Privacy Policy
V1.0
This Privacy Policy governs the processing of personal data which takes place when you, the User, use our services via the ProUnity Platform accessible via a web portal or via any connected service (e.g. e- mail,
chat, social media, payment provider, …). We, ProUnity NV, respect the right to privacy and protection of personal data of our Users. All our processing of personal data done on or via the ProUnity Platform will
comply with the rules set out in this Privacy Policy.
Please read this Privacy Policy as well as our Terms of Use carefully, because they are both an integral part of our relationship with you. Some of the terms we use here have the same meaning as in the Terms of Use,
which is why we have written them with a capital.
Please note: this Privacy Policy does not apply to:
-
staff members (employees or independent contractors) of suppliers, i.e. companies which provide services to our Clients and choose to upload the personal data of their employees or contractors into our
Platform in the context of the services they provide to our Clients;
-
staff members of our Clients who have been granted access to our Platform by the Client to use the Platform on the Client's behalf.
1. WHO IS RESPONSIBLE?
Short: In most instances ProUnity is responsible for the processing of your personal data. Sometimes this responsibility is shared with the Client.
-
When you use our Services, we – ProUnity NV, having its registered seat at Ave. Roger Vandendriessche 18, bte 4, 1150 Brussels, RPR Brussels 0568.514.822 – are in principle responsible for the
processing of your personal data.
-
Clients may be also responsible for the collection and processing of your personal data. This will be the case when you use the Platform and connected services in the context of providing your own
services to one of our Clients, either because you have a services agreement directly with the Client or because you provide services to the Client because you have a services agreement with us.
2. HOW ARE RESPONSIBILITIES ALLOCATED?
Short: If you have a question or request regarding what happens with your personal data on the Platform, you can contact ProUnity or the Client.
-
To arrange for the aforementioned responsibilities, ProUnity and its Clients have put in place contractual arrangements between them. The essence of these arrangements is:
-
that you should always direct your questions and requests regarding the processing of your personal data directly to the Client when the processing takes place in the context of you providing
services to the Client and you have a services agreement directly with the Client;
-
in all other instances of your personal data being processed via the Platform or connected services, you can direct your questions and requests directly to
us by sending an e-mail to info@pro-unity.com.
-
If your personal data are processed via the Platform, but you are unsure who to contact with questions or request regarding such processing, please send an e-mail
to info@pro-unity.com and we will refer your question or request to the appropriate party.
3. WHAT SORT OF PERSONAL DATA DO WE PROCESS?
Short: As a User we process different types of personal data about you, e.g. because you create a profile and upload your CV. In this section we list the different categories of personal data that we
process.
When you use our Platform, we collect and process the following categories of personal data:
-
personal identification data (e.g. names);
-
electronic identification data (e.g. IP addresses);
-
financial identification data (e.g. bank account number);
-
debts and expenses;
-
agreements and settlements (e.g. your agreement with the Client);
-
personal particularities (e.g. age, gender, date of birth);
-
current employment (e.g. function title and employer details);
-
professional activities (e.g. references);
-
professional competences (e.g. professional skills);
-
academic curriculum;
-
compensation (e.g. your daily rate);
-
performance rating;
-
use of IT equipment (e.g. your type of browser, time stamps, use of social media).
4. WHY DO WE PROCESS YOUR PERSONAL DATA?
Short: We process your personal data for a number of reasons, including to provide you with our services, to be able to offer our services to our Clients, to improve our services, etc. In this section we
provide you with an overview of all the reasons why we process your personal data.
We process your personal data for the following reasons:
-
to inform you about our services and opportunities;
-
to provide our services, including recruiting services (i.e. providing you with interesting opportunities, inviting you to interviews, etc.);
-
for administration purposes (i.e. invoicing, timesheet keeping, payment related administration and reporting);
-
to inform Users about market conditions;
-
for statistical reasons;
-
to improve our Platform and services;
-
to expand our business;
-
to build communities among our Users;
-
for fee benchmarking based on profiles;
-
for security reasons and misuse detection, prevention and reporting;
-
to inform any third party in the context of a possible merger with, acquisition from/by or demerger by that third party, even if that third party is located outside the EU;
-
to comply with our legal obligations as well as with any valid request from policy, judicial or governmental authorities.
5. What makes the processing of your personal data legitimate?
Short: The law obliges us to specify which legal basis we rely on to process your personal data (e.g. your consent). In this section we specify per purpose as listed above which such basis we use.
-
The data protection laws require us to precisely indicate to you which legal option we rely on to make the processing of your personal data legitimate. We need to clarify this for each of the purposes
listed in section 4 above.
-
For purpose (a) we rely on your consent. We will only sent you e-mails with your prior consent, which you may withdraw at any time. You can use the option to unsubscribe in the e-mails we send you.
-
For the purposes (b) to (d) we process your personal data because it is necessary to perform the agreement that we have with you for the use of our Platform and connected services.
