TABLE OF CONTENT
“Customer” means any natural or legal person who entered into a license agreement with ONTOFORCE for the commercial use of the Services (i.e. excluding, for the avoidance of doubt, any Users or Visitors). “Customer Data” means proprietary information, metadata or other data including potentially Personal Data that a Customer stores within, or makes available through, the Service. “Personal Data” means any information relating to an identified or identifiable natural person (‘Data Subject’) within the meaning of Regulation (EU) 216/679 (General Data Protection Regulation). A Data Subject can be a Customer, User, Visitor, supplier, partner or employee of ONTOFORCE, or any other person whose Personal Data is being processed by or on behalf of ONTOFORCE. “Premium Services” means the version of the Services that can be accessed only by Users under a paid license agreement between Customer and ONTOFORCE. “Services” means the Websites, Software and all content, services and/or products available on or through the Software, either for free (in which case those Services are restricted to non-commercial use only) or against payment of a license fee (allowing for commercial use of the Services). “Software” means the software owned by, or licensed to, ONTOFORCE, including (but not limited to) the software which is distributed under the brand name “DISQOVER” “Third Party Data” means any public or proprietary information, metadata or other data from any third party (other than ONTOFORCE or Customer), including potentially Personal Data, that ONTOFORCE makes available through the Service. “User” means an employee, agent, or representative of a Customer, who primarily uses and accesses the Services in such capacity for commercial purposes. “Visitor” means an individual other than a User, who uses the publicly available free version of the Services for non-commercial purposes only. “Websites” means any website owned by ONTOFORCE, including (but not limited to) www.ontoforce.com and www.disqover.com, “You”/”Your” means any natural person that is a Data Subject within the meaning of Regulation (EU) 216/679 (General Data Protection Regulation).
III. WHAT INFORMATION DO WE COLLECT, WHY AND ON WHAT LEGAL GROUNDS?
Ontoforce collects different types of information, which we have classified below based on where we source that information. For each type of information we provide you with an overview of (i) what Personal Data is processed by ONTOFORCE (‘What’); the purposes of such processing (‘Why’); and (iii) the lawfulness of such processing (‘Legal Ground’): A. Information You Provide to Us: We receive and store any information you knowingly and voluntarily provide to us. For example, we collect Personal Data such as when you contact us with inquiries, when you register for the Services or when you access or use these Services. When registering to our Websites:
- What: your full name, e-mail address and password (encrypted).
- Why: We use this information to allow our Users to set-up a user account and manage their login to our Services.
- Legal ground: We use that information in order to execute the contract you have with ONTOFORCE (End User License Agreement).
When entering into a Customer license agreement:
- What: your full name, e-mail address, title or function, telephone number, billing details and credit card details (as the case may be).
- Why: We use that information for our customer services, contract management, financial management and accountancy (invoicing and payment processing, debt collection). We may also contact you, by email or other means; for example, we may communicate with you about new features or your use of our Services.
- Legal ground: We use that information in order to execute the relevant license agreement.
When contacting us (through the Websites (contact forms), at conferences, trade fairs, roadshows, meetings etc.):
- What: your full name, e-mail address, title or function, telephone number.
- Why: We use that information to invite you to accept commercial information relating to ONTOFORCE (through an “opt-in” mechanism), or to contact Customers, Users and Visitors in order to fulfill requests for the Services.
- Legal ground: We use that information based on our legitimate interest or your consent (as the case may be).
When using our Services:
- What: your e-mail address and password (encrypted); other Customer Data which may or may not contain Personal Data (such as search queries)
- Why: We use that information to enable you to use our Services.
- Legal ground: We use that information in order to execute the contract you have with ONTOFORCE (if you were the contracting party) or based on our legitimate interest (if your organization entered into that agreement with us). This may include Ontoforce sending you notifications on new relevant Customer Data (if you signed-up for that service).
- What: our Customers may provide us with Personal Data relating to their employees, consultants or other service suppliers (such as contact persons, business consultants, financial advisors, lawyers etc.). These Personal Data may include such persons’ names, e-mail addresses, telephone numbers, usernames (on Skype, Telegram, Trello, etc.) and functions or titles within our Customer’s organization.
- Why: we use that information for our customers and contract management and financial management and accountancy (invoicing and payment processing, debt collection). We may also contact you, by email or other means; for example, we may communicate with you about new features or your use of our Services.
- Legal ground: we use that information based on our legitimate interest (as your organization entered into that agreement with us).
- What: our Service may enable access to our Customer’s own proprietary databases or content which are part of (or constitute) the Customer Data.
- Why: Personal Data which is part of Customer Data may be processed by ONTOFORCE in view of providing the Services to Customers and Users.
- Legal ground:
- The owner of the relevant data source (which in respect of Customer Data shall be the Customer) is responsible for providing notice to its customers or third persons concerning the purpose for which they collect Personal Data and how this Personal Data is processed as part of the relevant database.
- ONTOFORCE, just like any other search engine, has no direct relationship with the individuals whose Personal Data is being processed as part of the Service. The relevant Personal Data has already been processed by the owner of the relevant database, and Ontoforce only applies certain search software on the data to ensure that the data can be more easily retrieved by the User.
- In view of the above, ONTOFORCE relies on its legitimate interest to process Personal Data that are contained in, or form part of, Customer Data in view of providing the Services to the Customer owning the data.
