Privacy Policy

OUTPUSH PRIVACY POLICY

Version of May 17, 2023

Confidentiality is very important to us, and we are committed to protecting it. This Policy details what we do with Your personal information.

Reference version: https://outpush.io/fr/politique-de-confidentialite/

    1 What service do we provide? Who are we?

    2 Why do We process Your data and on what grounds?

    2.1 Concerning Customers and Prospects

    2.2 Regarding End Users

    3 What personal data do We process?

    4 Who do We share Your personal data with?

    4.1 With service providers, contractors or other third parties

    4.2 With public authorities

    4.3 As part of a transaction

    5 How long do We keep Your personal data?

    6 What rights do You have over Your personal data?

    6.1 The right of access

    6.2 The right to rectification

    6.3 The right to erasure

    6.4 The right to be forgotten

    6.5 The right to restriction of processing

    6.6 The right to object

    6.7 The right to portability

    6.8 Withdrawal of consent

    7 How to exercise Your rights?

    8 Are your personal data transmitted abroad?

    9 Contact us ? Submit a complaint to a data protection authority?

    10 How do I know if this Policy has changed?

    11 Glossary of the main legal terms used in this Policy

    • What service do we provide? Who are we ?

    This Personal Data Protection Policy (hereinafter the “Policy”) concerns personal data processed as part of a service consisting of using the settings of the Internet browser, to send the user who desires messages that may be commercial in nature (the “Service”).

    Given permissions and other Service settings are managed by the user directly in the browser; For example :

    The Service is administered by eLabz (herein referred to as “We” or the terms “Us”, “Our”, etc.), in conjunction with the site(s) that End User has authorized ) to send it messages regarding its (their) products and services or those of partners:

    eLabz

    Rue de Roumanie, 13

    1060 Brussels

    Belgium

    N° BCE : BE0766257834

    Mail : hello@outpush.io 

    Persons other than Us who are involved in the service are:

    • A “Customer” means the site manager affiliated with the Service, whoEast authorized by the User to send him messages (push notifications).
    • An “End User”: the visitor to the Customer’s website, who authorizes the Customer to send him messages (push notifications).
    • “You”: Customer and End User.

    Our primary concern is to process Your personal data with the utmost care and to ensure the best level of protection in accordance with Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data. personal data and on the free movement of such data (hereinafter “GDPR”) and the national law applicable in this matter.

    This Policy informs You about:

    • the personal data We collect about You and the reasons for collecting it;
    • how We use Your personal data;
    • the rights You have over Your personal data and the means to exercise them.

    A glossary of the main legal terms used in this Policy is available below.

    eLabz SRL participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. eLabz SRL operates Consent Management Platform with the identification number 1243.

    • Why do We process Your data and on what grounds?

    • Concerning Customers and Prospects

    We process data as data controller, for the following purposes and on the following grounds:

    Purposes Legal basis
    1

    Management of pre-contractual relations

    We process your personal data in order to respond to requests and/or questions that We receive (in particular via the contact form on Our site)

    We have a legitimate interest in processing personal data when it allows us to respond to requests and/or questions received (Article 6.1.f) of the GDPR). It may also involve processing necessary for pre-contractual measures (Article 6.1.b) of the GDPR).
    2

    Marketing to our Customers and non-customers, including:

    • sending newsletters and promotional offers;
    • the sending of information letters (newsletters), promotional offers and the display of other communications (in particular when you browse our site) personalized to your profile;
    • sending requests to participate in satisfaction surveys
    • the display of advertisements on third-party sites and applications, including social and advertising networks.

    We have a legitimate interest in processing the personal data of our Customers (in particular those obtained directly within the framework of the affiliation to the Service) in order to inform them about the Service and the other services likely to interest them and to retain them. /re-engage including via third-party sites or applications, as well as social and advertising networks.

    Pursuant to Article XII.13(1) of the Code of Economic Law and the Royal Decree of 4 April 2003, we process, after having obtained prior consent, personal data relating to the electronic contact details of non- customers in order to inform them of the products and promotions available on the site which are likely to interest them.

    In order to offer you the most relevant experience possible, We may personalize e-mails, the browsing experience and other communications subject to having obtained your prior explicit consent (Articles 6.1.a) and 9.2.a) of the GDPR).

