Arkite NV, with registered office at C-Mine12, 3600 Genk, Belgium and registered with the CBE under number 0865.543.569 (hereinafter “Arkite ») values the right to privacy and is committed to ensure all personal data is obtained, processed and used in a safe, secure, ethical and transparent way.
Arkite therefore starts from the principle that everyone must have control over their personal data. Below, you will find information about what data Arkite collects, why, how long for and how you can control it.
The European General Data Protection Regulation 2016/679 of 27 April 2016 (“General Data Protection Regulation”), the law of 8 December 1992 (“Privacy Act”), the law of 13 June 2005 (“Electronic Communications Act”) and the accompanying implementing decrees, as well as any future changes hereto, regulate the protection of your personal data.(hereinafter, respectively ‘the GDPR’ and ‘the applicable legislation’).
2. WHO CONTROLS YOUR PERSONAL DATA?
“Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The personal data that Arkite collects and processes, primarily concerns the data that customers enter themselves via the various pages of our website(s) and that Arkite obtains through your use of our website(s) and/or our products and/or services.
Unless otherwise stated in the present Policy, Arkite acts as Data Controller of your personal data, and is thus responsible for the processing of your personal data under the applicable data protection legislation. In this capacity, Arkite determines both the purposes (‘why’) and the essential means (‘how’) of the processing of your personal data.
This does not detract from the fact that the customer has a number of obligations in connection with the processing of personal data that allows the customer to use Arkite’s products and services. In this capacity, the customer must always obtain, where necessary, the legally required authorisations from the end users for the processing of their personal data by Arkite insofar as necessary within the framework of Arkite’s products and services.
3. HOW WE COLLECT AND PROCESS YOUR PERSONAL DATA
3.1 Personal Data we collect about you
Because data privacy is of high importance for us, we intend to remain open and transparent about which personal data we collect and how we intend to use it.
As a general rule, Arkite will only collect your personal data where necessary for maintaining our relationship with you as business contact and as a (potential) customer. Depending on your exact relationship with us, both currently and in the future, Arkite may thus collect, use and disclose (i.e., process) the following types of personal data: contact information, such as your name, surname, email address and phone number and postal address for invoicing and delivery purposes.
3.2 Automatic collection of personal data
1. IP addresses
An IP address is a number assigned to your computer or internet enabled device whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate may be recorded for security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis.
3. Web beacons
A web beacon is a small image file on a web page that can be used to collect certain information from your computer, such as an IP address, the time the content was viewed, a browser type, and the existence of cookies previously set by the same server. Arkite only uses web beacons in accordance with applicable laws.
4. Location-based tools
Arkite may collect and use the geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
5. Social Media
Other information we collect may depend on the privacy settings you have set with your social media provider, so please review the privacy statement or policy of the applicable service.
3.3 Legal Grounds for Processing
Under the applicable legislation, personal data may only be collected and processed based on a limited number of legal grounds. At Arkite, we rely on one of the following bases to process your personal data:
- Necessity for the performance of a contract with you (e.g. for handling your payment details when you purchase software licenses from us); or
- Legal obligation to which Arkite is subject (e.g. medical regulations and traceability requirements); or
- Legitimate interests of Arkite (When Arkite has a justified interest in this, such as, for example, as the case may be, direct marketing, fraud prevention, internal administration management or monitoring of appropriate network and information security, in which case we always strive for a balance between that interest and respecting the privacy of the person concerned); or
- Your explicit and informed consent (e.g. when you request a trial license for our software products).
To process an application for our products and services.
To provide information about (new) products and services from Arkite.
Arkite may use personal data to offer (in writing, by telephone or electronically) new products, services or special promotions that Arkite believes may be of interest to you. Of course, you can opt out of this type of message.
To provide the best service and to inform about usage options.
Arkite uses personal data for setting up, maintaining and supporting products and services, and for administrative purposes.
To track performance.
We are always looking for ways to make our products and services smarter, faster, secure, integrated, and useful. We use information and collective learnings (including feedback) about how people use our products and services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration and to improve our Services and to develop new products, features and technologies that benefit our users and the public.
Arkite may use personal data and consumer profiles to evaluate its products and services. This includes, among other things: requesting feedback on services (for example, via market research), data obtained during answers to customer questions, fraud detection and quality assurance.
To keep track of studies, tests and statistics, including for trend analysis.
Arkite may use anonymous, aggregated data to, for example, report internally and externally on the use of its services. The data used for this cannot be traced back to a specific individual. The information that Arkite derives from these analyses is used to evaluate the current products and services portfolio and Arkite’s processes, and to adapt them to new developments.
Because ensuring technical support as well the efficient handling of complaints and queries is necessary for the provision most of our products and services, you understand and acknowledge that we may process personal data such as your name, contact details, client number, and IP addresses, as well as any other personal data we might come in contact with during the provision of customer support services.
To comply with legal obligations.
In many cases, Arkite is legally obliged to keep certain personal data and/or communicate them to government agencies, for example, in the context of general tax and accounting obligations. In the context of a police or judicial investigation, Arkite can be obligated to communicate certain data to the requisite authorities in a confidential manner.
4. HOW WE PROTECT YOUR PERSONAL DATA
Arkite is committed to the processing of your personal data in a lawful, fair and transparent manner. Arkite’s employees are trained to deal with confidential data correctly. In the case of privacy-sensitive projects, an assessment is also made with regard to security and the protection of personal data.
Accordingly, we guarantee that any processing of your personal data will be limited to what is necessary, adequate and relevant in order to achieve the purposes for which your personal data was collected. Moreover, Arkite will use anonymized or pseudonymized data whenever possible and technically feasible, e.g. for customer support, internal statistics or financial reporting purposes.
