Social Seeder's Privacy Statement - Platform

1. Our contact information

Social Seeder BVBA (hereinafter referred to as ‘Social Seeder’ and ‘We’)
Schaarbeeklei 647
1800 Vilvoorde
Belgium
Company registration number (VAT-BE): 0524.991.813
Email: gdpr@socialseeder.com
Telephone number: +32 (0)2 255 85 91

2. The Purpose of this Privacy Statement

Every person (hereinafter referred to as “User”) using the Social Seeder Platform (hereinafter referred to as the “Application”) makes certain personal data available of both the User as other Data Subjects of which the personal data is controlled by the User. This personal data allows Social Seeder to contact, and thus identify, the Data Subjects and User as a natural person, regardless of whether we effectively do so. A person is identifiable as soon as it is possible to create a direct or indirect link between one or more data and the natural person. Your name and email address (which we collect) allows us to make a direct link to you as a natural person.

We only use and process your personal data in accordance with the Privacy Law and other relevant legal provisions. Any reference in this Privacy Statement to the Privacy Law means a reference to the Law of 8 December 1992 on the Protection of Privacy in relation to the Processing of Personal Data. Any reference to the Regulation is a reference to the Regulation of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, also known as the General Data Protection Regulation (GDPR). Because we at Social Seeder consider the protection of your privacy a top priority, we have drawn up this Privacy Statement.

Each Application User is informed about the processing activities that Social Seeder may carry out with his or her personal data by means of this Privacy Statement. Social Seeder reserves the right to amend this Privacy Statement at all times. But any substantial amendment shall be clearly notified to the User fore implementation. We recommend that you consult this document regularly.

3. Who processes and who controls personal data?

Who are we?
Social Seeder is a platform that catalyses online word-of-mouth communications. Companies can use Social Seeder to provide their ambassadors (selected employees) with ready-made and interesting content which they, in turn, can simply distribute by way of their social media channels. In this way the Application ensures that there is a significant increase in the online and viral presence of brands using the Application.

Our role in processing your personal data?
Social Seeder acts as the processor for the Users (companies), who are the controllers of the personal data. This means that they determine which personal data are collected, along with the objective and means of processing these personal data. These objectives are part of our services.

A processor, which Social Seeder is, is a natural or legal person who or which processes personal data at the request of or on behalf of the controller (the User). The processor is obliged to ensure the security and confidentiality of the data. The processor always acts in accordance with the instructions of the controller.

Social Seeder makes use of the services of sub-processors. Sub-processors are any third party engaged by Social Seeder to process personal data on behalf of Social Seeder. We take on the responsibility for selecting the right sub-processors that can guarantee and provide to protect the rights of Data Subjects (the natural persons of which we process Personal Data).

Social Seeder makes use of the following processor categories:

• Emailing services
• Customer relationship management
• platform analytics
• Error detection services
• Cloud services
• Hosting

4. Which personal data are processed?

Social Seeder undertakes to collect and process only the data that are relevant and necessary for those purposes for which they are processed. In general, we anonymise collected personal data as much as possible before further processing. The following categories of personal data can be collected and processed:

• Personal identification data (surname, first name, login credentials)
• Contact data (email address)
• Professional content preferences
• Social media insights (Number of clicks generated on all social media channels used to share specific available content, though we process these clicks in such a way that these are anonymised before further processing)
• Electronic identification data (IP address, time and day of last performed action)
  • For admins of the platform only: data relating to the device used, such as hardware and software information and network and local storage information, and technical data to gain an idea of User Navigation trends on the Application
• Other personal data requested from the User by the customer and for which permission is obtained to process these

Should certain data provided by the User be incomplete or appear to be incorrect, Social Seeder reserves the right to temporarily or permanently postpone certain expected operations.

5. For what purposes are my personal data used?

Social Seeder collects your personal data in order to provide every User of our platform with a secure, optimum and personal user experience. The collection of personal data is further expanded according to the intensity of the User’s use of the Application and our online services.

Data processing is essential to the functioning of the Application and its corresponding services. Processing is exclusively performed for the following (specific) purposes:

• to provide the User with access to his or her user profile and the corresponding functionalities;
• to offer and improve general and customised service provision; including the provision of any information, newsletters and promotions which may be of use and/or are essential to the User, to obtain and process user ratings and to provide assistance;
• offering and improving the delivered products; personalised and specific products based on information and data provided;
• to detect and provide protection against fraud, errors and/or criminal conduct;
• to manage the contractual relationship of which the User is party.