    We have a legitimate interest in processing personal data for sending and publishing press releases (Article 6.1.f) GDPR).

    3

    The organization of contests

    The data of participants in a competition are processed with the aim of ensuring the smooth running of the Competition, in particular to contact the winners and give them their prize in an efficient and rapid manner in the event of a win.

    The performance of a contract concluded with you (Article 6.1.b) of the GDPR), in this case a contract for participation in a competition.
    4 Managing a file of contact persons for the purposes of influencer marketing campaigns

    We build and use a file of addresses of bloggers and influencers in order to develop and strengthen our brand image, improve our visibility, etc.
    We have a legitimate interest in processing this personal data for the purposes of developing and strengthening our brand image (Article 6.1.f) of the GDPR).
    5

    Customer management

    We process personal data to carry out operations relating to customer management, in particular concerning: the conclusion and execution of contracts; the bills ; accounting and in particular the management of customer accounts; the list of people for whom We reserve the right to refuse the contract or with whom we have terminated the commercial relationship, in accordance with our general conditions. 

    The performance of a contract (Article 6.1.b) GDPR).
    6

    Contract management and the fight against fraud

    All the information provided by the Customer, when encoding the data inherent in his contract, is in particular necessary for its execution.

    The performance of a contract (Article 6.1.b), GDPR).

    We have a legitimate interest in collecting and using personal data in the context of fraud management (Article 6.1.f) of the GDPR).
    7 The management of people’s opinions on Our Services or content We have a legitimate interest in processing personal data relating to the opinions published on our site since these allow us to identify the strengths and weaknesses of the products, services and content that we offer (Article 6.1.f) of the GDPR).
    8

    Customer relationship monitoring

    We carry out satisfaction surveys, answer questions and manage complaints as well as all the usual activities within the framework of after-sales service.

    The performance of a contract (Article. 6.1.b), GDPR).

    We have a legitimate (commercial) interest in collecting and using personal data to measure and ensure customer satisfaction (Article 6.1.f) GDPR).
    9 Dispute management

    The performance of a contract (Article 6.1.b), GDPR).

    We also have a legitimate interest in processing personal data for the defense of our interests, in particular but not exclusively in the context of a dispute or legal action (Article 6.1.f) of the GDPR)

    10

    Statistics

    “Statistical purposes” means any operation of collection and processing of personal data necessary for statistical surveys or the production of statistical results. These statistical results may also be used for various purposes, including for the purpose of improving our websites, products and services. Statistical purposes imply that the result of the processing for statistical purposes does not allow any identification of the persons whose information has been used.

    We have a legitimate interest in processing the personal data of our Customers in order to improve the websites, products and services offered and to have a better understanding of the target audiences (Article 6.1.f) of the GDPR)
    11 The acquisition of new customers targeted on their resemblance to existing Customers We have a legitimate interest in asking third-party service providers, including social or advertising networks, to search among their customers or members for prospects targeted on their resemblance to our Customers, in order to display them advertisements relating to the Service subject to compliance appropriate safeguards.

    • Regarding End Users

    We process data as data controller, together with Our Clients, for the following purposes and on the following grounds:

    Purposes Legal basis
    12

    Sending messages, which may be of a commercial nature

    The Service consists of sending messages via the Internet browser of the End User in order to inform him about the products and services of Customers and their partners, and to promote them (see above).

    The End User has authorized the Customer (Article 6.1.a) of the GDPR).

    We have a legitimate (commercial) interest in collecting and using End User data to develop the Service, measure its success and adapt it (Article 6.1.f) of the GDPR).

    The authorizations given and the parameters of the Service are managed by the user directly in his browser (see above). The End User can consult the list of Clients he has authorized, manage authorizations and withdraw them to no longer receive messages in the future.

    13

    The personalization of messages according to their (un)success

    Based on the use of the Service by the End User, in particular its responsiveness to messages received from all Customers, We adapt the content of subsequent messages to offer them content that is appropriate with their presumed centers of interest.

    The End User has authorized the Customer (Article 6.1.a) of the GDPR).

    We have a legitimate (commercial) interest in collecting and using End User data to develop the Service, measure its success and adapt it (Article 6.1.f) of the GDPR).

    14

    The personalization of messages according to the navigation of the End User

    Based on the sites visited by the End User, We adapt the content of subsequent messages to offer him content in line with his presumed centers of interest.

