Guardsquare Privacy policy

    1. General

    1. This privacy policy (“Privacy Policy”) regulates the processing of your personal data as a part of your use of our Website (the “Website”) and the accompanying services (jointly referred to hereinafter as “Services”). This processing is performed by Guardsquare NV as data controller, with a registered office at Tervuursevest 362 bus 1, 3000 Leuven, Belgium ("we”, “our"), listed with the CBE (Crossroads Bank for Enterprises) under number BE0550.675.829 in accordance with the applicable legislation relating to the protection of personal data.

    2. By using our Website and/or our Services, you acknowledge that you have carefully read this Privacy Policy and that you unreservedly agree with it. We reserve the right to regularly change the Privacy Policy as we deem fit. Such changes will be communicated through the Website.

    3. Remember that we can use so-called “cookies” or similar technology as part of the Website and/or the Services. Cookies are small text files that are stored on the hard drive of a device and that contain certain information, which sometimes includes personal data. For more information regarding our use of cookies, please read our cookie policy.

    4. This Privacy Policy was last updated on 07 December 2023.

    2. What data do we process, for what purpose and on what legal basis?

    For the precise information on our processing operations with regard to your personal data, please have a look at the following overview and locate the processing operation that corresponds to your situation:

    1. Cookies:
    Please consult our cookie policy.

    2. Requesting resources:
    What? We ask for personal information such as but not limited to name, email, company, etc.
    Why? To enable us to send you the requested documents and resources
    Legal ground? Delivering a service in the execution of a contract
    Retention time? We remove your data upon request.
    Recipients: None

    3. Requesting quotes:
    What? We ask for personal information such as but not limited to name, email address, company, relevant industry, country, phone number, particular interest in one or more of our services, and more information on your specific situation relevant for the services you request a quote for.
    Why? In order to send you a quote.
    Legal ground? Necessary for providing you the necessary information for the purpose of (potentially) entering into an agreement.
    Retention time? We remove your data upon request or after 18 months without interactions with either marketing/website or sales.
    Recipients: None

    4. Contact form:
    What? We ask for your name, email address, company, country, phone number, and the content of your message or question.
    Why? To enable us to respond to your inquiry
    Legal ground? Delivering a service in execution of a contract
    Retention time? We remove your data upon request or after 18 months without interactions with either marketing/website or sales.
    Recipients: None

    5. Direct marketing:
    What? We ask for personal information such as but not limited to name, email address, and company.
    Why? To enable us to send you direct marketing
    Legal ground? Informed consent
    Retention time? We remove your data upon request.
    Recipients: None

    6. Job applications:
    What? You provide us with your personal information (identity, contact details), your resume (or curriculum vitae), your cover letter with your motivation, as well as other information you may submit to us, such as profile pictures, recommendation letters, certificates, etc. An informed consent verification is required before uploading any personal data.
    Why? To enable us to consider your application for a job opportunity
    Legal ground? Necessary for the purpose of (potentially) entering into a (labor) agreement.
    Retention time? We will remove your data upon request.
    Recipients: Recruitment agencies assisting us with the recruitment process.

    7. Recruitment reserve:
    What? You provide us with your personal information (identity, contact details), your resume (or curriculum vitae), your cover letter with your motivation, as well as other information you may submit to us, such as profile pictures, recommendation letters, certificates, etc.
    Why? To enable us to take your application for future job opportunities into consideration.
    Legal ground? Your informed consent.
    Retention time? Up until 4 years after you expressed us your consent.
    Recipients: Recruitment agencies assisting us with the recruitment process.

    8. Guardsquare platform user registration and behavior data:
    What? We collect user name and email, behavior data, including support chat.
    Why? In order to provide you with access to download our software, licenses, and manuals, and to reach out to you with essential product communications.
    Legal ground? Delivering a service in the execution of a contract.
    Retention time? We keep your data indefinitely.
    Recipients: Intercom.

    In principle, we obtain the above-mentioned personal data directly from you. We always process your personal data on the basis and within the boundaries of the legal principles laid down under the applicable law. We do our utmost best to limit the processing of your personal data to what is strictly necessary for the purposes of this Privacy Policy.

    3. With whom do we share data?

    1. Except for the recipients specified for each individual processing operation, we do not send your personal data to third persons in a way that you can be identified without your express permission to do so if this is not necessary to provide the Services.

    2. We can rely on external processors to offer the Website and/or Services to you. We ensure that third-party processors may only process your personal data on our behalf. We strive to ensure that all external processors are selected with the necessary care, so that we can rest assured of the security and integrity of your personal data.

    3. We can transmit anonymized and/or aggregated data to other organizations that can use these data to improve products and services, and to organize bespoke marketing, presentation and the sale of products and services.

    4. Where required by a public authority or a law enforcement agency, we may share your personal data in accordance with applicable law and only to the extent necessary.

