PRIVACY & COOKIE NOTICE 

SUMMARY: 

We take our obligation to protect your privacy seriously!

That is why we provide you with this 2-minute summary, containing the necessary information on how we process your Personal Data.

What you should know:

First of all : you always remain in control of your data.

To whom does this Privacy Notice apply?

This notice applies to any person whose Personal Data we may collect, use, share or otherwise process, and in particular:

  • Visitors and users of the Velopass Website (www.velopass.com); 
  • Customers who purchase products via the Velopass Website (www.velopass.com)
  • (Representatives of) business partners working with Velopass in connection with Velopass’s business activities;
  • (Representatives of) Suppliers of goods or services, IT-suppliers, consultants, lawyers, accountants and other third parties in contact with Velopass;
  • Applicants applying for a position at Velopass;
  • All Other Persons from whom Velopass may process Personal Data, with the exception of those using the Velopass web-application, for whom a dedicated Privacy Notice is made available and communicated via the web-application.

What information do we collect about you?

  • When you contact us or enter into a contract with us as a customer, (prospective) business partner or supplier, we may collect and process your contact data (such as your (employer/company) name, e-mail address or telephone number); financial data (such as bank account numbers and transaction details); shipping details (such as your address) and contractual data (such as the date and type of our agreement).
  • By applying for a position at Velopass, we collect the information you provide to us, such as identification details, CV and cover letter.
  • If you contact us through any medium, we collect information about the communication you have had with Velopass, including content and technical data.
  • Finally, we use cookies to collect information about your use of our Website.

Why do we collect this information?

  • To respond to your requests.
  • To establish and/or maintain our contractual relationship.
  • To provide you with requested information and carry out our business activities.
  • To evaluate your job application.
  • Finally, to offer and improve our Website.

Who has access to your data?

  • Only that part of Velopass’s team that needs your data for its operations has access to your information.
  • Furthermore, we use some suppliers and service providers, such as, but not limited to, those offering computer security services, digital solutions and web hosting services. These parties are required by law to ensure your privacy at all times and will only process personal data in accordance with our purposes.
  • Finally, a third party may be commissioned to process personal data. However, they can only do so for the above mentioned purposes, on our behalf and after signing a data processing agreement.

What are you in control of?

  • You can ask us to change or delete your data at any time. To do so, please send us an e-mail to support@velopass.com and follow the procedure described in our full Privacy Notice under article 5.7.
  • You can also request a copy of all the information we have collected about you at any time by sending an e-mail to the same address.

What do we do to protect your data?

  • We adopted the required safety measures on a technical and an organizational level;
  • Your data is stored on high-security servers within the European Union;
  • In order to improve our services, Velopass may use the data you provided. However, at all times, Velopass shall use this data in a GDPR-compliant form, using state of the art software and solutions;
  • We have implemented internal procedures to ensure the confidentiality of our IT-infrastructure and to make sure it is managed responsibly.

If you want to know more: we invite you to read our entire Privacy Notice below, which explains everything in further detail.

 

ARTICLE 1 – GENERAL 

1.1Velopass BV, (hereinafter “we“, “us“, “our” or “Velopass“), with its registered office at Stokerijstraat 29 (box a1), 2110 Wijnegem, Belgium and registered with the Crossroads Bank for Enterprises under enterprise number 0777.359.681, assumes responsibility for the processing of your Personal Data as “Controller“, including the use of the Velopass Website (www.velopass.com) (hereinafter “Website”).

Our Privacy Notice can be subject to future amendment and modification. In this event we will notify you with an invite to take a look at these changes, which we will clearly indicate in the Privacy Notice.

1.2 In our Privacy Notice, “Personal Data means any information relating to an identified or identifiable natural person. We may collect, use, share or otherwise process Personal Data of individuals belonging to the following categories:

  1. Visitors and users of the Velopass Website (www.velopass.com) (hereinafter “Visitors“)
  2. Customers who purchase products via the Velopass Website (www.velopass.com) (hereinafter “Customers“)
  3. (representatives of) Business Partners working with Velopass in the context of its business activities (hereinafter “Business Partners“)
  4. (Representatives of) Suppliers of goods or services, including IT Suppliers, consultants, lawyers, accountants and other third parties working with Velopass (hereinafter “Suppliers“)
  5. Applicants applying for a position at Velopass (hereinafter “Applicants“)
  6. All Other Persons from whom Velopass may process Personal Data (hereinafter “Other Persons“), with the exception of those using the Velopass web-application, for whom a dedicated privacy notice is made available.

