Privacy Policy

We are committed to maintaining robust privacy protections for our users. This Privacy Policy is designed to help you understand how we collect, use and safeguard the information you provide to us and to assist you in making informed decisions when using our Service.

As you read our Privacy Policy, please keep in mind that it applies to all Sparkcentral companies as defined below.


(I) DEFINITIONS

In addition to other terms defined elsewhere in this Privacy Policy, within the scope of this Privacy Policy, the following terms shall have the following meaning:

 Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data;

EU Privacy Law: Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (the ”GDPR”), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the Processing of Personal Data and privacy;

Processor: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller;

Recipient: A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not;

Third Party: A natural or legal person, public authority, agency or body other than the data subject, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorized to process Personal Data;

Supervisory Authority: An independent public authority which is established by a Member State pursuant to Article 51 of the GDPR;

Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Standard Contractual Clauses: Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.

Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

Representative: A natural or legal person established in the Union who, designated by the Controller or Processor in writing pursuant to Article 27 of the GDPR, represents the Controller or Processor with regard to their respective obligations under this Regulation.

(II) WHO ARE WE?

This Privacy Policy applies to all Personal Data collected by Sparkcentral in connection with the services we offer. References to “Sparkcentral”, “we”, “us” or “our” in this Privacy Policy include both of the following entities:

Belgium

(head office and main establishment)

Sparkcentral Europe NV

BE 0568.564.411

Kempische Steenweg 311 b6.01

B – 3500 Hasselt

BELGIUM

Responsible person for data protection:
Pieter Lievens
pieter.l@sparkcentral.com

United States

 

Sparkcentral Inc.

Mission Street 535 Floor 17

CA 94105 San Francisco

UNITED STATES

For the purposes of this Privacy Policy, “Service(s)” refers to our service which can be accessed via our website at www.Sparkcentral.com.  “You” refers to you, as a user of our Service.

In the context of our Service(s), we collect hold, disclose, and/or otherwise process Personal Data. For the purposes of EU Privacy Law (including, without limitation, the GDPR), depending on the type of Personal Data processing described in this Privacy Policy, Sparkcentral Europe NV or Sparkcentral Inc. may be operating as a sole or joint Controller. If operating as joint Controllers, both entities jointly determine the means and purposes of the Processing of your Personal Data. What this means for you is that you can exercise your rights against either of the joint Controllers by contacting either company as set out below.

As required by Article 27 GDPR, Sparkcentral Inc. designates Sparkcentral Europe as Representative in the European Union.

(III) IMPORTANCE OF THIS PRIVACY POLICY

We value your right to privacy and make every effort to protect your Personal Data in accordance with the EU Privacy Law and the applicable national data protection legislation.

We believe that our Privacy Policy complies with the notice requirements under the California Consumer Privacy Act of 2018, as amended (“CCPA”).

In this Privacy Policy we explain how we collect your Personal Data, how and for which purposes we may use your Personal Data and to whom we may disclose your Personal Data. This Privacy Policy also includes important information regarding your rights with respect to the Processing of your Personal Data.

Attention: By sharing your Personal Data with us, we expect that you read this Privacy Policy carefully. Please be aware that for certain Processing of your Personal Data we will need to ask your consent (e.g. if we want to send you an electronic newsletter or use tracking cookies). For other types of Processing, the law provides us other legal grounds.

(IV) PERSONAL DATA WE COLLECT

In the context of our business, we collect and process “non-personal data” and “Personal Data.”  Non-personal data includes information that cannot be used to personally identify a natural person, such as anonymous usage data and general demographic or statistical information we may collect.

