Privacy policy

1. Introduction and scope

This privacy notice aims to inform you about how Twikit NV (“Twikit”, “we”, “us”) collects and processes your personal data on our website https://www.twikit.com/ (the “Website”).

Twikit respects your privacy and is committed to protecting your personal data and your privacy in accordance with Belgian and European data protection laws, including the EU General Data Protection Regulation 2016/679 (“GDPR”) as well as any applicable national implementing and supplementing laws.

Please read this privacy policy carefully. It describes not only your rights, but also the way in which you can exercise these rights.

This privacy policy explains how we collect and process personal data when you visit our Website, use our online forms, communicate with us, apply for a position, or otherwise interact with us through the Website.

2. Who we are and how to contact us?

Twikit is a company incorporated under Belgian law and acts as data controller in respect of the personal data collected via its Website:

Registered office	Hessenplein 2, 2000 Antwerp, Belgium
Company number	0500.986.687

We have appointed a data protection officer, whom you can contact for questions about this privacy policy and the processing of your personal data.

Privacy contact

[email protected]

3. What categories of personal data do we process?

Depending on the specific form or function you use, this may include, for example, your first and last name, email address, phone number, company name, job title, message content, appointment or demo request details, application documents, CV, cover letter, professional background, and any additional information you voluntarily provide to us.

However, in general, if we process your personal data, it will be personal data of one of the following categories:

identification and contact details (such as your name, telephone number and email address);
technical information (such as information about your computer, mobile and other devices (such as, your IP-address, user-ID, operating system, browser type));
usage information (such as information regarding your usage of our Website (such as, history, logs, date, time, location, frequency, duration of the pages you have viewed, consent preferences, information regarding consent(s) given by you (such as, the date and time of your consent)).
any other type of personal data you may decide to share with us through free field forms.

Your personal data originates from you directly or is automatically collected by us (in case of technical information).

4. For which purposes do we process personal data, on which legal basis and for how long?

Depending on your use of the Website we may process your personal data for the purposes specified hereunder. Please note that our Website may evolve and more functionalities can be added from time to time. In such case this list may also evolve and will be updated as necessary in accordance with section 16.

If we ask for your consent, the consent you give is always free and you have the right to withdraw it at any time. You can withdraw your consent by sending an email to: [email protected]. Note that your withdrawal of consent does not affect the processing of personal data prior to such withdrawal or our processing activities which are based on any other legal basis.

Purpose	Type of personal data	Legal basis	Retention period
To manage and respond to your contact requests, questions, demo requests or other enquiries submitted through our Website or by email.	We process the personal data you provide in this context, such as your name, email address, phone number, company name, job title, message content and any other information you choose to include.	Where your enquiry relates to the conclusion or performance of a contract, we process your data to take steps prior to entering into a contract or to perform a contract. In all other cases, we process your data based on our legitimate interest in responding to enquiries, maintaining business communications and developing business relationships.	We retain this data for the duration of our interaction with you and delete identification and contact details for this purpose no later than one year after our last interaction, unless a longer retention period applies due to contractual, legal or dispute-related reasons.
To schedule, manage and follow up on appointments, demo sessions and other meetings.	For this purpose, we may process your identification and contact details, company information, meeting preferences, communication content and any information you provide in preparation for or during the meeting.	Where the meeting relates to a potential or existing contractual relationship, we process the data to take pre-contractual steps or to perform a contract. Otherwise, we rely on our legitimate interest in organising meetings, presenting our products and services and communicating with prospective or existing business contacts.	For the duration of our interaction with each other. Your identification and contact details will in any event be deleted for this purpose no later than 1 year after our last interaction.
To carry out recruitment and selection activities for open positions at Twikit, including reviewing applications, assessing qualifications, communicating with applicants, organising interviews and making hiring decisions.	For this purpose, we process identification and contact details, application documents, CV, cover letter, education and training information, professional experience, interview notes, assessment information and any other information you voluntarily provide during the application process.	If you provide special categories of personal data in your application documents or during the recruitment process, we will process such data only where this is necessary for the recruitment process, required by law, or where you have obviously made the information available to us.	We retain application data until the recruitment process has been completed, unless a longer retention period is necessary to establish, exercise or defend legal claims, to comply with legal obligations, or where you have consented to being included in our talent pool.
To create a talent pool for future vacancies and recruitment purposes.	If you give us your separate consent, we may retain your application data in our talent pool in order to contact you about future vacancies that may be suitable for your profile.	Your consent is voluntary and has no effect on the current recruitment process. You may withdraw your consent at any time by contacting us. If you withdraw your consent, we will delete your talent pool data unless we are legally required or entitled to retain certain information for another purpose.	We retain talent pool data for up to three years after obtaining your consent, unless you withdraw your consent earlier.
To manage relationships with customers, prospective customers, suppliers and business partners, including communication, contract management, invoicing, administration, support and relationship management.	Identification and contact details	Where the processing is necessary for the performance of a contract with you or the organisation you represent, we process the data for contract performance. In other cases, we rely on our legitimate interest in managing business relationships, communicating with business contacts and administering our operations.	During the term of the applicable contract and up to 5 years thereafter, unless a longer retention term applies in accordance with this notice or if another legal basis applies.
To send you marketing communications about our products, services, events, updates, customer cases, industry insights and similar topics, and to measure and improve the relevance and effectiveness of our marketing communications.	Identification and contact details, company name, job title, communication preferences, consent status, unsubscribe status, interaction data such as email opens, clicks and responses, and information about your previous enquiries or interests.	Consent, where required. Where permitted by applicable law, legitimate interest in promoting our products and services to existing or prospective business contacts.	Until you withdraw your consent or object to direct marketing. If you do not withdraw your consent or object, we retain your data for direct marketing purposes for up to 3 years after our last relevant interaction with you. We may retain limited suppression-list information to document your withdrawal, objection or unsubscribe request and to ensure that we do not contact you again for direct marketing purposes.
To analyse and improve our Website, user experience, product and service offering, and marketing performance by using cookies and similar technologies, where permitted.	Usage information; technical information; any feedback you choose to provide us.	For non-essential analytics, marketing and tracking technologies, we rely on your prior consent given through our cookie banner. Strictly necessary cookies and similar technologies are used to provide the Website, ensure security, store your cookie preferences and enable essential website functions.	Further details on the cookies and similar technologies we use, including providers, purposes, categories, storage periods and consent options, are available in our Cookie Policy.