1.3 The collection and processing of Personal Data is governed by strict conditions, enforced by the law. We act in accordance with:

  1. the EU Regulation of 2016 concerning the protection of individuals with regards to the processing of personal data, regarding the free movement of such data and repealing Directive 95/46/EC; (hereinafter “GDPR”); and/or
  2. all (future) Belgian applicable laws regarding the implementation of the GDPR or regarding the processing of Personal Data.

1.4 Accessing or using our Website (www.velopass.com) implies your full and unreserved understanding of this Privacy Notice. This means that you are fully informed about how we collect, use and process your Personal Data, in accordance with the provisions of this Privacy Notice and for the purposes outlined therein.

1.5 This Privacy Notice applies only to the pages hosted on our Website and to the business activities conducted by Velopass. It does not apply to the pages and Websites of third parties to which we may refer or link and whose privacy policies may differ. Velopass will therefore not be responsible for the data contained on or processed by these third-party Websites. 

ARTICLE 2 – CATEGORIES OF PERSONAL DATA PROCESSED

For the purposes outlined in Article 3, Velopass may process the following categories of your Personal Data:

 

Data Category Relevant Data Subjects Details Context
Category 1

(Professional) identification and contact data

  • Customers
  • Business partners
  • Suppliers
  • Applicants
  • Other persons 
  • First name, surname, phone number, e-mail address, address and country;
  • Payment details and delivery information related to the purchase of a product on our Website;
  • Information about your employer or company, such as company name, business address, billing details and VAT number;
  • Where applicable: social media information, such as your (company) username/names on your social media;
  • Information about our/your communications, including content, IP address and technical details.
  • By contacting us, via phone, e-mail or any other communication channel; 
  • By making a purchase on our Website;
  • By (considering) entering into a business relationship with us (e.g. when you enter into a contract with us as a business partner, supplier, etc.); 
  • By giving out your business card;
  • Through social media (for example, when you follow us or contact us on LinkedIn).
Category 2

(Pre-)contractual data (to the extent that it constitutes Personal Data)

  • Customers
  • Business partners
  • Suppliers
  • Data relating to agreements you have entered or will enter into with Velopass (e.g. date and type of agreement, financial data and other Personal Data relating to the agreement ).
  • By (considering) entering into an agreement with us.
Category 3

Your data as an applicant

  • Applicants
  • First name, surname, phone number, e-mail address, address, (optional) photo and country;
  • CV and cover letter.
  • By applying for a position or internship at Velopass.
Category 4

Your communication via our business relationship or Website

  • Customers
  • Visitors
  • Business partners
  • Suppliers
  • Information about your communications with Velopass, through our Website or as a result of our business relationship, including technical details and content.
  • By contacting us, by phone, e-mail or any other communication service;
  • By (considering) entering into a business relationship with us and communicating with us in that context.
Category 5

Information about your visit and use of our Website

  • Customers
  • Visitors 
  • See Article 8 – Cookies
  • By setting cookies (see Article 8 – Cookies)

 

ARTICLE 3 – LEGAL BASIS AND PURPOSE OF PROCESSING

We only process your Personal Data when we have a specific purpose and lawful basis to do so. Furthermore, we only process what is relevant for the pursuit of each specific purpose, in particular: 

3.1 General purposes

Data Category Legal basis Purpose
Category 1

(Professional) identification and contact data

Necessary for the performance of a contract 

(Art. 6.1, b) GDPR)

or 

Our legitimate interests

(Art. 6.1, f) GDPR)

or

Your consent

(Art. 6.1, a) GDPR)

We may process your (professional) identification and contact data set out in Category 1 to provide our services, conduct our business activities, manage the contractual relationship we may have with you, deliver our products in case of a purchase on our Website, answer your queries, provide information, advise you on our products/services, etc.