    The End User has authorized the Customer (Article 6.1.a) of the GDPR).

    We have a legitimate (commercial) interest in collecting and using End User data to develop the Service, measure its success and adapt it (Article 6.1.f) of the GDPR).

    15

    The personalization of messages according to the use of social networks by the End User

    Based on the use of social networks by the End User, We adapt the content of subsequent messages to offer him content in line with his presumed areas of interest.

    The End User has authorized the Customer (Article 6.1.a) of the GDPR).

    We have a legitimate (commercial) interest in collecting and using End User data to develop the Service, measure its success and adapt it (Article 6.1.f) of the GDPR).

    16

    The organization of contests

    The data of participants in a competition are processed with the aim of ensuring the smooth running of the Competition, in particular to contact the winners and give them their prize in an efficient and rapid manner in the event of a win.

    The execution of a contract concluded (Article 6.1.b) of the GDPR), in this case a contract of participation in a competition.

    We have a legitimate (commercial) interest in developing the Service and ensuring its success (Article 6.1.f) of the GDPR).

    17 The management of people’s opinions on Our Services or content We have a legitimate interest in processing personal data relating to the opinions published on our site since these allow us to identify the strengths and weaknesses of the products, services and content that we offer (Article 6.1.f) of the GDPR).
    18 Dispute management We also have a legitimate interest in processing personal data for the defense of our interests, in particular but not exclusively in the context of a dispute or legal action (Article 6.1.f) of the GDPR)
    19

    Statistics

    “Statistical purposes” means any operation of collection and processing of personal data necessary for statistical surveys or the production of statistical results. These statistical results may also be used for various purposes, including for the purpose of improving our websites, products and services. Statistical purposes imply that the result of the processing for statistical purposes does not allow any identification of the persons whose information has been used.

    We have a legitimate interest in processing the personal data of the End User in order to improve the websites, products and services offered and to have a better understanding of the target audiences (Article 6.1.f) of the GDPR)
    20 Acquiring new End Users based on their resemblance to existing End Users We have a legitimate interest in asking third-party service providers, including social or advertising networks, to search among their customers or members for prospects targeted on their resemblance to our Customers, in order to display them advertisements relating to the Service subject to compliance appropriate safeguards.

    • What personal data do We process?

    We detail below the personal data that We collect or process as well as the reason for the processing and how they are collected.

    Data Categories Purposes concerned
    Identification data 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 16, 17, 18.
    Financial and bill payment data 1, 2, 5, 6, 8, 9, 10, 18, 19.

    Electronic identification data

     

    Including: IP address, record of connections, device used, browser used and its version, encrypted password, identifier (unique UUID subscription identifier randomly generated by Us), user agent (the user agent of the subscriber. For example Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36), Some push keys and endpoints (browsers provide a unique endpoint when the user registers to receive notifications, as well as two encryption keys).

    1, 2, 3, 5, 6, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 20.
    Online behavior data 2, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 20.
    Data relating to contributions, free fields and comment areas 1, 2, 3, 5, 6, 7, 8, 9, 10, 11, 16, 17, 18, 19.
    Data relating to offenses 6, 9, 18.
    Data relating to the follow-up of the commercial relationship 5, 6, 8, 9, 10, 11, 18, 19.

    • Who do We share Your personal data with?

    • With service providers, contractors or other third parties

    In order to pursue the purposes listed above, We entrust certain processing tasks to subcontractors. We may also communicate Your data to service providers and/or contractual and commercial partners who may intervene in the context of the processing of personal data referred to above (articles 3 and 4) and may thus have access to Your personal data.

    Sub-contractor/service provider or other third party concerned by the sharing of Your personal data Location(s) of the subcontractor/service provider or other third party
    Hosting service providers EU et hors EU.
    Social media and social media strategy optimization service providers UE et hors UE
    Advertising networks for sending specialized content by push notification UE

    We may modify the list of Our subcontractors to add or delete some, ensuring that the use of subcontractors does not put Us in a position of not being able to honor our commitments.

    • With public authorities

    In response to legal requests, including to meet national security or law enforcement requirements (such as, for example, NSSO, tax authorities, etc.).

    • As part of a transaction

    During transactions such as a merger, acquisition, consolidation or sale of assets, we may share your personal data with buyers or sellers.

