Version 1.0 – Latest update: 07/12/2020

Thank you for visiting our website. We welcome your interest in our products and services, including professional appointment management.

With us you can count on high-quality service. The protection of your personal data is extremely important to us. We make every effort to protect your privacy and ensure that you can safely entrust us with your personal data. Thus, we always handle your personal data in a secure and discrete manner, and appropriate security measures have been taken to prevent the loss, modification, unauthorized access and/or any other unlawful processing of your personal data.

We also want to be transparent about how we process your personal data and what we do with your personal data. You can read about this in this privacy statement.

1. Who are we?

The Appoint website, https://appoint.be/, is operated by APPOINT BV, whose registered office is at Weg naar Zwartberg 18/2, 3660 Oudsbergen, with company number 0676.765.436, (hereinafter referred to as “Appoint”, “we” or “us”).

You can always reach us at the following contact details:

Appoint BV – Pascal d’Helft

Weg naar Zwartberg 18/2

3660 Oudsbergen

+32 (0)89 390839

info@appoint.be

We always process your personal data in accordance with the applicable legal provisions for the protection of personal data, including the Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter, the “AVG”) and national implementing legislation.

2. Some concepts explained

The term “personal data” means any information relating to an identified or identifiable natural person (the “data subject”). An identifiable is considered a natural person who can be directly or indirectly identified on the basis of one or more elements. Those elements include, for example, your name, first name, date of birth, telephone number and e-mail address, as well as your IP address.

The term “processing” is very broad and covers, among other things, the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, dissemination, combination, archiving and deletion of data.

3. Controller of your personal data (“Processor”)

Appoint is responsible for processing your personal data.

It is, as the law calls it, the “controller” of your personal data. Specifically, this means that Appoint determines the purpose and means of processing your personal data with the Data Protection Officer as :

Dylan Verhulst | Lawyer at Monard Law CVBA acting as independent external DPO

Gouverneur Roppesingel 131 | 3500 | Hasselt | +32 11 28 15 00 | Privacy@appoint.be

4. When do we collect your personal data?

Among other things, we collect personal data when you:

• use our website;
• use the chat function on our website;
• order a product or service from us and communicate with us in that context;
• request a quote on our website;
• books an online demo;
• requests remote support;
• calls us to report a bug or ask a specific question about the calendar software;
• gives permission for us to access, store, use and/or share your Google user data. You will always be informed what data will be processed and for what purposes;
• follows us on social media (e.g., Twitter, Facebook, LinkedIn, Instagram);
• contacts us by other means (e.g. by phone, post or email).

In Title 5, you can read exactly what personal data we process, for what purposes and on what legal basis.

We also use cookies and plugins primarily to permanently optimize our website for users. For more specific information on the cookies and plugins that we use, please consult our cookie policy.

We do not intend to collect personal data from persons under 13 years of age. These young people may not transfer personal data to us without the consent of the person who has parental responsibility over them or provide a consent form.

5. What personal data do we process, why and based on what legal basis?

The table below tells you: what categories of personal data we process (column 1), why we do so (the “purposes”) (column 2) and on what legal basis the processing is based (column 3).

After all, each processing of your personal data is done for one or more specific purposes.

In addition, there is always a demonstrable legal basis for each processing. The applicable legal basis, which you can find in the third column ‘legal basis’, has the following meaning:

• ‘Consent’: you have consented to the processing of personal data for one or more specific purposes;
• ‘Legitimate interests’: the processing of personal data is necessary for the protection of the balanced legitimate interests of Appoint or a third party;
• ‘Agreement’: the processing is necessary for the performance of an agreement to which you are a party;
• ‘Legal obligation’: the processing is necessary to comply with a legal obligation incumbent on us as the processing controller.

Where appropriate, we indicate what personal data is required to be provided.  If you fail to share this personal data with us, we may not be able to provide you with the products services you require.

Appoint’s use of information received through Google APIs will comply with the Google API Services User Data Policy, including requirements for restricted use of this data.

6. Your privacy rights

To give you more control over the processing of your personal data, you have many rights. These rights are established, among others, in Articles 15-22 AVG.

You have the following rights:

The right to access the personal data we process about you (Art. 15 AVG):

You have the right to learn from us at any time whether or not we are processing your personal data. If we are processing them, you have the right to inspect these personal data and we will provide you with certain additional information about them.

If we cannot give you access to your personal data (for example, because of legal obligations), we will let you know why this is not possible.

You may also obtain a free copy, in an understandable form, of the personal data we process about you. Please note that we may charge a reasonable fee to cover our administrative costs for each additional copy you request.

