This version is in effect since November 11th, 2019. Last updated on June 4th, 2020.
Convexable - Nakama HR BVBA, a private limited liability company incorporated under Belgian law “Nakama”, with registered offices at 1930 Zaventem (Belgium), Da Vincilaan 1, registered with the Crossroads Bank for Enterprises under company number 0723.614.753, takes responsibility for the processing of your personal data as a "data controller" in accordance with article 4(7) EU General Data Protection Regulation (GDPR).
Nakama’s policy for the protection of your personal data is strictly compliant with the laws applicable in Belgium and the European Union:
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content (e.g. inquiries about our contact forms). You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
We use external service providers to support us in the operation of our website. These have been carefully selected and commissioned by us, are bound to our instructions, and are controlled regularly.
This collaboration is based on data processor agreements in accordance with Article 28 GDPR. As a rule, these external service providers who provide us with technical support (e.g. web hosters, programmers) have at least the possibility to access personal data. Such access is not intentional. However, we cannot rule out in individual cases that certain personal data are disclosed to these providers as part of their activity. From a data protection point of view, these are so-called recipients (Article 4(9) GDPR) of personal data.
We use the following external service providers:
2.1 Nakama does not collect sensitive information (e.g., data relating to race or ethnic origin, religious beliefs, criminal record, physical or mental health, or sexual orientation) from Visitors of the Website. Nakama shall, where necessary, obtain your explicit consent to collect and use such information.
2.2 Our Website collects only personally identifiable information that is specifically and voluntarily provided by you. Such information may consist of:
2.3 Nakama can obtain personal data through different means:
2.4 You are not obliged to provide us with your personal data, however you must understand that the delivery of several Nakama Services is not possible in case you refuse to provide us with certain personal data.
Nakama collects and processes your personal information for one overarching goal, i.e. to offer you a safe, comfortable and personalized experience each time you visit the Website.
The information we collect about you is primarily processed to help us ensure the proper technical functioning of our Website, if not for other system administration purposes, and to improve the quality and content of our Website – all based on the “legitimate interest” of Nakama to maintain and enhance her service.
That said, your personal data will only be processed for the following (internal) purposes:
At all times, you are free to change your mind at any time, and we don’t expect you to give any motivation thereto. You can do this by clicking the unsubscribe button below every promotional e-mail or any form of direct marketing.
In order to process your personal data, we provide access to our employees. Nakama will not disclose your personal data to third parties, unless it is necessary in the context of providing our services and/or optimising them. To that end, Nakama will appeal to third parties in order to:
These third parties will be obliged to only use your personal data if they can guarantee conformance with terms that are alike to those as set out this Policy. Consequently, Nakama won’t sell, hire out or pass on your personal data to third parties, except in the situations provided for in this policy or unless you explicitly and preliminary consent. It is however possible that Nakama will disclose your personal data:
Nakama will, if reasonably possible, try to inform you in advance of such transfers, unless revealing this information is subject to legal constraints. Additionally, you must be aware that informing you beforehand is not always possible technically, nor commercially.
Nakama only processes your personal information for as long as necessary. This means that we do keep a record of your data for as long as this is required or justified by the law or by another legal obligation, or for the period for which this would be necessary for the aforementioned purposes.
You have the right to freely obtain at any moment access to your personal data, as well as to be informed about the purpose of the processing by Nakama.
You have the choice to share your personal data with Nakama. You also have the right to request Nakama to rectify or have your personal data erased. You can also request the processing of your personal data to be restricted. You acknowledge that when you refuse to share data, or when you demand us to erase your personal information data, this will prevent us from providing you with several Nakama services.
If you have given your consent to the processing of your data, you can withdraw it at any time. Such a revocation influences the permissibility of processing your personal data after you have exercised the right to object.
Where we process data on the basis of legitimate interests, you have the right at any time, on grounds relating to your particular situation, to object to the processing of your personal data; this shall also apply to profiling based on these provisions. If you object to the processing, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims (right to object according to Article 21(1) GDPR.
Where your personal data are processed for direct marketing purposes, you shall have the right to object any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (right to object according to Article 21(2) GDPR). The objection is free of charge and can be done informally.
You have the right to obtain your personal data which is processed by Nakama in a structured, commonly used and machine-readable format and/or to transfer this data to another data controller.
