Skip to main content

Privacy Policy

1. Introduction

The services, products, apps and in general the offers provided by Bizzdesign BV and its affiliates, (“Bizzdesign”), may involve the collection of personal data.

The purpose of this privacy policy (“Policy”) is to explain the conditions under which personal data are collected and are likely to be processed so that these actions are carried out in the greatest transparency.

This Policy also aims to precise how you may exercise your rights regarding the said collection and processing of your personal data.

Bizzdesign is entitled to change this Policy without further notification. Any changes will be announced on our main corporate website (https:www.bizzdesign.com) immediately.

For questions regarding this Policy, please contact the Legal Department at privacy@bizzdesign.com.

2. Data Controller

The data controller responsible for the processing of your personal data is Bizzdesign B.V. - Capitool 15, (7521PL) Enschede, Netherlands - KVK 08204584 - VAT identification number (omzetbelastingnummer) 8211.61.763.B01 – Email: compliance@bizzdesign.com

3. Definitions

For the purposes of this Policy:

“Affiliate” means, with respect to any entity, any other entity that directly or indirectly Controls, is Controlled by, or is under common Control with such entity, whether now or in the future. Control (including the terms Controlled by and under common Control with) means the direct or indirect ownership of more than fifty percent (50%) of the voting securities or other ownership interests of an entity, or the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership, by contract, or otherwise. Affiliates shall include, without limitation, subsidiaries, parent companies, sister companies, and any entities under shared ownership or common ultimate beneficial ownership.

“personal data” means any information relating to an identified or identifiable natural person ('data subject'); 'identifiable natural person' means a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural, or social identity;

“processing” means any operation or set of operations whether or not carried out by automated means and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or interconnection, limitation, erasure or destruction;

“file” means any structured set of personal data accessible according to specified criteria, whether centralized, decentralized or functionally or geographically distributed;

“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing;

“processor” means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller;

“consent” of the data subject means any free, specific, informed and unequivocal expression of will by which the data subject accepts, by a statement or by a clear affirmative action, that personal data concerning him or her may be processed;

4. Who is concerned by this policy?

This Policy is applicable to all companies of Bizzdesign.

5. How do we collect your personal data?

We collect your personal data either directly or indirectly.

We may collect personal data directly when you provide it to us, for example by filling in a form on a website, or when we ask you for it on any occasion such as during the performance of a contract, a contact form on the Internet, a trade show, a survey, participation in a discussion forum, participation in a contest, interaction on professional social networks such as LinkedIn.

We may also collect your personal data indirectly through a third party. This may be for example the performance of a contract in which your employer is a party or when you are user of an app, a product and/or services, or when you are our contact in charge of, for example, billing, placing an order, paying a sum of money or other. On these occasions we may collect your first name, last name, business contact details (telephone, title, physical and email address, and IP address).

If you provide us with personal data of a third party (for example personal data of a colleague or employee), it is your responsibility to ensure that you comply with the applicable regulations on the protection of personal data. As such, in accordance with the applicable data protection regulations, you must notify such third party and obtain their express consent or have any other legal basis to provide us with their personal data. Furthermore, you must inform the third party how we collect, use, disclose and store their personal data and invite them to read our Policy.

6. How do we use personal data?

We may collect and process the following categories of personal data:

  • Identification details: first and last name.
  • Professional contact details: business address, phone number, job title, and email address.
  • Technical information: IP address and related data generated when you use our websites, applications, or services.

Subject to applicable laws, we collect and process your data for the following purposes:

  1. Providing requested services and information

    To deliver the information, services, or software solutions that you have requested, including responding to inquiries or evaluating your application. We may use the data to send an invoice, maintain our relationship with you or improve your product usage experience. We also use the data to answer any of your requests for information or to judge your application.

  2. Contract performance and customer support

    To perform a contract to which you or your employer are/is a party, which may include issuing invoices, providing customer service, or offering technical support.

  3. Commercial relationship management

    To maintain and manage our business relationship with you, ensuring smooth communication and collaboration.

  4. Fraud prevention and protection of rights

    To detect, prevent, or investigate fraudulent, unlawful, or unauthorized activities, and to safeguard our legitimate rights and interests.

  5. Customer engagement

    To invite you to participate in customer satisfaction surveys or to attend events, helping us to better understand your needs and improve our services.

  6. Marketing and personalization

    To deliver personalized advertisements, direct marketing communications, or tailored information based on your usage patterns, where permitted by law. As a customer of Bizzdesign, we are happy to make offers for our similar products and services. We may do this via phone, email, or other electronic communication or mail. You have the right at any time to stop Bizzdesign from contacting you for marketing purposes.

  7. Usage analytics and service improvement

    To collect and analyze usage data relating to our websites, applications, and services, enabling us to improve functionality and enhance your user experience.