6. On what legal basis are my data processed?

In accordance with the Law, we process personal data based upon the following legal grounds:

• Based on the execution of the agreement as agreed with the customer and the User, or the execution of pre-contractual steps taken at the User’s request;
• Based on compliance with legal or regulatory provisions relating to the management of the contractual relationship.
• Based on the User’s and Data Subjects explicit consent

7. Who receives your personal data?

Your personal data are processed primarily for statistical purposes and benchmarking within Social Seeder. Your personal data will not be sold, transferred or communicated to third parties, except under strict contractual agreements for sub-processing purposes, where Social Seeder takes all legal and technical precautions to safeguard your personal data. Before engaging with a third party, we assess them whether they can provide and guarantee all necessary safety measures.

Personal data may also be transferred to comply with a legal obligation incumbent on Social Seeder should the transfer be necessary to protect your or another natural person’s vital interests or to serve the legitimate interests of Social Seeder.

8. Do we transfer your data outside of the European Union?

By default, we limit the transfer of your personal data outside of the European Union (e.g. our database is located within the EU) as we prefer to work with European based sub-processors who are also subjected to the GDPR.

In the event there is a transfer outside of the EU, we will ensure that any transfer of personal data to countries outside of the European Economic Area will take place pursuant to the appropriate safeguards to which the sub-processors will be contractually bound (for example ensuring that, for transfers to the United States of America, the company is registered under the Privacy Shield). Transferring to countries where there is a risk that contractual obligations would not suffice, are by default not eligible for transfer, e.g. countries who have very limited privacy legislation.

9. How long do we store your personal data?

Your personal information will not be kept for longer than is necessary for a specific purpose. They are deleted from the database when they are no longer needed to pursue the purposes (section 4; e.g.: your IP-address will be immediately deleted after the session) or should you validly exercise your right to delete the data. As most personal data is collected for the fulfilment of our agreements with the Customers, the relevant personal data will be deleted, or if deletion is not possible for statistical purposes, anonymised at latest 6 months after termination of the contract.

10. What rights do I have?

As we at Social Seeder collect your personal data, you can exercise certain rights on it. We list them for you: 

Your personal data is always processed for the legitimate purposes explained in Section 4. They are collected and processed in an appropriate, relevant and proportionate manner, and are not stored longer than necessary to achieve the proposed objectives. The User may always ask Social Seeder how long specific personal data are kept.

If you are capable of proving your identity, you obtain the right to acquire information about the processing of your data. Consequently, you have the right to the processing objectives, the data categories, the categories of recipients to which the data are sent, the criteria that determine the period of data storage and the rights that you can exercise with regard to your data.

Inaccurate or incomplete data may be corrected. It is first and foremost the User’s responsibility to make the necessary modifications to his or her “User Profile”. But please, contact us with a request to modify the data if the first method is not possible.

You also have the right to obtain the deletion of your personal data under the following circumstances:

• Your personal data are no longer necessary for the intended purpose;
• You revoke your consent to process your data and there is no other legal basis for processing your data;
• You have legitimately exercised your right of objection;
• Your data has been unlawfully processed;
• Your data must be deleted arising from a legal obligation.

When deleting your data would negatively affect our statistical analysis, we reserve the right to anonymise the data, which is then no longer personal data as it cannot relate to a natural person anymore.

In some cases, you have the right to request restrictions on the processing of your personal data. This certainly applies in the case of a dispute relating to the accuracy of data, if the data are necessary in the context of a legal procedure or during the time necessary for Social Seeder to determine that you are validly able to exercise your right of deletion.

You have the right to object at any time to the processing of your personal data for “direct marketing” purposes, profiling purposes or purposes arising from the legitimate interests of the data controller (not Social Seeder’s legitimate interest). Social Seeder will stop processing your personal data unless it can demonstrate that there are compelling legal reasons to process that prevail over your right to object.

You have the right to obtain the personal data provided to Social Seeder in a structured, common and machine-readable form. In addition, you have the right to transfer such personal data to another data controller unless this is technically impossible.

You are entitled to withdraw your consent at any time, for example for direct marketing purposes.

Should you wish to exercise your rights, you must submit a written request to gdpr@socialseeder.com. From then on, we will start a process to first verify your identity. We will answer you as soon as possible, no later than thirty (30) days after having received your request, unless identify verification took an unreasonable long time.

If you are not satisfied with the processing of your personal data by Social Seeder, you are entitled to lodge a complaint with our local Data Protection Authority – de Gegevensbeschermingsautoriteit: contact@apd-gba.be at https://www.gegevensbeschermingsautoriteit.be/

13. Thank you 

Thank you for reading through our Privacy Statement. In case you have any questions, worries or remarks left regarding our use of your Personal Data or this Privacy Statement, please do not hesitate to contact us. Our Privacy Team is dedicated to handling your Personal Data to the best of our possibilities.