Depending on the specific circumstances, some of these processing activities will be necessary for the performance of a contract we have entered into or will enter into with you. Others will be necessary to pursue our legitimate interests. Finally, if required by law, we will seek your prior consent before processing certain of your Personal Data.  

Category 2

(Pre-)contractual data (to the extent that it constitutes Personal Data)

Necessary for the performance of a contract 

(Art. 6.1, b) GDPR)

We may process your contractual data set out in Category 2 to manage the commercial and contractual relationship we (will) have with you (e.g. for payment and billing purposes).
Category 3

Your data as an applicant

Necessary for the performance of a contract 

(Art. 6.1, b) GDPR)

or 

Our legitimate interests

(Art. 6.1, f) GDPR)

or

Your consent

(Art. 6.1, a) GDPR)

We may process your data as an applicant set out in Category 3 to evaluate your application and pursue a recruitment policy.

Depending on the specific circumstances, some of these processing activities will be necessary for the performance of the contract we are considering entering into with you. Others will be necessary to pursue our legitimate interests related to the improvement of our recruitment policy and process. Finally, if required by law, we will seek your prior consent before processing certain of your Personal Data.  

Category 4

Your communication via our business relationship or Website

Necessary for the performance of a contract 

(Art. 6.1, b) GDPR)

or

Your consent

(Art. 6.1, a) GDPR)

We may process your communication set out in Category 4 insofar this is necessary in connection with the performance of the agreement we have entered into or are considering entering into with you. 

We may also process your communication based on the consent you have given by actively contacting us through our Website.

Category 5

Information about your visit and use of our Website

Your consent

(Art. 6.1, a) GDPR)

or 

Our legitimate interests

(Art. 6.1, f) GDPR)

We may process information about your visit and use of our Website set out in Category 5 to:

  • facilitate the availability and use of the Website; 
  • analyze, adapt and improve the content of the Website;
  • personalize your experience on the Website;
  • maintain and improve the security of our Website;
  • generate statistics. 

For more information, we refer to Article 8 – Cookies.

3.2 Direct marketing

If we have obtained your electronic contact details in the context of providing our services, we may use your electronic contact details to send you, via e-mail, promotional material regarding similar services we may offer. This is based on our legitimate interest. 

Other promotional material, concerning non-similar services we may offer, will only be sent to you if you have given us your prior consent to do so.

We may also transfer some of your Personal Data to our data processors, for direct marketing purposes relating to our services.

We will at all times offer you a GDPR-compliant way to opt out of receiving such emails at any time, free of charge and without motivation, for example by clicking the unsubscribe button at the end of every promotional email or by sending an email to support@velopass.com. 

3.3 Transfer to third parties

We treat your Personal Data as confidential information and will not disclose or communicate them to third parties under any condition or for any purpose other than those specified in this Privacy Notice, or under the conditions in which the law requires us to do so.

We may disclose your Personal Data to third parties to the extent that this is necessary to be able to carry out our business activities, including but not limited to suppliers and service providers that offer services related to IT-support, hosting, computer security or other specific services. In any case, these third parties will not disclose your Personal Data to other third parties, except in the following situations: 

  • the communication of your Personal Data by such third parties to their suppliers or subcontractors is necessary to be able to carry out our business activities;
  • such third parties are obliged by applicable law or regulations to communicate certain information or documents to the competent authorities. 

We will not sell or hire out your Personal Data to third parties, except in the situations described in this Privacy Notice or unless you explicitly provide your prior consent.

In the event of total or partial reorganization of Velopass, transfer of Velopass’s activities or in the event of Velopass being declared bankrupt, your Personal Data may be transferred to new entities or third parties. If reasonably possible, we will inform you in advance of the fact that Velopass transfers your Personal Data to such third parties.

3.4 Legal requirements

In extraordinary circumstances it may occur that we are obliged to transfer your Personal Data following a court order, or in order to comply with imperative laws and/or regulations. We will, if reasonably possible, try to inform you beforehand, unless revealing this information is subject to legal constraints.