  8. Recruitment

    We allow you to submit your resume for general applications, to apply for specific jobs or to subscribe to our job alerts. Your resume (together with your application letter) will be stored in a database managed and controlled by Bizzdesign. We may use a third party to host the service, application and database. We will engage with the third party according to paragraph 8.

7. Legal bases for processing

We process your personal data only when we have a valid legal basis to do so under applicable data protection laws, such as the GDPR.

The main legal bases we rely on include:

  1. Performance of contact
  2. Legal obligation

  3. Consent

    If we process your personal data based on your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we carried out based on your consent before you withdrew it. You can withdraw your consent by contacting us at privacy@bizzdesign.com.

  4. Legitimate interests

    In certain cases, we process your personal data based on our legitimate interests or those of a third party. These legitimate interests include:

    • Improving and optimizing our services, websites, and products;
    • Preventing fraud, ensuring IT and network security, and protecting our business and users;
    • Sending marketing communications or information about similar products and services, when such communication can be reasonably expected by you or is relevant to your interests;
    • Managing our commercial relationships and conducting internal audits or analyses.

    When processing your personal data based on legitimate interests, we carefully weigh our interests against your rights and freedoms and ensure that your personal data are handled fairly and securely.

8. Sharing your personal information

We do not share your personal data with third parties unless one of the following circumstances applies.

With your explicit consent. We may share your personal data with third parties when we have your explicit consent to do so. You have the right to withdraw this consent at all times.

For external processing by third parties engaged by us. We will provide your personal data to our subsidiaries or other trusted businesses or persons to process it for us, based on our instructions and in accordance with this Policy and any other appropriate obligations of confidentiality and security measures.

Third parties engaged by us are:

  • Sub-processors, including cloud service providers such as Amazon Web Services (AWS), Microsoft Azure, and Salesforce, depending on the product or service subscribed to; 
  • Suppliers supporting marketing activities of Bizzdesign; 
  • Any company of the Bizzdesign group and any subcontractor for the proper performance of our contractual obligations. This is particularly the case for our maintenance and support activities (MEGA Group) and for the hosting of our SaaS services (by Microsoft Ireland Operations Ltd, One Microsoft Place, South County Industrial Park, Leopardstown, Dublin 18, D18 P521); 
  • Affiliates within the corporate group; 
  • Third parties that we use to carry out payment transactions, such as clearing companies, clearing systems, financial institutions and transaction beneficiaries; 
  • Third-party service providers supporting marketing and communication campaigns; 
  • Government agencies, regulators and any other third parties if the transfer is necessary to meet our legal and regulatory obligations; 
  • Police authorities, so that they can detect or prevent crimes or prosecute offenders; 
  • Any third party, in connection with legal proceedings, existing or imminent, provided that we are legally entitled to do so (e.g., in response to a court order); 
  • Internal auditors, legal advisors, and external consultants; 
  • Any other company to which we may assign a contract to which you are party or which relates to you; 
  • Public bodies if they have to be informed according to applicable law; 
  • Other third parties if we have a good-faith belief that access to and use of the personal data is reasonably necessary to (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical is-sues; and/or iii) protect the interests, properties or safety of Bizzdesign, our users or the public in accordance with the law.

Bizzdesign has taken the appropriate contractual and organizational measures to ensure that your data are processed exclusively for the purposes specified in this privacy policy and in accordance with all applicable laws and regulations.

9. International transfers of personal data

Your personal data we process may be accessed from, processed or transferred to countries other than the country in which you reside. Those countries may have data protection laws that are different from the laws of your country. Such cross-border transfer of your personal data is necessary for us to service your transaction with us, and for the other purposes outlined in this Policy.

We have taken appropriate steps and put safeguards in place to help ensure that any access, processing and/or transfer of your personal data remains protected in accordance with this Policy and in compliance with applicable data protection law. Such measures provide your personal data with a standard of protection that is at least comparable to that under the equivalent local law in your country, no matter where your data is accessed from, processed and/or transferred to. We will comply with obligations regarding personal data cross-border transfer in accordance with application data protection laws, regulations, and conditions set by the competent authorities. This may include fulfilling obligations such as security assessments and/or certifications and signing agreements with overseas recipients in accordance with the standard contract established by the competent authorities.

10. Automated decision-making and profiling

We do not use profiling or automated decision-making that produces legal effects or similarly significantly affects you.

11. Cookies and usage statistics

In addition to personal data, Bizzdesign uses cookies on several parts of our websites and product portals. Please read our cookie policy to read what cookies we use.

12. Click behavior and visiting information

When you use our websites we may obtain general usage details. These concern the IP address of your computer, information about the action(s) performed, date and time and additional data that your browser sends. We use this data for statistical analysis of product and website usage and to optimize the operation of products and websites. We try to pseudonymize or anonymize this data as much as possible and this data is not provided to third parties who could use it for their own purposes. We use this data because of our legitimate interest in monitoring and improving our websites and products. We keep anonymized data (that does not contain any personal data) as long as they are relevant to us.