Because the protection of your personal data is essential to us, Arkite is also dedicated to protect the systems where your personal data is held in. For that reason, we have defined and implemented adequate technical and organisational measures in cooperation with our service providers, with a view to protect your personal data against any unauthorised access, unlawful use, accidental loss, corruption or destruction. This way, you can be confident that your personal data will be processed on a strictly ‘need to know basis’, when necessary and where appropriate.
Furthermore, since we are fully aware threats evolve and diversify and because we wish to sustain your trust throughout the years, we commit to regularly review and update our security measures and infrastructure, with a view to mitigate operational risks and maintain our security programs up to the latest industry-accepted standards and best practices.
5. EXTERNAL PARTIES WITH WHOM WE MAY SHARE YOUR PERSONAL DATA
Under no circumstances will Arkite sell your personal data to third parties.
To our legal successors and other companies within the Arkite group.
Where necessary for our service provision.
Where relevant and necessary for the purpose of the processing activity, we may however need to disclose your personal data to appropriate third-party recipients who have a need to know (e.g. financial institutions, in order to verify your payment details and because this is necessary for the performance of the contract).
When necessary to process an application for our products and services.
We work with third parties (“Resellers”) who provide consulting, sales, support, and technical services to deliver and implement customer solutions around our products and services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized sales and technical support, and to provide customizations.
In any case, Arkite shall restrict the access and transfer of your personal data to trusted third-party recipients only, who demonstrate an adequate level of data protection.
Moreover, each time your personal data is shared externally, this will be covered by strict data processing agreements. For all third parties, except Resellers, Arkite remains the Data Controller and the third-party recipients involved act as Data Processors. Consequently, the third-party recipients with whom we may share your personal data will be required to delete or return all the personal data to Arkite after the end of the provision of Services relating to the processing activity, and delete all existing copies (unless these third-party recipients are themselves legally required to further retain the personal data). With Resellers, we will become joint Data Controllers.
6. INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA
Arkite is headquartered in Belgium.
Arkite will thus remain responsible for the processing of your personal data and take the necessary measures to protect the processing thereof by relying on adequate data transfer mechanisms such as Standard Contractual Clauses or the EU-U.S. Privacy Shield.
7. HOW LONG WE KEEP YOUR PERSONAL DATA
As a general rule, Arkite only keeps your personal data for as long as necessary to fulfill the purposes for which we initially collected it. However, based on the type of personal data being processed and the processing purposes, the actual retention periods may vary significantly. In addition, there are laws and sectoral regulations that apply and which set minimum periods for retention of personal data.
Except when we need to retain your personal data for statistical purposes, to establish, exercise or defend legal claims or insofar as we are legally required to retain a copy of your personal data, Arkite shall either securely dispose of or permanently anonymize your personal data once we have fulfilled the initial processing purpose and further retention of your personal data is no longer necessary.
The effective retention period applicable to your personal data will depend on whether we process your personal data in the context of a contractual relationship with you or based on your explicit consent; whether we process the personal data for our own legitimate interests, or whether Arkite is legally obligated to retain the personal data for a specific period or to comply with specific legal obligations.
8. YOUR RIGHTS AS DATA SUBJECTS
Although Arkite is technically the Data Controller, the ultimate control over your personal data remains with you at all times, on condition that you provide us a proof of your real identity.
Consequently, and insofar you do not already have the information, the request is not manifestly unfounded or excessive, or if fulfilling your request does not appear unreasonably difficult, Arkite will handle your request at no cost, without undue delay, and in any case within one month upon its reception. We are entitled to extend this period by two additional months where the fulfillment of your request necessitates more time. In such case, you will be kept informed of the underlying reasons.
8.1 RIGHT OF ACCESS
You have the right to request access to a copy of the personal data we currently maintain about you in a commonly used format and obtain information regarding the processing, including whether we process your personal data for profiling purposes.
8.2 RIGHT TO RECTIFICATION
In case you notice an error in your personal data, you may request that we rectify the inaccurate personal data or complete your personal data. Arkite will notify your request to each third-party recipient with whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort.
8.3 RIGHT TO ERASURE
To the extent that (i) your personal data is no longer necessary for the initial purpose, (ii) the processing was based on your consent and you withdrew it, or (iii) you have already objected to the processing based on our legitimate interest, you have the right to request the erasure of your personal data from our systems without undue delay, and have us inform third-party recipients to whom we provided your personal data of this request, unless the latter proves impossible or involves disproportionate efforts.
8.4 RESTRICT OF PROCESSING
In case you contest the accuracy of your personal data, you have the right to request that we restrict the processing thereof, for the duration necessary to verify the accuracy within our systems. You may also request that we restrict the processing of your personal data to the mere storage thereof, insofar that we no longer need your personal data for our processing purposes, but you need it for the establishment, exercise, or defence of legal claims. If Arkite disclosed your personal data with third-party recipients, we will notify them of your request to a reasonable extent.
8.5 RIGHT TO OBJECT
You have the right to object at any time to the processing of your personal data by Arkite based on our legitimate interest.
8.6 DATA PORTABILITY
Where technically feasible, you may request Arkite to export the personal data we currently maintain about you in a structured, commonly used and machine-readable format and demand that we transmit your personal data to another company of your choice.
9. Changes to this policy
If we make any significant changes in the way we treat your personal data we will make this clear via our website.
10.DATA PROTECTION OFFICER
For further information regarding the processing of your personal data and your rights, please contact us by sending an e-mail to firstname.lastname@example.org. If you are not satisfied with the way we handled your request, you have the right to request the restriction of our use of your personal data and lodge a complaint with the supervisory authority responsible for the protection of personal data in your country of residence.