We collect the following Personal Data of you as user of our Service:

  • Personal identification data: name, email address, passwords and account information of persons registering with the Service;
  • Electronic identification data: IP addresses, information collected via Cookies (read our Cookie Policy);

This Personal Data is collected in various ways:

  • Directly from you when you provide us with your Personal Data, e.g. through the registration process at our website or when you contact us with a question;
  • Through cookies;

 (V) PURPOSES AND LEGAL BASES OF THE PROCESSING

We use your Personal Data for the following purposes:

  • For customer relations management;
  • For the handling of user/customer inquiries and complaints;
  • For providing technical support;
  • For the management of our website;
  • To provide you with information requested by you;
  • For marketing purposes, i.e. for our electronic mailings (if you had subscribed to them);

For your perfect information, you can find hereinafter the legal grounds applicable to these Processing activities:

  • For the Processing of your Personal Data for the delivery of our Service, for the follow-up on sales and invoicing, to provide you with certain information with respect to purchased services, or in the context of complaint handling, we rely upon the necessity for the performance of a contract;
  • In all other cases, the Processing of your Personal Data is based on our legitimate business / commercial interests (i.e. the interest of contacting you as a prospective user of our Service, of informing customers of our Service, and to promote our business in general, both online and offline, and the interest of obtaining information about preferences of our customers).
  • For the Processing of your Personal Data for electronic direct marketing purposes (tracking and analyzing your interests, sending our electronic newsletter), we rely upon your opt-in consent. Only if you have unambiguously stated that you would like to receive our electronic newsletter (you are entirely free to do this), we will register you for our electronic mailings.

Note that you have the right to withdraw that consent at any time, free of charge, and without this having any negative implications for you. You may do so by e-mail (see below) or via the opt-out link included in each of our marketing mailings.

(VI) WITH WHOM WE SHARE YOUR PERSONAL DATA

We may share your Personal Data with the following actors:

  • With our service providers (‘Processors’): in the context our Services, we may share your Personal Data with Third Parties (to the extent this is required for said Third Party to render a service), in particular with service providers (e.g. marketing agencies who organize email communications for us) that act as our ‘Processors’;
  • Within our group of undertakings: note that we have an affiliate in Belgium and in the United States (see below for the appropriate safeguards provided);
  • With our external law firms in case of (threatened) litigation;
  • With government authorities in case we have a legal obligation to do so;
  • With acquirer(s) of our assets: In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Data may be among the assets transferred. Any acquirer of our assets may continue to process your Personal Data as set forth in this Privacy Policy. If our data Processing practices change at any time in the future, we will post the policy changes to our website and/or inform you by e-mail of our revised Privacy Policy so that you may opt out of the new data Processing practices.

We will implement appropriate legal and technical safeguards when transferring your Personal Data to third parties.

Unless clearly provided for in this Privacy Policy, we will not sell, trade, rent or otherwise transfer or share for marketing purposes your Personal Data with third parties without your prior explicit consent.

PRIVACY SHIELD STATEMENT

To the extent Sparkcentral Inc. collects or processes Personal Data either on Sparkcentral’s website or through the use of the Services and to the extent Sparkcentral Inc. cannot rely on Standard Contractual Clauses, Sparkcentral Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Data transferred from the European Union and Switzerland to the United States, respectively. Sparkcentral Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view the certification for Sparkcentral Inc., please visit: https://www.privacyshield.gov/.

Sparkcentral Inc.‘s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Sparkcentral Inc. remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Sparkcentral Inc. proves that it is not responsible for the event giving rise to the damage.

If you have an unresolved privacy or data use concern that Sparkcentral Inc. has not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (at no cost to you) at https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim.

For any Privacy Shield disputes that cannot be resolved by the methods above, you may be able to invoke a binding arbitration process under certain conditions. To find out more about the Privacy Shield’s binding arbitration scheme, please see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

The Federal Trade Commission has investigation and enforcement authority over Sparkcentral’s compliance with the Privacy Shield.

(VII) HOW WE PROTECT YOUR PERSONAL DATA

We implement the necessary administrative, technical and organizational security measures designed to protect your information and to ensure a level of security appropriate to the specific risks that we have identified. We protect your Personal Data against destruction, loss, alteration, unauthorized disclosure of or access to Personal Data transmitted, stored or otherwise processed. Sparkcentral is ISO 27001 certified and will make every effort to maintain this certification indefinitely. Technological security measures we implement to protect your data include sufficiently strong encryption, firewalls and secure socket layer technology (SSL).

Your account is protected by your account password and we urge you to take steps to keep your Personal Data safe by not disclosing your password and by logging out of your account after each use.  We strongly recommend that your password is as at the very least eight (8) characters long, is composed of a combination of alphanumeric characters and contains at least one capitalized character and a character such as #, !, ?, *. We reserve the right to enforce these recommendations when you are creating a password on our website.