 

ARTICLE 4 – DURATION OF THE PROCESSING

We will store your Personal Data for the duration necessary to achieve the purposes listed in Article 3 of this Privacy Notice, including for as long as this is necessary for the contractual relationship between you and Velopass.

We may also store your Personal Data in order to comply with applicable laws or as part of legal requirements, including storage obligations after the termination of the contractual relationship between you and Velopass. Therefore, the retention periods mentioned below shall not apply where we are legally obliged to store your Personal Data for shorter or longer periods of time, including by applicable statutes of limitation for invoicing, payment, accounting, tax and regulatory compliance.  

Retention periods:

Data Retention period
Category 1

(Professional) identification and contact data

Your Personal Data contained in Category 1 will be retained for as long as necessary to communicate with you, i.e. never longer than two (2) years after the first request or contact. 

In case of a contractual relationship, we will not retain your identification data for longer than necessary for the purposes set out in this Privacy Notice, which may be up to seven (7) years after the end of the contractual relationship (in accordance with applicable tax legislation).

Category 2

Contractual data (to the extent that it constitutes Personal Data)

Your Personal Data contained in Category 2 will be retained for as long as necessary for the purposes set out in this Privacy Notice, i.e. for seven (7) years after the end of the contractual relationship (in accordance with applicable tax legislation).
Category 3

Your data as a job applicant

Your Personal Data contained in Category 3 will be retained for no longer than six (6) months after the last qualitative contact with you as an Applicant. 
Category 4

Your communication via our business relationship or Website

Your Personal Data contained in Category 4 will be retained for as long as necessary to communicate with you, i.e. never longer than two (2) years after the first request or contact. 

In case of a contractual relationship, we do not retain your communications through our services for longer than seven (7) years after the end of the contractual relationship (in accordance with applicable tax legislation).

Category 5

Information about your visit and use of our Website

With regard to cookies, we refer to Article 8 – Cookies.

ARTICLE 5 – YOUR RIGHTS

5.1 Right of access and right to obtain a copy

At any time, you have the right to request access to your Personal Data, as well as to be informed about the purpose of the processing.

5.2 Right to rectification, erasure or restriction

You always have the right to ask to rectify your Personal Data when you think it is inaccurate.

You can also request the processing of your Personal Data to be restricted if you think that your data is inaccurate, and you subsequently have made notification of this.

In addition, you have the right to ask to erase your Personal Data as far as it is not possible to anonymize it.

5.3 Right to object

You have the right to object to the processing of your Personal Data when you have and provide serious and legitimate reasons to do so. 

You also have the right to object to the use of your Personal Data for direct marketing purposes. In such a case, you do not need to provide a specific reasoning for your objection.

5.4 Right to data portability

You have the right to obtain your Personal Data in a structured, commonly used format and/or to transfer this data to another data controller.

5.5 Right to withdraw consent

When the processing of your Personal Data is based on your prior (explicit) consent, you have the right to withdraw this consent at any time. 

5.6 Automated decisions and profiling

You have the right to request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

5.7 Exercising your rights

You can exercise your rights by contacting us with a copy of the essential parts of your ID, such as name and date of birth, as attachment:

Either through e-mail to: support@velopass..com;

Or via ordinary mail to: Velopass BV, Stokerijstraat 29/box a1, 2110 Wijnegem, Belgium.

5.8 Right to file a complaint:

You have the right to file a complaint with Velopass’s supervising Data Protection Authority:

Autorité de la protection des données – Gegevensbescherming Autoriteit (APD –  GBA)
Address: Drukpersstraat 35, 1000 Brussels, Belgium
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
E-mail: contact@apd-gba.be  

This is without prejudice to proceedings before the civil courts. If you are from an EU Member State other than Belgium, you may also file a complaint with your national data protection authority (a list of the data protection authority for each EU-member state can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en). 

If you have suffered damage as a result of the processing of your Personal Data, you may file a claim for compensation.

 

ARTICLE 6 – SECURITY AND CONFIDENTIALITY

We have adopted security measures which are suited on a technical, organizational and physical level to avoid the destruction, the loss, the forgery, the adjustment, the non-authorized access or the accidental disclosure of your Personal Data to a third party, as well as the non-authorized processing of these data. 