When the processing is based on prior consent you have the right to withdraw this consent.
The processing of your personal data does not include profiling, nor shall you be subjected to automated decisions.
You can exercise the above mentioned rights by sending an e-mail - enclosing a copy of your identity card - to email@example.com.
If you have any complaints about the way Nakama collects, uses and/or processes your personal data, you have the right to file a complaint with the Belgian Privacy commission:
Commission for protection of personal life, Drukpersstraat 35, 1000 Brussels, Tel +32 (0)2 274 48 00, Fax +32 (0)2 274 48 35, e-mail:firstname.lastname@example.org.
This does not affect a procedure before the civil court. If you have suffered damages caused by the processing of your personal data, you can file a claim for damages.
6.1 Nakama undertakes all reasonable efforts to prevent (i) unauthorised access to your personal information, and (ii) loss, abuse or alteration of your personal data, by using physical, administrative and technological measures to protect the information maintained.
6.2 Unfortunately, no one – including Nakama – can guarantee 100% security when it comes to transmission or forwarding over the internet, or any method of electronic storage. In case of particular security concerns about certain personal information, it is up to you to decide not to transmit that information over the Internet.
6.3 Nevertheless, you are responsible for the provision of personal data to Nakama and can exercise a degree of control thereto. If certain information is incomplete or seemingly incorrect, Nakama reserves the right to, temporarily or permanently, postpone certain actions or other services.
A “cookie” is a small text file that is sent from the server of Nakama and is stored on your computer’s hard drive. This way we can remember your preferences when visiting our Website. The information stored through these cookies can only be read by Nakama and only for the duration of your visit to the Website.
As a result of recent amendments of the law, all websites focusing on certain parts of the European Union are obligated to ask for your permission in order to use or save cookies and similar technologies on your computer or mobile devices. This policy clearly and completely informs you about the cookies we use and their purpose.
Cookies can be subdivided based on their offspring, function and durability. Our Website only uses the following cookies:
• Strictly necessary cookies: As the name suggests these cookies are strictly necessary to enable you to move around the Website or to provide certain features that you have requested.
• Functionality cookies: These cookies enhance the functionality of the Website by storing the Visitor’s preferences.
• Tracking cookies: These cookies will outlast user sessions. If a persistent cookie has its max-age set to 1 year, then, within that year, the initial value set in that cookie will be sent back to the server every time you visit the server. This is used to record a vital piece of information such as how a Visitor initially came to this Website. For this reason, they are also called tracking cookies. For example, once you have selected your preferred language, our Website will record this preference in a persistent cookie set on your browser. When you revisit the Website, it will use that persistent cookie to ensure that the content is delivered in your preferred language.
• Third party cookies: For cookies set by third parties (Google Analytics, Linkedin, Facebook, HubSpot) we kindly refer you to the statements set forth by these parties on their respective websites.
When you first visit our Website, you express your implicit approval to accept our different kinds of cookies.
You can block Cookies by activating your browser settings which allows you to refuse the cookies. The rejection of these cookies may have the effect of not allowing you to use some functionalities on the Website.
More information on cookies can also be found via the following link: http://www.allaboutcookies.org information on online behavioural advertising and online privacy can be found via the following link: http://www.youronlinechoices.eu
You will find various contact forms on our website. The data collected shall depend on the respective form. Your data are collected for the following purposes:
The processing of the data is necessary in order to take steps prior to entering into a contract in accordance with Article 6(1)(b) GDPR or for the performance of a contract in accordance with Article 6(1)(b) GDPR.
We will store your data for as long as necessary to take steps prior to entering into a contract or for the performance of a contract, with the exception of data that we are not yet allowed to delete due to statutory obligations (e.g. documents that must be kept under tax and commercial law) and data required to safeguard legitimate interests, e.g. to assert claims.
You may at any time request that the personal data you transferred to us in a contact form are deleted from the database by sending an e-mail to email@example.com.
When you request a WEB DEMO, a TEST ACCOUNT, a PERSONALISED OFFER, a PERSONAL MEETING or DOCUMENTATION FREE OF CHARGE, or you are registering for a WEBINAR or a WEB CONFERENCE, we can also use the personal data you provide to us in the form for sales/marketing communications with your consent.
