. The settings you can define depend on the browser you use but this usually easy to do: in principle, you can either activate a private browser function or only forbid or restrict the cookies.

IX.          Modifications of the Privacy Policy

The Solution Provider reserves the right to modify and update its privacy policy at any time to ensure compliance with applicable law. These modifications and updates are binding on the User, who must therefore regularly refer to this section in order to be informed of the latest changes that will be made.