Privacy Statement
PRIVACY STATEMENT OF IDEATICS EUROPE B.V.
By downloading and installing the Smartix App (Smartix), you acknowledge and provide your consent to this statement
1. Identity of the User of this Statement
1.1 This document is the Privacy Statement of the Dutch limited liability company Ideatics Europe B.V., registered with the Dutch Chamber of Commerce under no. 62079808.
1.2 IdeAtics is an entity in the chain of collection and processing of Personal Data within the meaning of the Dutch Personal Data Protection Act (‘de Wet bescherming persoonsgegevens’) and the General Data Protection Regulation (Regulation EU 2016/679).
1.3 All correspondence with regard to this Privacy Statement should be directed to either info@ideatics.com or to
2. Role of IdeAtics
2.1 IdeAtics enters into contracts with its Contracting Parties in connection with providing IdeAtics Services. IdeAtics Services consist of facilitating its Contracting Parties to use certain business solutions based on Near Field Communication (NFC) technology. IdeAtics uses NFC tags with unique identification codes. These codes are not in itself Personal Data. NFC tags are scanned by mobile devices equipped with a NFC reader. The NFC reader is controlled by Smartix.
2.2 Contracting Parties may request IdeAtics to link certain Personal Data to a specific NFC tag. IdeAtics provides its Contracting Parties with the technical means to use the NFC based business solution. In order for Contracting Parties to operate its Service to you, IdeAtics will – on behalf and under instruction of Contracting Parties – store your Personal Data on its severs that are located within the European Union.
IdeAtics acts as processor (“bewerker”) of personal Data. We process Personal Data merely on behalf and under instruction of its Contracting Parties in accordance with the terms of this Privacy Statement. IdeAtics does not act as controller (“verantwoordelijke”) in the sense of the Wbp.
2.3 Upon reading the NFC tag, you will be automatically directed to the portal, platform or website of the appropriate Contracting Party. The automatic redirection occurs because the NFC tag can be identified by the IdeAtics software platform (called BriteBone) because the NFC tag is linked to your personal data that was provided by the Contracting Party in order to be able to operate this service.
3. Principles for processing Personal Data
3.1 IdeAtics takes your privacy and the protection of your Personal Data very seriously. In this Privacy Statement we will outline the specifics about the processing of your Personal Data, and the conditions under which we process and use your Personal Data. The processing of your Personal Data is, if reasonably possible, subject to confidentially. We will do our utmost to ensure that such processing will be done in accordance with all relevant mandatory data protection legislation.
3.2 When processing your data, we take all reasonably possible technical and organisational precautions to ensure that your data does not become accessible to unauthorized third parties. It is impossible to guarantee complete data security due to the fact that no technical solution is 100% fail proof.
4. Personal Data
4.1 For the purposes of this Privacy Statement, “Personal Data” means any information relating to, or possibly relating to, an identified or identifiable natural person, such as a name, age, postal address, email address, telephone number etc.
5. Collecting, processing and using Personal Data
5.1 By downloading, installing and using Smartix, you consent to IdeAtics, acting on behalf of and under the instructions of its Contracting Parties, storing and accessing information on your mobile device (i.e. footprint of the mobile device, including technical information about the mobile device, the mobile device number, mobile applications installed on the phone, name of the phone, email address set up on the phone, relevant phone identifiers, OS version, telecom operator name, etc.) in order to allow registration and authentication when using the Service, this for security purposes and the purpose to operate the Service.
5.2 We do not decide on what data is and what data is not collected, nor do we decide on any purpose of collection of data and Personal Data.
5.3 Our Contracting Parties may collect different types of your Personal Data depending on the purpose of the collection. Any questions relating to the collection and use of Personal Data should be directed at our Contracting Parties.
5.4 IdeAtics has entered into a processing agreement regarding Personal Data (“bewerkersovereenkomst”) in order to ensure proper stipulation of rights and obligations regarding Personal Data between IdiAtics and its Contracting Parties.
5.5 We may process Personal Data for the purpose of operating the Service to you under responsibility of our Contracting Parties.
5.6 IdeAtics will never make any use of any Personal Data it processes on behalf of its Contracting Parties, other than to operate the Service.
5.7 IdeAtics may use non identifiable aggregate information based on Personal Data for internal purposes.
6. Passing on Personal Data
6.1 If you have provided us with Personal Data, this is only passed on or otherwise transferred to third parties if it is essential for performance of our services, or if you have given your explicit prior consent.
6.2 IdeAtics may be required to disclose certain Personal Data to other third parties:
(a) as a matter of law (e.g. to tax and social security authorities);
(b) to protect IdeAtics’ legal rights;
(c) in an emergency where the health or security of you or IdeAtics is endangered;
(d) to Law Enforcement Authorities in accordance with the relevant legislation including but not limited to the EU/2016/1148 concerning measures for a high common level of security of network and information systems across the Union (“the Network Information Security Directive”), an any national laws implementing that Directive.
6.3 For (physical or digital) storage purposes, your Personal Data may be transferred to selected third parties of IdeAtics, either within the European Union or outside of the European Union. IdeAtics ensures that these third parties comply, or have assured to comply, with all applicable privacy legislation. With regard to third parties domiciled in the United States, IdeAtics ensures that these third parties comply, or have assured to comply, with all the Privacy Shield Principles of the Privacy Shield and have taken the necessary actions to register within the Privacy Shield framework.
7. Third Parties
7.1 IdeAtics may link or refer to third party websites, mainly those of Contracting Parties. It is explicitly noted that IdeAtics is not responsible for any use you make of such third party websites and/or systems.
8. Protection of your Personal Data and reporting obligation of data leaks
8.1 In the event your Personal Data is stored and processed, we make use of adequate security measurements to assure appropriate protection of your Personal Data.
8.2 In the event of a quantitative and qualitative loss, permanent or temporary damage, breach or unlawful use of Personal Data (a “Data Leak”), we are obligated to file a report with the Dutch Data Protection Authority. Should we or the Dutch Data Protection Authority consider that such a Data Leak may negatively affect your privacy, we are obligated to inform you as well. Such notification cannot, in any way, be considered as an acceptance of liability for possible damages arising from the data leak.
9. Period of collection of your Personal Data
9.1 IdeAtics only processes and stores your Personal Data for the necessary or legally allowed period, to be determined by the purpose of the data processing.
10. Your rights
10.1 At any point and free of charge, you have the right to obtain information with regard to the collection of your Personal Data, the origin and recipient of that data as well as the purpose of the data collection. Questions relating to this should be directed at the controller (“verantwoordelijke”), being our Contracting Party.
11. Right of modification of this Privacy Statement
IdeAtics reserves the right to amend this Privacy Statement in accordance with the applicable legal data protection provisions at any time. Should such amendment have an impact on the scope of use of your Personal Data, the implementation of any modifications shall be subject to your prior consent.
Version 1.0
16.08.2017