Such communications shall include:
The legal basis for this is the consent pursuant to Article 6(1)(a) GDPR. You can withdraw your consent at any time, and we will not contact you again. You can withdraw your consent by sending an e-mail to firstname.lastname@example.org or a message to the contact details shown in the Imprint.
In the case of web conferences we organise together with other companies, we transfer your data to these other companies when necessary so that these can also contact you for marketing purposes. This transfer only takes place if you have given us your express approval for this during your registration. The legal basis for this is the consent pursuant to Article 6(1)(a) GDPR. You can withdraw this consent at any time.
We sometimes transfer your data to external service providers so as to deliver our services more efficiently. We only work together with service providers who provide sufficient guarantees that suitable technical and organisational measures are implemented to ensure an adequate protection of your data. Where provided by law, we concluded data processor agreements with the following service providers in accordance with Article 28 GDPR. In addition, we ensure that the transfer of personal data outside the EU always takes place in compliance with the GDPR.
We use the following service providers:
For uniform representation of fonts, this page uses so-called web fonts provided by Google. Google Fonts are locally installed. No connection is established to the servers of Google.
We use Google Analytics to analyse and regularly improve the use of our website.
Cookie type: B
Data collected: see “Data Collected by Google Analytics“
Legal basis: Article 6 (1)(f) GDPR.
Storage period: up to 60 days
This website uses Google Analytics with the extension that anonymises IP addresses. As a result, your IP address will be truncated before being sent to Google, thus ruling out the identification of the user. Therefore, where the data collected about you contain any reference to persons, such reference will be immediately excluded. For those exceptional cases in which personal data are transferred to the USA, Google is subject to the EU-U.S. Privacy Shield.
You can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing this browser plug-in.
If you are visiting our website on a mobile device (e.g. smartphone or tablet), you can prevent data collection by Google Analytics by clicking on the following link . This will activate an opt-out cookie. If you delete your cookies, you must click on this link again.
Moreover, we use LinkedIn Marketing Solutions by LinkedIn Ireland Unlimited Company for marketing and optimisation purposes. With LinkedIn Marketing Solutions, we can analyse and regularly improve the use of our website.
Cookie type: B
Data collected: see “What data does the LinkedIn Insight Tag collect?“
Legal basis: Article 6 (1)(f) GDPR.
Storage period: up to 30 days
You can reject LinkedIn cookies by following this link.
We use the services of Google Ads Conversion to draw attention to our services by means of advertising materials (so-called Google Ads) on external websites. We can determine how successful our advertising measures are on the basis of the data of the advertising campaigns. We are interested in showing you advertisements that are of interest to you, in making our website more interesting for you, and in achieving a fair calculation of advertising costs.
These advertising materials are delivered by Google via so-called “Ad Servers”. For this purpose, we use ad server cookies, through which we can measure certain parameters for success such as the display of ads or clicks by users. If you are directed to our website via a Google ad, Google Ads will store a cookie on your device. These cookies usually expire after 30 days and are not used to personally identify you. As a rule, the analysis parameters stored with this cookie are the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions) and opt-out information (a mark indicating that the user no longer wishes to be addressed).
These cookies enable Google to recognize your Internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their device has not yet expired, Google and the customer can determine that the user has clicked on the ad and has been redirected to this page. Each Ads customer is assigned a different cookie. Therefore, cookies cannot be traced via the websites of Ads customers. We do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. We can determine which of the advertising measures used are particularly effective on the basis of these evaluations. We do not receive any further data from the use of advertising material; in particular, we cannot identify users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the extent and the further use of the data which are collected through the use of this tool by Google, and therefore inform you according to our level of knowledge: As a result of the integration of Ads Conversion, Google receives information that you accessed the corresponding part of our Internet website or you clicked on one of our advertisements. If you are registered with one of Google’s services, Google can associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.
As already described above, you can prevent cookies from being set by our website at any time by making the corresponding settings in your browser, thus permanently objecting to the setting of cookies. Such a setting of the browser you use would also prevent Google from setting a conversion cookie on your device. In addition, a cookie set by Google Ads can be deleted at any time using the browser or other programmes.
You have the possibility to object to personalised advertising by Google. To this end, you must go to this link from each of the browsers you use and carry out the desired settings there. Personalised advertisement can be deactivated here. For more information on Google Ads, go here.
Cookie type: C
Legal basis: Article 6 (1)(a) GDPR.
