Last updated: September 5, 2018
Who is responsable for the processing of personal data?
When do we collect personal data and what personal data do we collect?
Your use of the app:
Mandatory personal data: identification data, contact data, personal characteristics
(e.g. date of birth), signature, geolocation, pictures, videos and audio on your device.
Optional personal data: place of birth, profession / occupation, pin code, …
It is important for you to know that we do not have access to the content of the video contacts as is. The contract will be encrypted. This means that the information is only readable for the organisers and the users of the app (parties of the video contract), not for other parties.
Your request for a newsletter:
Identification and contact data
Why do we collect this information and what are our legal grounds?
The mandatory information when using the app:
These personal data are necessary for the performance of our service
(legal basis contract) we offer e.g.
Identification data are necessary to identify you
Contact data are necessary to contact you
Date of birth is necessary to determine your legal capacity
Signature is necessary for the performance of our service: is needed to make the video contract legally binding
Your geolocation is necessary to make sure where the contract was recorded.This might be for legal concerns: determine the applicable national law, jurisdiction, … It is also necessary to update you on the information related to your jurisdiction.Usage of the app data are (anonymously) processed to provide improved functionalitiesand information during the process.
Access to the camera and audio of your device is necessary because our service is allowing you to make video contracts. When installing our app, we will therefore technically ask you to give access to your geolocation and the camera on your device.
If you disable the use of your geolocation or the access to the camera and audio on your device, the app will not allow you to add new video contracts. The contracts you stored and the personal data you provided, however, are still available for consultation or modifications (only personal data).
The optional information you can choose to share with us:
You are free to provide us (legal basis consent) with some optional information
(e.g. place of birth, occupation, profile picture, pin code, …). These personal data are not necessary for the performance of our service. You can withdraw this information at any time by logging into your account.
How long do we retain the personal data?
The mandatory information when using the app:
We retain the mandatory information at least for the duration of the legally defined retention period of the video contract and after the expiration date the personal data will be kept until both parties agree to delete it.
The optional information when using the app:
By giving us this extra information e.g. your profile picture, your profession, … you give us your consent to process it. We will retain these personal data until you withdraw your consent. At any time, you can manage this personal data by logging into your own account and delete this optional personal data.
When you request a newsletter:
We will only send you a newsletter at your own request (consent). At any time, you can send us an email stating that you no longer wish to receive information about us (email@example.com).
What rights do you have?
You have the right not to provide us with your personal data. If you are just visiting our website for instance. If you want us to reply at your request, we have to make use of the personal data you provide us with.
As a data subject you have certain rights but these are not absolute rights. They can only be exercised to the extent that they don’t override the rights and freedoms of other data subjects and the legal obligations of the controller. (Lexigogo BVBA in this case.)
Right of information:
Right of access:
All information we have on you can be found in the app. You can log into your account and consult/manage the personal data we hold from you.
Right of rectification:
You can rectify inaccurate personal data we have by logging into your account
Right to erasure:
At any time, you are able to delete the optional personal data you provided us with by logging into your own account.
You are even able to manage the mandatory information by deleting your account.
However, the ’right to erasure’ is not an absolute right. It can affect the rights and freedoms of others or conflict with a legal or contractual obligation of our organisation.
we shall not erase your personal data if we have a legal obligation to retain the data and the legally defined retention period is not over yet.
we shall not erase your personal data unless the legally defined retention period for the video contract has ended and both parties of the video contract have agreed.
We have a legitimate interest not to erasure personal data for the establishment, exercise or defence of legal claims.
Right of restriction of processing:
In certain cases (e.g. contestation of the accuracy of the personal data) your personal data will no longer be processed until the restriction is lifted.
Right of portability:
Where the processing of personal data is carried out by automated means, you have the right to receive the personal data which you have provided, in a structured, commonly used and machine-readable format so it can easily be transmitted to another controller.
Right to lodge a complaint:
If you consider that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgium Authority: Data Protection Authority Drukpersstraat 35, 1000 Brussels.
Who has access to your personal data and do we transfer your personal data?
Only employees authorised by Lexigogo BVBA have access to your personal data in order to execute their task and for the good of the service. The contracts will be encrypted.
Certain processing activities are carried out by a processor on our behalf and under our instructions. Processing by a processor is governed by a processing agreement so your privacy is guaranteed. The list of processors will be made available on request.
Outside these situations we will not transfer your personal data to third parties without your consent. Only if we are legally obliged or when agreed upon in a contract we will provide your personal data to third parties. In no case your personal data is sold, rented or made available by any other means to third parties without your consent.
In case personal data are internationally transferred to countries outside the EEA your privacy is guaranteed. We make sure that the appropriate safeguards are provided (countries that provide the necessary guarantees concerning the protection of personal data and that appear on the white list of the European Commission, have binding corporate rules, use standard contractual clauses, have approved code of conduct…) so your rights and legal remedies are guaranteed.
Cookies are small files which are stored on a user's computer when visiting a website. We use the following cookies: on our website Google Tag Manager and the app uses firebase.google.com/docs/analytics.
Essential – Google Tag Manager:
This cookie is indispensable for visiting our website and using certain parts of the websites. For instance, they allow you to navigate between the different parts of the websites, fill in forms. Even when you log in with your personal account, these cookies are needed to check your identity in a secure way before you are granted access to your personal data. If you refuse these cookies, certain parts of the website will not work, or will not work optimally.
We do not need your prior consent to use this cookie.
Analysis cookie – Firebase:
We use his cookie to obtain information about visitors' use of our app in order to improve the content of our app, adapt it to the wishes of visitors, and make it more user-friendly.
Because we only use an anonymous cookie for analysis purposes it is not subject to your prior consent.
How do we protect your personal data?
Because privacy is very important to Lexigogo BVBA. We have implemented appropriate technical and organisational measures to ensure the protection of your personal data against data breaches. Passwords are hashed and contracts are encrypted. Only the user is able to read them.
How can you contact us?
If you have any question regarding personal data we collect from you and how we use that data, you can contact us by filling in firstname.lastname@example.org.
GDPR: General Data Protection Regulation (EU) 2016/679)
Personal data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing of personal data: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Cookies: Cookies are small files which are stored on a user's computer when visiting a website. Cookies may collect personal data e.g. your IP-address.
Controller: Lexigogo BVBA.
Data breach: means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Processor agreement: a binding written agreement, which states that the processor shall only act on the controller's instructions; and that it provides sufficient guarantees to protect the personal data that it processes.
Retention period: the duration of time for which the information should be maintained or "retained. We will not keep your personal data longer than necessary for the purpose for which it was collected.