D. Information collected by third parties (Third Party Data)
What: When a Customer, User or Visitor purchases, uses or subscribes to our Services, ONTOFORE may enable access to third party websites, services or content, or may collect Third Party Data that may include Personal Data in order to provide the Services, which may include:
- Data from publicly-available sources such as open government databases or other data in the public domain;
- Data from research institutions, organizations, data brokers or other third parties from which we obtain access to their data for our Customers, Users or Visitors;
Why: Personal Data which is part of Third Party Data may be processed by Ontoforce in view of providing the Services to Customers, Users and Visitors.
- Legal ground:
- The owner of the relevant data source (which in respect of Third Party Data shall be the third party owner of the relevant data) is responsible for providing notice to its customers or third persons concerning the purpose for which they collect Personal Data and how this Personal Data is processed as part of the relevant database.
- ONTOFORCE, just like any other search engine, has no direct relationship with the individuals whose Personal Data is being processed as part of the Service. The relevant Personal Data has already been processed and made public by the owner of the relevant database, and ONTOFORCE only applies certain search software on the data to ensure that the data can be more easily retrieved by the User or Visitor.
- In view of the above, ONTOFORCE relies on its legitimate interest to process Personal Data that are contained in, or form part of, Customer Data in view of providing the Services to its Customers, Users and/or Visitors.
- Legal ground:
IV. WHERE WE STORE YOUR PERSONAL DATA
If you provide Personal Data to the Services as set out above, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of ONTOFORCE. The Services are performed using equipment or facilities located in the European Union or the US. The ONTOFORCE’ US service providers are either Privacy Shield compliant or have executed Standard Contractual Clauses (as approved by the European Commission) that provide legal grounds for assuring that, when processed in the United States, the personal data of EU citizens that are processed by ONTOFORCE customers when using the ONTOFORCE Service will receive from ONTOFORCE and its service providers located outside the EU an adequate level of protection within the meaning of Article 46 of Regulation (EU) 2016/679 (General Data Protection Regulation). List of processors processing your Personal Data or processing Personal Data from Data Subjects contained in Customer Data or Third Party Data:
Google Cloud – cloud computing and storage services in Belgium.
Google Gsuite – e-mail systems and office productivity tools
Google Analytics – monitoring and measuring website traffic and access, creating user navigation reports
Microsoft (Office 365) – e-mail systems and office productivity tools;
Box – archiving
Dropbox – archiving
Zohoo – invoicing
Freshworks – CRM tool
Zoom, Telegram, Whatsapp, Skype – communication tools
Evernote, Trello, Slack – internal office/productivity tools
MailChimp – direct marketing tool
Merluno – direct marketing service provider
AT Solutions – accountancy
A. Protection of ONTOFORCE and Others: We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or a court order; enforce or apply our conditions of use and other agreements; project against legal liability; or protect the rights, property, or safety of ONTOFORCE, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
B. Business Transfers: As ONTOFORCE develops its business, it might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
C. Agents, Consultants and Related Third Parties: ONTOFORCE, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, hosting, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function, as specified in section VI.
D. With Your Consent: Except as set forth above, ONTOFORCE will always explicitly ask for Your consent before sharing any of Your Personal Data with third parties, and will always be able to prevent such sharing.
VI. IS THE PERSONAL DATA SECURE?
VII. WHAT CHOICES DO I HAVE?
You can always opt not to disclose information to use, but keep in mind some information may be needed to register with us or to take advantage of some of our special features. In addition thereto, you have the following rights in respect of your Personal Data:
- The right to be informed – this is information on for what purpose we are processing it and what Personal Data we are processing.
- The right of access – You have the right to be provided with copies of the Personal Data of you that we are processing as well as confirmation of the processing we are doing. You can do this by sending a “subject access request” to the contact details noted below for our consideration.
- The right to rectification – if you think the Personal Data that we hold on you is wrong you can tell us and we will fix it.
- The right to erasure (also known as the right to be forgotten) – if you want us to permanently delete the Personal Data we hold for you then you can ask us to do so. Our ability to delete such Personal Data is subject to exceptions in accordance with data protection laws.
- The right to restrict processing – if you do not like how we are using your Personal Data then you can let us know and we will stop processing it in that way.
- The right to data portability – if you want us to pass on your Personal Data to someone else then please let us know. This transfer should not affect the integrity or otherwise damage your Personal Data.
- The right to withdraw your consent – You can withdraw your consent for us to process your Personal Data (if we have relied on your consent to process your Personal Data) at any time by contacting us. If we have relied only on your consent as the basis to process your personal data then we will stop processing your Personal Data at the point you withdraw your consent. Please note that if we can also rely on other bases to process your Personal Data aside from consent then we may do so even if you have withdrawn your consent.
- Rights in relation to automated decision making and profiling – if we use either automated decision making or profiling then you have a right to know. Also, we need your consent if either of these are used to make a decision that affects you. As with all consent, you can withdraw it at any time.
You can exercise any of the rights above by by contacting us at the contact details mentioned below. Please note that some information may remain in our private records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Data after you update or delete it, but not in a manner that would identify you personally. You may opt out from the collection of navigation information about your visit to the Website by Google Analytics by using the Google Analytics Opt-out feature. If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to DPO@ontoforce.com. Ontoforce has no direct relationship with the Customer’s customers or third party whose Personal Data it may process on behalf of a Customer. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the relevant Customer or User which acts as the Controller of the data processing.
IX. QUESTIONS OR CONCERNS
If You have any questions or concerns regarding our privacy policies, please send us a detailed message at DPO@Ontoforce.com. We will make every effort to resolve your concerns. Other contact details: ONTOFORCE N.V. Att.: Data Protection Officer Technologiepark 122 AA Tower, Third Floor 9052 Zwijnaarde Belgium.