For more details about the retention period, you can always send an email to: [email protected].

5. Personal data of third parties

If you disclose any personal data of third parties to us, you guarantee that you have informed those third parties and you have received all necessary consents to communicate the third parties’ personal data to Twikit.

6. Cookies

The Website uses cookies and similar technologies, such as local storage, pixels, tags and comparable tracking technologies.

We use strictly necessary technologies to provide the Website, ensure security, store your cookie preferences and enable basic website functions. We use analytics, marketing, preference and other non-essential technologies only where you have given your prior consent, unless another legal basis applies under applicable law.

Our Cookie Policy contains a detailed cookie declaration, including the names of the technologies used, providers, purposes, categories, storage periods and types of technologies. You can change or withdraw your consent at any time via the cookie settings available on our website.

7. Disclosures of personal data

Twikit may share personal data, where necessary for the purposes described in this privacy policy, with the following categories of recipients:

IT, hosting, cloud, security and maintenance providers;
website, analytics, marketing, CRM and communication service providers;
consent management and cookie management providers;
recruitment and applicant management service providers;
professional advisers, such as lawyers, auditors and tax advisers;
public authorities, courts or regulators where required by law;
potential buyers, investors or successors in the context of a corporate transaction.

Where these recipients act as processors, they process personal data only on our instructions and on the basis of a data processing agreement.

Upon request, Twikit shall, as soon as possible after the request, inform you of the third parties with whom your personal data have been shared by providing you a more detailed list.

In addition, we may disclose your personal data if this is required by law, or if we determine in good faith that such disclosure is required in order to comply with any pending judicial inquiry, judicial order or litigation and/or to safeguard our rights.

Processors and sub-processors of Twikit always act under the responsibility of Twikit. If Twikit engages processors or sub-processors, this will always be done in accordance with a data processing agreement that meets the requirements of the GDPR. We require all our processors or sub-processors to take appropriate technical and organizational (including security) measures to protect your personal data in line with our policies. We do not allow our processors or sub-processors to use your personal data for their own purposes. In the event we disclose your personal data as described above, we will implement appropriate safeguards to ensure the integrity and confidentiality of your personal data.

Your personal data will only be viewed and made available to processors, sub-processors, employees and other third parties on a “need-to-know” basis, limited to the extent necessary to perform their services.

8. Will your personal data be transferred to countries outside the EEA?

Some of the service providers and third-party technologies we use may process personal data outside the European Economic Area or may allow access from countries outside the European Economic Area.