More information on our protection measures is available upon simple request.

(VIII) RETENTION PERIOD

Your Personal Data will not be stored for longer than is necessary in relation to the purposes for which we process them (as listed above). Afterwards it is still possible that they can be found in our back-ups or archives, but they will no longer be actively processed.

More specifically, the following retention guidelines are applied by us:

  • Personal Data included in accounting, financial or other official documents will be retained for as long as such documents legally need to be kept;
  • Personal Data required for the execution and follow-up of a contractual relationship will be kept for the entire duration of that relationship and for ten (10) years following termination thereof;
  • Personal Data obtained in the context of complaint handling will be deleted (or anonymized) as soon as the complaint is closed; and
  • any Personal Data used for marketing purposes will be retained for as long as we are sending you relevant mailings and for a maximum of eighteen (18) months thereafter. As soon as we note that your contact details are no longer accurate or active, or whenever you decide to exercise your right to unsubscribe right, we will no longer keep your Personal Data for these purposes.

Only where we are legally obliged to, or where this is necessary for defending our interests in the context of judicial or administrative proceedings (e.g. in case of a dispute), will we retain Personal Data for longer periods.

More information regarding our applicable retention periods is available upon simple request.

(IX) YOUR RIGHTS REGARDING THE USE OF YOUR PERSONAL INFORMATION

Within the limits defined by Articles 15-22 GDPR, you have the statutory right to:

  • receive information about and access your Personal Data;
  • rectify your Personal Data;
  • request erasure of your Personal Data (‘right to be forgotten’);
  • request restriction of Processing of your Personal Data;
  • object to the Processing of your Personal Data;
  • receive your Personal Data in a structured, commonly used and machine readable format and to (have) transmit(ted) your personal data to another organization.

The right to object to the Processing includes the right to ‘opt-out’ for our electronic newsletter. This right can be exercised by following the unsubscribe instructions provided in each promotional e-mail.  You can also indicate that you do not wish to receive marketing communications from us in the “Settings” section of our website.  Please note that notwithstanding the promotional preferences you indicate by either unsubscribing or opting out in the Settings section of our website, we may continue to send you administrative emails including, for example, periodic updates to our Privacy Policy.

Finally, you have the right to lodge a complaint relating to the Processing of your Personal Data by us with the Supervisory Authority in your country.

In principle you may exercise the above-mentioned rights free of charge. Only where requests are manifestly unfounded or excessive, we may charge a reasonable fee.

We aim to respond as quickly as possible to your requests or questions. We might request and sometimes even be legally required to request proof of identity in advance in order to double-check your request and to avoid unauthorized access by Third Parties.

(X) LINKS TO OTHER WEBSITES

As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through our website and the Service. Therefore, this Privacy Policy does not apply to your use of a Third Party website accessed by selecting a link on our website or via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that website or application. We encourage our users to carefully read and evaluate the privacy statements of other websites before proceeding to use them.

(XI) CHANGES TO OUR PRIVACY POLICY

Sparkcentral reserves the right to change this Privacy Policy at any time.  We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account and/or by placing a prominent notice on our website.  Significant changes will go into effect thirty (30) days following such notification.  Non-material changes or clarifications will take effect immediately. The most recent version of this Privacy Policy is at all times available on our website. You should periodically check the website and this Privacy Policy for updates of both our Privacy Policy and Terms of Service (TOS).

(XII) CONTACTING US  

If you have any questions regarding this Privacy Policy or the Processing of your Personal Data by us, please contact us by sending an email to privacy@sparkcentral.com.

If you feel there is unethical behaviour please contact us by sending an email to ethics@sparkcentral.com

If you reside in California, you have the right to ask us one time each year if we have shared Personal Data with Third Parties for their direct marketing purposes. To make a request, please send us an email at support@sparkcentral.com or write to us at the Californian address listed above. Please indicate in your letter that you are a California resident making a “Shine the Light” inquiry.

Last Updated: This Privacy Policy was last updated on April 7th, 2020.