    • How long do We keep Your personal data?

    We have defined criteria concerning the retention period of the Personal Data of the persons concerned by our services. This duration varies according to different objectives and must take into account any legal obligations aimed at keeping some of this Data.

    If applicable, if a contract has been concluded between You and Us, this period corresponds in any case to the duration of the said contract.

    End User data is not retained after End User consent is withdrawn.

    For the rest, Personal Data is not kept for a period that exceeds the period necessary for the prescribed purposes.

    • What rights do You have over Your personal data?

    We want to inform You as clearly as possible of the rights You have over Your personal data.

    • The right of access

    You can access all of the following information about:

    • The categories of personal data We collect about You;
    • The purposes for which We use them;
    • The categories of persons to whom Your personal data has been or will be communicated and in particular persons who are located outside of Europe;
    • The length of time Your personal data is retained in Our systems;
    • Your right to ask Us to correct, erase Your personal data or restrict the use We make of Your personal data and the right to object to such use,
    • Your right to lodge a complaint with a European Data Protection Authority;
    • Information about its source where We do not collect Your personal data directly from You;
    • How Your personal data is protected when it is transferred to countries outside of Europe.
    • The right to rectification

    You can ask Us to correct and/or update Your personal data.

    • The right to erasure

    You can contact Us at any time to ask Us to delete the personal data We process about You, if You are in one of the following cases:

    • Your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
    • You have withdrawn your consent on which a processing of Your personal data by Us is based;
    • For a reason of Your own, You consider that one of the processing operations pursued infringes Your privacy and causes You excessive damage;
    • You no longer wish to receive commercial solicitations from us;
    • Your personal data is not processed in accordance with GDPR and Belgian law;
    • Your personal data must be erased to comply with a legal obligation which is provided for by European Union law or by the national law to which We are subject.

    However, We may not be able to comply with your request. Indeed, it should be kept in mind that this right is not absolute. We must balance it with other important rights or values, such as freedom of expression, compliance with a legal obligation to which We are subject or important public interest reasons. 

    • The right to be forgotten

    Our Site may contain personal data about You. If You no longer want them to appear there, You can ask Us to delete them if You are in one of the following cases:

    • Your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
    • You have withdrawn your consent on which a processing of Your personal data by Us is based;
    • For a reason of Your own, You consider that one of the processing operations pursued infringes Your privacy and causes You excessive damage;
    • You no longer wish to receive commercial solicitations from us;
    • Your personal data is not processed in accordance with GDPR and Belgian law;
    • Your personal data must be erased to comply with a legal obligation which is provided for by European Union law or by the national law to which We are subject.

    However, We may not be able to grant your right to be forgotten request. Indeed, it should be kept in mind that this right is not absolute. We must balance it with other important rights or values, such as freedom of expression, compliance with a legal obligation to which We are subject or important public interest reasons.

    • The right to restriction of processing

    You have the right to ask Us to limit Your data, i.e. the marking (for example, a temporary movement of Your data to another processing system or a blocking of Your data making it inaccessible) of Your stored personal data, with a view to restricting their future processing.

    You can exercise this right when:

    • the accuracy of the data in question is disputed;
    • Your personal data is not processed in accordance with GDPR and Belgian law;
    • the data is no longer necessary to achieve the purposes initially intended but cannot yet be deleted for legal reasons (in particular for the recognition, exercise or defense of Your rights in court);
    • the decision on your objection to the processing is pending.

    In the event of limitation of processing, Your personal data will no longer be subject to any processing without your prior consent, with the exception of their retention (storage).

    Your personal data may nevertheless still be processed for the establishment, exercise or defense of legal rights, or for the protection of the rights of another legal or natural person, or for important reasons of public interest. in the Union or Member State.

    In the event of restriction of the processing of certain of Your personal data, We will keep You informed of the moment when the measure will be lifted.

    • The right to object

    You can object to the use of Your personal data for the purposes of commercial solicitations, and in particular, advertising actions.

    You have the right to object to Us processing Your personal data if, for Your own reason, You consider that one of the processing operations infringes Your privacy and causes You excessive damage.

    You cannot, however, prevent Us from processing Your data:

    • if the processing is necessary for entering into or performance of a contract;
    • whether the processing has been required by law or regulation;
    • if the processing is necessary for the establishment, exercise or defense of legal claims.