Nevertheless, should these events still occur and affect your Personal Data, we will inform you of the breach without undue delay, including a summary description of the potential impact and a recommendation on measures to mitigate the possible adverse effects of the breach. 

We shall not be liable in any way for direct or indirect damages caused by a wrongful or improper use of the Personal Data by a third party.

At the same time, you also share responsibility for maintaining the privacy and security of the Application, for example: by not allowing any third party to have insight into your confidential information.

 

ARTICLE 7 – APPLICABLE LAW AND JURISDICTION

This Privacy Notice is managed, interpreted and executed in accordance with Belgian law which exclusively applies to every potential dispute.

The courts of Antwerp have exclusive jurisdiction to settle any dispute arising out of or in connection to the interpretation or execution of the present Privacy Notice.

 

ARTICLE 8 – COOKIES

8.1 What are cookies and why do we use them?

A “cookie” is a small file sent by Velopass’s server and placed on your computer’s hard drive. The information stored on these cookies can only be read by Velopass and only for the duration of the visit to the Website.

Our Website uses cookies and similar technologies to distinguish your preferences for use from those of other users of our Website. The cookies we use are safe and help us to provide you with a better user experience when you visit our Website.

8.2 Types of cookies

There are many different cookies that can be distinguished according to functionality, origin or storage period. Below we provide a general description of the types of cookies relevant in the context of a website. In article 8.3, a detailed overview is given of the specific cookies that are used on our Website.

Type Function
Essential/Strictly necessary cookies These cookies are necessary for a website to function and cannot be disabled. They are usually set only in response to actions you have taken, such as setting your privacy preferences, logging in or filling out forms. They are necessary for good communication and facilitate navigation (e.g. returning to a previous page, etc.).
Functional cookies These cookies increase the user-friendliness of a website by remembering your choices (e.g. language preferences) and offer improved functionality and personalisation to the visitor. These cookies ensure that certain settings are personalized at your request. If you do not accept these cookies, this may affect the performance and functionality of a website and may restrict access to content on said website. These cookies can be set by the website provider or by external providers whose services the website provider has added to the website.
Performance/Analytical cookies These cookies collect information about the use of a website such as the number of visitors, the time visitors spend on a web page and any error messages. They help a website provider to improve the performance of a website.  These cookies do not identify you as an individual.
Targeting/Advertising cookies These cookies are used to deliver content that is more relevant to you. They can be used to deliver targeted ads or to reduce the number of times you see an ad. They also help measure the effectiveness of advertising campaigns on a website. These cookies may be used to remember websites you have visited and may share this information with other parties, including advertisers. These cookies can also be set by advertising partners through the particular website. They may be used by those companies to create a profile of your interests and show you relevant advertisements on other sites.
First & Third party cookies First party cookies are cookies that are sent from servers or domains of the website provider, from where the requested service is offered. Third party cookies are cookies that are sent to your browser from a server or domain that is not managed by the website provider, but by a cooperating organisation. Only these third parties have access to these cookies and the information collected by the cookie. If you would like to know more about these cookies, we refer you to the cookie notice these parties offer on their respective websites. Please note that we have no influence on the content of this notice or on the content of these third party cookies.