    5. Your data may be shared with third parties within the context of a possible merger with, acquisition of/by or demerger by a third party, even if such third party is outside the European Economic Area (EEA).

    4. Where we process data

    1. We and our external processors will only process your identifiable personal data in the EEA.

    2. We can transfer our anonymized and/or aggregated data to organizations outside the EEA. If such a transfer is made, we shall ensure that there are appropriate guarantees to warrant the security and integrity of your personal data, and that all personal data rights that you might enjoy under applicable mandatory law are guaranteed.

    3. If your personal data and/or anonymized and/or aggregated data is transferred, the following statutory protection system will be implemented:

      Which tools?  

      Country outside EEA  

      Statutory transmission system

     HubSpot

     Salesforce

     Google

     LinkedIn

     SalesLoft

     Twitter / X

     Facebook 

     Reddit

      USA

      USA

      USA

      USA

      USA

      USA

      USA

      USA

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

      Standard Contractual Clauses (SCC)

    5. How we process data

    1. We will do our utmost to process only the personal data necessary to achieve the objectives stated in this Privacy Policy. We will process your personal data lawfully, fairly, and transparently. We will do our utmost to keep the personal data accurate and up to date.

    2. Your personal data will only be processed as long as necessary to achieve the objectives stated in this Privacy Policy or until the moment at which you withdraw your processing permission. If you have registered on our Website, we will remove your personal data if you remove your profile unless a statutory or regulatory obligation or a judicial or administrative order prevents us from doing so.

    3. We will take appropriate technical and organizational measures to keep your personal data secure from unauthorized access or theft and from unintentional loss, manipulation or destruction. Our personnel or the personnel of our external controllers will only be able to gain access on a need-to-know basis and this is subject to strict obligations of confidentiality. However, you should understand that the care for security and protection consists only of an obligation of means according to best efforts, which can never be guaranteed.

    6. Your rights

    1. You have the right to request access to all the personal data that we process about you.

    2. You have the right to request that any personal data about you that is incorrect or inaccurate be corrected free of charge. If you have registered on our Website, you can personally correct much of such data through your profile. If such a request is submitted, you must also enclose proof showing that the personal data for which you request correction is incorrect. You can always contact us at the following email address privacy@guardsquare.com

    3. You have the right to withdraw previously granted permission for the processing of your personal data. You can withdraw your permission at all times by sending an email to privacy@guardsquare.com, or by removing your profile (if applicable).

    4. You have the right to request that personal data relating to you be removed if this is no longer needed in the light of the objectives that are outlined in this Privacy Policy or if you withdraw your processing permission. However, you must consider that a removal request to us will be assessed in light of statutory or regulatory obligations or administrative or judicial orders, which may prevent us from removing the respective personal data. You can always contact us at the following email address privacy@guardsquare.com

    5. Instead of requesting removal, you can also request that we restrict the processing of your personal data if (a) you dispute the correctness of such data, (b) the processing is unlawful, or (c) the data is no longer necessary for the objectives stated, but you need it to defend yourself in judicial proceedings.

    6. You have the right to object to the processing of personal data if you can show that there are serious and justified reasons regarding special circumstances warranting such an objection. However, if the envisaged processing is noted as direct marketing, you have the right to object (opt-out) to such processing free of charge and without giving any reason.

    7. If your personal data is processed on the basis of permission or on the basis of a contract where the data is processed automatically, you have the right to receive the personal data provided to us in a structured manner and in a generally used format that can be read by a machine and, if technically possible, you have the right to directly transmit such data to another service provider. We will be the only persons to assess the technical viability of this.

    8. If you wish to submit a request to exercise one or more of the above-mentioned rights, you can send an email to privacy@guardsquare.com.  Such a request must clearly state what right you wish to exercise and why. It must also be dated and signed. When it is impossible for us to adequately verify your identity, we may ask you to send us a digitally scanned copy of your valid identity card, before we comply with your request. We will notify you immediately when such a request has been received. If it appears that the request is founded, we will grant the request as quickly as is reasonably possible and no later than thirty (30) days after the request has been received.

    9. By clicking “Accept All” or accepting a certain category of cookies in the options menu after you have been notified of the use of cookies and similar technologies, you acknowledge that you have carefully read this cookie policy and that you unreservedly agree with it. As explained in this Cookie Policy, you can change your cookie preferences at all times.

    10. If you have a complaint regarding our processing of your personal data, you can always contact us at the following email address privacy@guardsquare.com
    You are also at all times at liberty to file a complaint with the competent data protection authority, the Belgian Data Protection Authority, either by post at Drukpersstraat 35, 1000 Brussels, or by email at contact@apd-gba.be  or by phone at +32 2 274 48 00 or first-line assistance at +32 2 274 48 78.