Where personal data is transferred to or accessed from a country that does not provide an adequate level of data protection, we rely on appropriate safeguards, such as adequacy decisions by the European Commission, standard contractual clauses approved by the European Commission and, where required, supplementary measures.

This may in particular be relevant for certain analytics, marketing, social media, video, CRM, hosting, communication or recruitment service providers. Further information on specific providers is available in the relevant sections of this privacy policy and in our Cookie Policy.

9. Do we process your personal data for direct marketing purposes?

We may use your personal data for direct marketing purposes (including profiling).

This enables us to keep you informed about our products, updates, events, etc. We will only do this based on your explicit consent for this, but you may at any time, free of charge, withdraw your consent or object to the processing of your personal data for direct marketing purposes (including profiling), to the extent that it relates to such direct marketing, by sending an email to: [email protected]. The withdrawal of consent does not affect the processing of personal data prior to such withdrawal or our processing activities which are based on any other legal basis.

10. How do we protect your personal data?

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures may include access controls, authentication measures, encryption where appropriate, logging, secure hosting, backup procedures, internal policies and confidentiality obligations.

Please contact us if you would like information on the specific measures taken by sending an email to: [email protected].

Despite the above measures taken by us, you should be aware that there are always risks associated with sending personal data over the internet. The security and protection of your personal data can never be fully guaranteed, nor can we guarantee that unauthorized third parties will never be able to defeat those measures or use your personal data for improper purposes.

11. How long do we keep your personal data?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes determined in section 4 of this privacy notice, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is or may be litigation pending in respect to our relationship with you.

After expiry of the applicable retention period, personal data may remain in backups or archives for a limited period, but will not be actively used for operational purposes. Such backups and archives are protected against unauthorised access and are deleted or overwritten in accordance with our backup and archiving procedures.

12. Your legal rights

Within the limits defined in Articles 15-22 of the GDPR, you have the following legal rights in relation to your personal data:

Right of access: you have the right to obtain confirmation from us as to whether or not we are processing your personal data, to access that personal data and how and why it is being processed, as well as to receive a copy of that data.
Right to rectification: you have the right to obtain a rectification of your personal data or to request that we complete your personal data when you become aware that we are processing incorrect or incomplete data about you.
Right to erasure (“right to be forgotten”): you have the right to obtain erasure of your personal data in certain specific cases.
Right to restriction: you have the right to have the processing of your personal data restricted in certain specific cases.
Right to portability: you have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable form, and to transfer (have transferred) that personal data to another controller.
Right to object: you have the right to object to the processing of your personal data on the basis of our legitimate interest for reasons relating to your specific situation.

The exercise of these rights is in principle free of charge. Only in the event of unreasonable or repeated requests we may charge a reasonable administrative fee. We will always inform you of the applicable fee before charging it.

You can exercise your rights by sending an email to: [email protected].

In your request, make sure to clearly specify which right you wish to exercise so we can help you as efficient as possible. Please note that in some case we may require you to give more information about yourself to ensure that we are dealing with the correct person.

If you contact us to exercise your rights we will respond within 1 month. Exceptionally this may take longer (up to 3 months), but then we will inform you within 1 month of the reasons why.

13. Your right to lodge a complaint with a supervisory authority

If you consider that our processing of personal data infringes the GDPR, you have the right to file a complaint with a supervisory authority, in particular in the member state of your habitual residence, the place of work or the place of alleged infringement.

In Belgium, the competent supervisory authority is the Belgian Data Protection Authority.

www.gegevensbeschermingsautoriteit.be

Drukpersstraat 35, 1000 Brussels, Belgium +32 (0)2 274 48 00 [email protected].

However, we would appreciate the chance to deal with your concerns before you approach the authority, so please contact us in first instance.

14. Third party links

Our Website may contain links to third-party websites, platforms or applications, as well as embedded third-party content. We are not responsible for the content or privacy practices of such third parties. Where embedded third-party content or related cookies and similar technologies are used, further information is provided in our Cookie Policy and, where required, such technologies are loaded only after your consent.

15. Liability

If Twikit has legitimately transmitted your personal data to a third party (not being its (sub-)processor), Twikit shall not be liable for any unlawful processing or unlawful use by that third party.

16. Changes to this privacy policy

We may update this privacy policy from time to time to reflect changes in our processing activities, legal requirements or Website functionalities. Any changes will be indicated on the Website and, where the changes are material and where required by law, we will take appropriate steps to inform you, for example by email or when you next visit the Website. The date of the most recent version is shown below. Please review this privacy policy periodically to stay informed of any changes that may affect you.