-
For the purposes (e) to (k) we process your personal data because it is necessary for purposes of our legitimate interests, which in this case concern:
-
gaining insights in how the Platform and our services are used as well as in our user base;
-
our commercial interests to improve and expand our business and services;
-
our security and safety interests;
-
being able to conclude corporate transactions.
-
For purpose (l) we need to process your personal data to comply with our legal obligations.
6. Recipients and transfers
Short: Your personal data are shared with a limited number of parties, such as our own service providers, and are thus sent abroad. In this section we explain to whom we send your personal data and how we
ensure that your personal data are kept safe when sent abroad.
-
Your personal data may be sent to the following categories of recipients:
-
yourself;
-
your contacts or business relations;
-
our partners, clients and service providers;
-
our shareholders and potential acquirers;
-
governmental, judicial and other competent bodies.
-
Your personal data are transferred outside the European Economic Area, for which model contract clauses on the basis of European Commission decision 2021/914 have been put in place. When European
Commission Adequacy Decisions are or become available, ProUnity and its processors will comply with those decisions and bases itself on such ground for the transfer of personal data.
7. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
Short: We only retain your personal data as long as required to achieve the purposes listed in section 4.
Your personal data are only processed for as long as needed to achieve the purposes listed in section 4 above. We will de-identify your personal data when they are no longer necessary for these purposes,
unless there is:
-
an overriding interest of ProUnity or any other third party in keeping your personal data identifiable;
-
a legal or regulatory obligation or a judicial or administrative order that prevents us from de-identifying them.
8. WHAT RIGHTS DO YOU HAVE?
Short: You have a right to access, correct or erase your personal data or limit or oppose the processing of your personal data. You also have a right to data portability. In this section we explain how and
under which conditions you may exercise these rights.
-
You have the right to request access to all personal data processed by us insofar it pertains to you. You can exercise this right first and foremost via the Platform itself. We reserve the right to
refuse multiple requests for access that are clearly submitted for causing nuisance or harm to us or others.
-
You have the right to ask that any personal data pertaining to you which are inaccurate, are corrected free of charge. A lot of your personal data you can correct yourself via the Platform. If a
request for correction is submitted, such request must be accompanied of proof of the flawed nature of the data for which correction is asked.
-
You have the right to request that personal data pertaining to you will be deleted if they are no longer required in light of the purposes outlined above. However, you need to keep in mind that a
request for deletion will be evaluated by us against:
-
our own or a third party's overriding interests;
-
legal or regulatory obligations or administrative or judicial orders which may contradict such deletion.
Instead of deletion you can also ask that we limit the processing of your personal data if and when (a) you contest the accuracy of that data, (b) the processing is illegitimate or (c) the data
are no longer needed for the purposes which are outlined above, but you need them to defend yourself in judicial proceedings.
-
You have the right to oppose the processing of personal data for the purposes (e) to (k) in section 4, but you are required to explain your particular circumstances on which your request for opposition
is based.
-
When clause 5.2 or 5.3 applies, you have the right to receive from us in a structured, commonly used and machine-readable format all personal data you have provided to us.
-
Each request addressed to us can be send via e-mail to info@pro-unity.com.
An e-mail requesting to exercise a right will not be construed as consent with the processing of your personal data beyond what is required for handling your request. Such request should clearly state
and specify which right you wish to exercise and the reasons for it, if such is required. It should also be dated and signed, and accompanied by a digitally scanned copy of your valid identity card
proving your identity.
Without prejudice to the allocation of responsibilities as outlined in section 1, we will promptly inform you of having received this request. If the request proves valid, we will notify you as soon as
reasonably possible and at the latest thirty (30) days after having received the request.
If you have any complaint regarding the processing of your personal data by ProUnity, you may always contact us via the e-mail address mentioned in the first paragraph of this clause. If you remain
unsatisfied with our response, you may file a complaint with the competent data protection authority, i.e. the Belgian data protection authority.
9. Overview of Sub-processors
ProUnity shall have a general authorization to rely on sub-processors to run the platform services. Below the sub-processors are listed.
Purpose
|
Sub- processors
|
Name of Sub- processors
|
Location
|
Transfer tool
|
Hosting of ProUnity platform
|
Processor
|
Microsoft Azure
www.microsoft.com
|
USA,
server location:
The Netherlands
|
SCCs
|
Chat, communication, and Q&A page
|
Processor
|
Zendesk
www.zendesk.com
|
USA
|
SCCs
|
Development partner
|
Processor
|
Edgeless
www.edgeless.ro
|
Bucharest, Romania
|
SCCs
|
Emailing platform
|
Processor
|
Sendgrid
www.sendgrid.com
|
USA,
Ireland
|
SCCs
|
Emailing platform
|
Processor
|
Microsoft
www.microsoft.com
|
USA,
server location: Europe
|
SCCs
|