Moreover, we use LinkedIn Marketing Solutions by LinkedIn Ireland Unlimited Company for marketing and optimisation purposes. n addition to Google Ads Conversion, we also use the Google Remarketing application. After you visit our website, Google Remarketing will display our ads to you during your subsequent use of the Internet. This is done by means of cookies stored on your computer, through which Google records and evaluates your usage behaviour when visiting various websites. This is how Google can determine your previous visit to our website. According to Google’s own statements, Google does not merge the data collected in the context of remarketing with your personal data, which may be stored by Google. Google states in particular that it uses pseudonymisation for remarketing.
You have the possibility to object to personalised advertising by Google. To do so, you must go to this link from each of the browsers you use and carry out the desired settings there. Personalised advertisement can be deactivated here. For more information on Google Remarketing, go here.
Cookie type: C
Legal basis: Article 6 (1)(a) GDPR.
Social networks like facebook and twitter can carry out a comprehensive analysis of your usage behaviour when you visit their website or a website with integrated social media content (e.g. “like” buttons or advertising banners). Visiting our social media sites will trigger several processing activities relating to data protection. More specifically:
When you are logged in your social media account and you visit our social media site, the operator of the social media portal can associate this visit with your user account. However, your personal data may also be collected when you are not logged in or do not have an account with the respective social media portal. In this case, data are collected through cookies which are stored on your device, or through identification of your IP address.
Using the data collected in this manner, the operators of the social media portals can generate user profiles in which they store your preferences and interests. They can thus display interest-based advertisement to you within and outside the respective social media sites. In those cases in which you have an account with the respective social network, the interest-based advertisement can be displayed on all devices on which you are or were logged in.
The objective of our social media sites is to ensure the most comprehensive presence on the Internet. This constitutes a justified interest pursuant to Article 6(1)(f) DSGVO. The analysis processes triggered by the social networks may be based on diverging legal bases that must be indicated by the operators of the social networks (e.g. consent pursuant to Article 6(1)(a) GDPR).
When you visit one of our social media sites, we are responsible, together with the operator of the social media platform, for the data processing operations triggered by this visit. You can generally assert your rights (right to access, rectification, erasure, restriction of processing, data portability, and to lodge a complaint) both toward us and toward the operator of the respective social media portal.
Please keep in mind that, despite the joint responsibility with the social media portal operators, we do not have full control over the data processing operations of the social media portals. Our possibilities considerably depend on the company policy of the respective provider.
The data we directly collect through our social media sites will be deleted from our systems as soon as you request their deletion, revoke your consent for their storage, or the purpose for their storage no longer applies. Stored cookies remain on your device until you delete them. Any mandatory statutory provisions – especially those regarding data retention periods – shall remain unaffected by this provision.
We maintain a profile on facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.
On our website, you have the possibility to contact Nakama using the e-mail addresses and telephone numbers provided there. When you contact us through the above channels, we will store and process the resulting personal data for the purposes of dealing with your request.
Your information can be stored in our Customer Relationship Management (CRM) system. The data are not transferred to third parties in this context. All data are used exclusively for the processing of your request.
The legal basis for the processing of the data is Article 6(1)(f) GDPR (general requests). Where the data are processed in order to take steps prior to entering into a contract at your request, the legal basis shall be Article 6(1)(b) GDPR.
We process the personal data we collect solely for the purposes of effectively handling the requests addressed to us. These purposes also constitute our legitimate interest in processing personal data pursuant to Article 6(1)(f) GDPR.
We will retain the data you transfer to us in contact requests until you ask for their deletion, object to their storage, or the purpose for their storage no longer applies. The purpose for the storage of the data no longer applies when it becomes evident that the underlying issue has been conclusively settled.
You may at any time request that the personal data you transferred to us by e-mail, telephone, or telefax are deleted by sending an e-mail to email@example.com
If you give us your business card during an event, we will collect, store and use the personal data on the business card such as name, contact address, and e-mail address for the purpose of contacting you (by telephone/e-mail). To this end, the data will be forwarded to our Sales Department and will be stored in the sales management tool Pipedrive. The legal basis for this is Article 6(1)(b) GDPR, because we process the data as part of an initial business contact (implementation of a pre-contractual measure).
You may at any time request that the personal data from your business cards are deleted from the database by sending an e-mail to firstname.lastname@example.org.