The right to oblivion or to ask us to erase your personal data (Art. 17 AVG):

You may ask us to erase your personal data in certain cases. In this case, however, you should bear in mind that we may no longer be able to offer you the desired services. Please also note that there are circumstances in which you cannot exercise this right. We will inform you of this in our response to your request.

The right to rectification and supplementation (Art. 16 AVG):

If your personal data is incorrect, outdated or incomplete, you can ask us to have these inaccuracies or incompleteness corrected.

The right to transferability of personal data (art. 20 AVG):

You also have the right, under certain conditions, to have us transfer the personal data you have provided to us for the performance of the contract or for which you have given your consent to another data controller. Insofar as it is technically possible, we will transmit your personal data directly to the new controller.

Right to restriction of processing (Art. 18 AVG):

In certain cases, you also have the right to ask us to restrict the processing of your personal data.

The right to object (Art. 21 AVG):

You may, based on your particular situation and in certain circumstances, object to the processing of your personal data. In such cases, we will not further process your personal data.

The right to withdraw your consent (Art. 7 AVG):

If your personal data are processed on the basis of your consent, you may withdraw this consent at any time upon simple request.

7. Exercising your rights

To exercise these rights, please contact us by e-mail at the following e-mail address: info@appoint.be.

In order to verify your identity, we ask you to send a copy of the front of your identity card. We do this to ensure that third parties cannot access your data and thus keep it confidential, in accordance with the provisions of the AVG.  As soon as we receive this information, we will make the necessary efforts to answer your request within the legal deadline of 1 month. We do not keep a copy of the identity card, but only verify your identity, after which this data is immediately deleted.

You may exercise all these rights free of charge, unless your request is manifestly unfounded or excessive (for example, due to its repetitive nature). In this case, we have the right to charge you a reasonable fee or refuse to act on your request.

8. Passing on to third parties

We will only pass on your personal data to third parties in accordance with statutory provisions, if you have given your consent or if this is necessary for our services.

Furthermore, we do not transfer personal data to third parties unless we are obliged to do so on the basis of mandatory legal provisions (e.g. transfer to external bodies, such as supervisory or law enforcement authorities).

9. Categories of recipients

Within our company, we ensure that your personal data is only accessible to persons who need it to fulfill contractual and legal obligations.

In certain cases, we are supported in the performance of our tasks by external service providers (e.g. IT service providers, payment service providers, etc.). With regard to data protection, an agreement has been concluded with all these service providers to ensure that they manage your personal data securely, respectfully and with due diligence.

10. Transfers to third countries

We transfer your personal data to processors or controllers in third countries only insofar as we are legally entitled to do so or if this is necessary for the performance of our services.

To the extent that such transfers are necessary, we take the necessary measures to ensure that your personal data is highly protected and that all transfers of personal data outside the EEA are lawful. If there is a transfer to a country outside the EEA, for which the European Commission has not determined that the country provides an adequate level of protection, the transfer is always subject to an agreement that meets all requirements for transfers to third countries, such as the approved standard data protection clauses established by the European Commission.

11. Security of your personal data

We have taken all reasonable and appropriate technical and organizational security measures to best protect your personal data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. For example, we always keep your personal data in a secure location so that third parties cannot access your personal data.

12. Retention of your personal data

We retain your personal data for as long as it is necessary to accomplish the intended purpose. Please note that numerous (legal) retention periods mean that personal data may (have to) be stored for some time. Insofar as no retention obligation exists or after the retention obligation has expired, your data will be deleted.

In addition, we may retain personal data longer if you have given us your consent to do so or if we reasonably estimate that we still need this data in connection with legal proceedings. In the latter case, we may use certain personal data as evidence. For this purpose, we retain certain personal data in accordance with the statutory limitation period, which in most cases is ten years.

Complaints?

We make every effort to protect your personal data. If you have a complaint about the way we process your personal data, please notify us using our contact details so that we can address it as soon as possible.

You can also complain to the data protection supervisory authority. The authority overseeing our organization is the Data Protection Authority:

Website:

https://www.gegevensbeschermingsautoriteit.be

Contact details:

Data Protection Authority

Press Street 35, 1000 Brussels

+32 (0)2 274 48 00

+32 (0)2 274 48 35

contact@apd-gba.be

Do you still have questions?

Then feel free to contact us by phone, e-mail or letter. We will be happy to answer your questions.

Changes

To accommodate feedback or reflect changes in our processing operations, we may amend this privacy statement from time to time. We therefore invite you to always consult the latest version of this statement on our website.