    However, for other reasons We may not be able to comply with your request. Of course, in this case We will make sure to give You the clearest possible answer.

    • The right to portability

    This right offers You the possibility to control Your personal data more easily Yourself and more precisely:

    • to retrieve Your personal data which is processed by Us, for Your personal use, and to store it on a device orcloud private for example.
    • to transfer Your personal data from Us to another company, either by You or directly by Us, provided that such direct transfer is “technically possible”.

    This right covers both Your actively and consciously declared data such as the data You provide (e.g. personal identification data) and the information We collect.

    Conversely, personal data that is derived, calculated or inferred from the data provided by You is excluded from the right to portability because it is created by Us.

    However, You should know that We have the right to refuse your portability request. Indeed, this right only applies to personal data based on your consent or the performance of a contract concluded with You (to know precisely the personal data which may be subject to the right to portability: see the purpose and foundations section). Similarly, this right must not infringe the rights and freedoms of third parties, whose data may be found in the data transmitted following a portability request.

    • Withdrawal of consent

    In cases where processing is based on consent, You have the right to withdraw Your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent made prior to such withdrawal.

    • How to exercise Your rights?

    For any request, You just need to send Us an email or a letter (see contact details above).

    It is important to indicate the right You wish to exercise, the reasons for Your request, and to attach a front/back copy of Your identity card. The request must specify the address to which the response must be sent.

    We have a period of one (1) month to respond to Your request, increased by two (2) additional months in the event of a request requiring in-depth research or in the event that We receive an excessive number of requests.

    However, We may not be able to comply with Your request. Of course, in this case We will make sure to give You the clearest possible answer.

    • Are your personal data transmitted abroad?

    For the requirements of certain processing, certain data is transferred to the European Economic Area.

    Within the European Economic Area, be aware that personal data enjoy the same level of protection.

    In principle, We do not transfer data outside of Europe. However, in the context of the Sub-contracting entrusted to the service provider chosen by us, it cannot be ruled out that, exceptionally, and for maintenance reasons in particular, limited access to certain data may occur from a State located outside France. the EU.

    • Contact us ? Submit a complaint to a data protection authority?

    Do you have a question or suggestion regarding this Policy? Do not hesitate to let Us know by contacting Us by email or by post (see contact details above). We will read You carefully and We will answer You as soon as possible.

    Do you feel that We are not sufficiently protecting Your personal data? We invite You to contact Us directly. You should also know that You have the right to lodge a complaint with the Belgian Data Protection Authority:

    • By post: Data Protection Authority, Rue de la Presse, 35, 1000 Brussels
    • By email : contact@apd-gba.be
    • How do I know if this Policy has changed?

    This Policy may be modified at any time, in particular to take into account any legislative or regulatory changes and the development of our services.

    We encourage You to regularly consult this Policy to find out how We are protecting Your personal data.

    Date of last modification: 23/03/2023

    Version of this Policy 1.0.

    • Glossary of the main legal terms used in this Policy

    Terms frequently used in this Policy GDPR Definitions Explanations of terms in everyday language
    Personal data Any information relating to an identified or identifiable natural person, (hereinafter referred to as “data subject”); is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to his physical, physiological, genetic, psychic, economic, cultural or social identity.

    All types of information relating to a natural person, i.e. an individual, directly or indirectly identifiable as a person distinct from other people.

     

    For example: a name, photo, fingerprint, email address, phone number, social security number, etc.

    Treatment Any operation or set of operations whether or not carried out using automated processes and applied to data or sets of personal data, such as the collection, recording, organization, structuring, storage , adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, linking or interconnection, limitation, erasure or destruction.

    Any use of personal data, regardless of the process used (recording, organizing, storing, modifying, reconciling with other data, transmitting, etc. personal data).

     

    For example: the use of Your data for the purpose of executing the contract, sending communications from the firm relating to news, legal information and invitations to events, etc.

    Data controller The natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of processing. The person, public authority, company or body that exercises control over Your data and decides on any use of it. It is he who decides to create or delete a processing and determines why Your data will be processed and to whom it will be transmitted. He is the main person responsible for respecting the protection of Your data.
    Subcontracting The natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Any natural or legal person who performs processing tasks on the instructions and under the responsibility of the controller.