Privacy Policy

latest update: 15/06/2019

This Privacy Policy applies to both our website (www.getachieved.com) and our Achieved Software as a Service (Saas) platform, which are offered by:

Achieved(hereafter “Achieved” and “We”)

Company number (VAT-BE): 0669 989 292

E-mail: privacy@getachieved.com

Feel free to get in touch if you have any privacy-related questions, we’re here to help!

1. Definitions

2. Why this Privacy Policy?

The personal data disclosed by the Data Subject enable us to identify the Data Subject as a natural person. The Data Subject is identifiable as soon as it is possible to create a direct or indirect link between one or more information and the Data Subject as a natural person.

We only use and process your personal data in accordance with the GDPR and any replacement legislation, or any similar regulation under any applicable law, and any regulatory requirements or codes of practice governing the use, storage or transmission of personal data. Every reference in this Privacy Statement to the “GDPR” is a reference to the Regulation of 27 April 2016 on the Protection of Natural Persons with regard to the Processing of Personal Data and on the Free Movement of such Data (General Data Protection Regulation).

Through this Privacy Policy, every Data Subject is informed of the processing activities ACHIEVED may carry out with his/her personal data. ACHIEVED reserves the right to modify this Privacy Policy at all times. Every substantial change will be clearly communicated to our customers. We advise however that Data Subjects consult our Privacy Policy regularly.

3. Who is responsible for the processing of your personal data?

3.1. On the Website

When you visit and use our Website, you may provide personal data, consciously or unconsciously, such as your contact information (via our contact form) and your navigational information (by the use of cookies). ACHIEVED is responsible for the processing of those personal data since ACHIEVED decides which personal data are being collected as well as the purposes and the means of the processing.

3.2. On the Platform

End-Users who use the Platform via the Licensee may create a user profile, download and share information on the Platform. The personal data of the End-Users are stored on our servers but we do not have any control over its collection and management. We process the personal data of the End-Users on behalf of the Licensee and in accordance with our agreements in that regard. We use the personal data of the End-Users only as necessary to provide and improve our Platform and the related services. End-Users are therefore advised to consult the Privacy Policy of the Licensee.

When they use the Platform, End-Users can publish and share external or embedded contents on the Platform. Those contents are hosted by a third party. ACHIEVED does not control what personal data are collected by the third party and what it will do with these data. External or embedded contents are thus not covered by this privacy policy.

3.3. (Sub-)processors

At any time, ACHIEVED is free to rely on processors or sub-processors who will process your personal data upon our request and on our behalf. Our processors are required to ensure the security and the confidentiality of your personal data and will always act on our documented instructions. We remain your point of contact at any time.

More specifically, we rely on processors for hosting, statistical, administrative and marketing purposes.

4. On what legal grounds are my data processed?

In accordance with the GDPR, ACHIEVED processes the personal data of the Data Subjects on the following legal grounds:

5. Which personal data are being processed?

ACHIEVED commits to only collect and process adequate and relevant personal data. We limit the collection of personal data to what is strictly necessary for the purposes for which the data are processed. The following categories of personal data are processed by ACHIEVED:

5.1 Personal information

Personal Information refers to any information that identifies you personally, such as your last name, first name, address, company name, login details, phone number and e-mail address and other information about yourself and your business. Personal information can also include financial information, such as bank details, invoices and payments. Based on the specific usage of the Platform by the Licensee, we can collect personal data on the End-Users, such as their name, login details and phone number.

These data are collected through our Website or the profile page of the End-User on the Platform. The amount of personal data collected depends on your use of our services.

5.2 Navigational Information

We use cookies on our Website and our Platform. By using cookies, we collect information about your computer and your navigational behaviour, such as your IP address, your geographical location, your browser type, the time and timeframe of your visit and the pages viewed. For more information concerning the cookies, we kindly refer you to our Cookie Policy.

6. For which purposes are my personal data being used?

The processing of your personal data is essential for the provision of the Website, the Platform and our related services. ACHIEVED commits to solely process your personal data for the following purposes:

7. Who receives your personal data?

Your personal data are processed for internal use within ACHIEVED. Your personal data will not be sold, passed on or communicated to any third parties, except in case you have given us your explicit prior consent. Please note that your personal data on the Platform are visible to all other End-Users within the Platform and to the Licensee.

8. How long do we store your personal data for?

Your personal data is stored as long as necessary to achieve the legitimate purposes set out in Article 5. They will be erased from our database as soon as they are no longer necessary to pursue those objectives or if the Data Subject validly exercises his/her right to erasure.

More specifically, the personal data of our prospects are retained for a period of five (5) years in our CRM from the time of their last activity.

In case of termination or expiration of the license agreement, ACHIEVED will undertake to delete all the personal data of the End-Users available on the Platform within thirty (30) calendardays.

9. What are my rights?

9.1 Guarantee of a legitimate and secure process of your personal data

Your personal data are always processed for the legitimate purposes set out in Article 5. They are collected and processed in an appropriate, relevant and non-excessive manner, and are not kept longer than necessary to achieve the intended purposes.

9.2 Right to access

If you can prove your identity, you have the right to obtain information about the processing of your data. You have the right to know the purposes of the processing, the categories of data concerned, the categories of recipients to whom the data are transmitted, the criteria used to determine the data retention period, and the rights that you can exercise on your data.

9.3 Right to rectification

Inaccurate, incomplete or outdated personal data may be corrected at any time.

9.4 Right to erasure (or “right to be forgotten”)

You also have the right to obtain the erasure of your personal data in the following cases:

9.5 Right to limitation of processing

In certain cases, you have the right to request the limitation of the processing of your personal data, especially in case of dispute as to the accuracy of the data, if the data are necessary in the context of legal proceedings or the time required to ACHIEVED to verify that you can validly exercise your right to erasure.

9.6 Right to object

You have the right to object at any time to the processing of your personal data for profiling and information purposes. ACHIEVED will stop processing your personal data unless it can demonstrate that there are compelling, legitimate reasons for the processing which prevail over your right to object. If you have validly exercised your right of opposition, you may ask ELIUM to delete your personal data.

9.7 Right to data portability

As End-User you have the right to obtain any personal data which you have provided us in a structured, commonly used and machine readable format. At your request, this data may be transferred to another provider unless it is technically impossible.

9.8 Right to withdraw yourconsent

You may withdraw your consent to the processing of your personal data at any time, for example for direct marketing purposes.

10. How to exercise my rights?

On the Platform, End-Users can directly access their personal data or edit their personal data via their profile page. They are also able to limit the processing of their personal data by setting their preferences. For all other privacy related questions or requests, End-Users must send a written request and proof of identity to the Licensee by registered mail or by email by using the contact information available on the “About” page of thePlatform.

Other Data Subjects must send a written request and proof of identity by registered mail to Achieved, 4A Avenue Demolder, B1342 Limelette (Belgium) or by email to privacy@getachieved.com. We will respond as soon as possible, and no later than one (1) month after receipt of the request.

11. Possibility to lodge a complaint

If you are not satisfied with the processing of your personal data by Achieved, you have the right to lodge a complaint with the competent Data Protection Authority (for Belgium: https://www.privacycommission.be).