8.3 Overview of cookies

First Party Cookies

Domain: www.velopass.com 

Name Cookie Type Cookie Description Retention Period
woocommerce_geo_hash Strictly necessary WooCommerce sets this cookie to help ensure we display the correct pricing etc. to customers, according to their billing country. 1 hour
_icl_visitor_lang_js Functional WordPress (WPML) sets this cookie to store the redirected language. 1 day
wpml_browser_redirect_test Functional This cookie is set by WordPress (WPML) plugin and is used to test if cookies are enabled on the browser. Session
userLanguageSelection Functional Saves the user’s language choice. 1 year, 1 month and 3 days
woocommerce_cart_hash Functional Used by WooCommerce to store shopping cart data. Session
woocommerce_items_in_cart Functional Stores how many items are in the cart. Session
wp_woocommerce_session_c8dc41fa738ed37c85e480b8434d2372 Functional Contains a unique code for each customer so that WooCommerce knows where to find the shopping cart data in the database for each customer. 2 days
tk_ai Functional Used by WooCommerce to store a unique ID for tracking. 1 year, 1 month and 4 days
tk_qs Functional Used by WooCommerce to store behavioural traces. 1 day
_ga_* Analytical Google Analytics sets this cookie to store and count page views. 1 year, 1 month and 4 days
woocommerce_geo_hash Strictly necessary WooCommerce sets this cookie to help ensure we display the correct pricing etc. to customers, according to their billing country. 1 hour
_icl_visitor_lang_js Functional WordPress (WPML) sets this cookie to store the redirected language. 1 day
wpml_browser_redirect_test Functional This cookie is set by WordPress (WPML) plugin and is used to test if cookies are enabled on the browser. Session
userLanguageSelection Functional Saves the user’s language choice. 1 year, 1 month and 3 days
woocommerce_cart_hash Functional Used by WooCommerce to store shopping cart data. Session
woocommerce_items_in_cart Functional Stores how many items are in the cart. Session
wp_woocommerce_session_c8dc41fa738ed37c85e480b8434d2372 Functional Contains a unique code for each customer so that WooCommerce knows where to find the shopping cart data in the database for each customer. 2 days
tk_ai Functional Used by WooCommerce to store a unique ID for tracking. 1 year, 1 month and 4 days
tk_qs Functional Used by WooCommerce to store behavioural traces. 1 day
_ga_* Analytical Google Analytics sets this cookie to store and count page views. 1 year, 1 month and 4 days
_ga Analytical Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. 1 year, 1 month and 4 days
mf_user Analytical Mouseflow sets this cookie to identify whether a visitor is new or returning. 3 months
tk_or Analytical JetPack plugin sets this referral cookie on sites using WooCommerce, which analyzes referrer behavior for Jetpack. 1 year, 1 month and 4 days
tk_r3d Analytical JetPack installs this cookie to collect internal metrics for user activity and improve user experience. 3 days
tk_lr Analytical JetPack plugin sets this referral cookie on sites using WooCommerce, which analyzes referrer behaviour for Jetpack. 1 year

 

Third Party Cookies

Name Cookie Type Cookie Description Retention Period
_ga Analytical Used by Google Analytics to differentiate users. 1 year, 1 month and 4 days
mailchimp_landing_site Analytical Used by Mailchimp to track which page the user came to the website from. 1 month
_ga_FSV4R3GYDT Analytical Used by Google Analytics for session measurement. 1 year, 1 month and 4 days
mf_233b07cc-8699-4869-8341-028e2f29744c Functional Used by Mouseflow for session recording and heatmaps. Session
mf_user Functional Used by Mouseflow to store a unique ID for repeat visits. 1 month and 12 days
cookieyes-consent Functional Used to store the user’s cookie consent. 1 year, 1 month and 3 days

8.4 Your consent

On your first visit to our Website, you will be asked to accept non-essential cookies used by us. You can change the cookie settings for our Website at any time via the hyperlink at the bottom of our Website and thus withdraw your consent.

You can refuse or block cookies by changing the configuration parameters of your navigation system. Disabling cookies may mean that you will not be able to use certain functionalities of the Website.

For more information on how to set your browser, please refer to the following links:

Google Chrome

https://support.google.com/chrome/answer/95647?hl=en&sjid=12181039658259662986-EU  

Safari

https://support.apple.com/kb/PH19214?locale=en_US 

Internet Explorer

https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d  

Mozilla Firefox

https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox  

Currently, some browsers offer a “do not track” or “DNT” option that sends a signal to websites indicating a visitor’s tracking preference. Velopass is not currently responding to these signals, as no common industry standard for DNT has been adopted by industry groups, technology companies or regulators. The third parties that place cookies on our Website may or may not respond to any such signals however.

Please note that changing the settings may cause a website to not work as expected.

More information about cookies can also be found via the following link: 

http://www.allaboutcookies.org/  

More information about online behavioral advertising and online privacy can be found via the following link: 

http://www.youronlinechoices.eu/ 

 

My bike
in my name