13. Aggregation of information

We use information about your usage of our websites, products and services to manage performance and availability of our services and improve our products. Information that is used for these purposes is always anonymized and aggregated across multiple user accounts.

14. Storage period

We do not store your personal data longer than is legally permitted and necessary for the purposes for which the data were collected. The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary per use.

The criteria we use to determine our retention periods include:

  • The duration of our relationship with you; 
  • Whether we have a legal obligation related to your personal data, such as laws requiring us to keep records of your contact or transactions with us; 
  • Whether there are any current and relevant legal obligations affecting how long we will keep your personal data, including contractual obligations, litigation holds, statutes of limitations, and regulatory investigations; 
  • Whether your personal data is needed for secure backups of our systems.

We will deidentify, aggregate, or otherwise anonymize your personal data if we intend to use it for analytical purposes or trend analysis over longer periods of time.

15. What are your rights?

15.1. Transparency and modalities

We take appropriate measures to provide you with any information relating to the conditions of collecting, processing, modifying and deleting your personal data. The information shall be provided at your request in writing or by other means including, where appropriate, electronically. The information may be provided orally, upon your request, provided that your identity can be demonstrated by other means.

You may at any time request access to, rectification or erasure of your personal data, or restriction of processing. You also have the right to object to the processing, the right to data portability, as well as the right to lodge a complaint with the supervisory authority in his/her country.

We will provide you with information on the measures taken following a request, as soon as possible and in any event within one month of receipt of the request. If necessary, this period may be extended by two months, taking into account the complexity and number of requests. We will inform you of that extension and of the reasons for the delay within one month of receipt of the request.

Upon expiration of the above-mentioned period, you have the right to lodge a complaint with a Supervisory Authority in the form and manner provided by the legislation in force.

Whenever you submit your request electronically, the information shall be provided electronically, if possible, unless you request otherwise. The information is provided free of charge. However, whenever the requests are manifestly unfounded or excessive, in particular because of their repetitive nature, we may: (a) require the payment of a reasonable fee which takes into account the administrative costs incurred in providing the information, organizing the communications or implementing the requested measures; or (b) refuse to comply with such requests.

15.2. Information and access to personal data

You may send your requests directly to the Data Protection Officer of the Bizzdesign Group by sending your request to the following addresses: (i) Bizzdesign B.V. - Capitool 15, (7521PL) Enschede, Netherlands - KVK 08204584 - VAT identification number (omzetbelastingnummer) 8211.61.763.B01 – Email: compliance@bizzdesign.com.

15.3. Right to rectification

You have the right to obtain from us, as soon as possible, the rectification of inaccurate data. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, by providing a supplementary statement.

15.4. Right to erasure ("right to be forgotten")

You have the right to obtain the erasure, as soon as possible, of your personal data and we will erase such personal data as soon as possible, where one of the following grounds applies:

  1. the personal data is no longer necessary in relation to the purposes for which the data is collected or otherwise processed; 
  2. you have withdrawn the consent on which the processing is based;
  3. you have objected to the processing if there is a compelling legitimate ground for the processing; your personal data have been unlawfully processed;
  4. the personal data must be erased in order to comply with a legal obligation.

This paragraph shall not apply to the extent that such processing is necessary:

  1. for the exercise of the right to freedom of expression and information;
  2. to comply with a legal obligation which requires processing under Union law or by the law of the member state to which we are subject,
  3. or to carry out a task carried out in the public interest or in the exercise of official authority vested in Bizzdesign; the establishment, exercise or defense of legal claims.

15.5. Right to restriction of processing

You have the right to obtain from the controller the restriction of processing where one of the following applies:

  1. You contest the accuracy of the personal data for a period of time that allows us to verify the accuracy of the personal data;
  2. tthe processing is unlawful, and you object to the erasure and instead you request the restriction of its use;
  3. we no longer need the personal data for the purposes of the processing, but they are still necessary for you to establish, exercise or defend legal claims;

If you have obtained the restriction of processing, we will inform you before the restriction of processing is lifted.

15.6. Obligation to notify with regard to the rectification or erasure of personal data or the restriction of processing

We will notify each recipient to whom the personal data have been communicated of any rectification or erasure of personal data or any restriction of processing carried out unless such communication proves impossible or requires disproportionate effort.

15.7. Right to object

Whenever personal data are processed for direct marketing purposes, you have the right to object, at any time to the processing for such direct marketing purposes. If you no longer wish to receive marketing and promotional emails, you may unsubscribe by clicking the ‘unsubscribe’ link in the email. 

If you object to processing based on our legitimate interests, we will cease processing the personal data unless there are compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

16. Security and retention of personal data

The entities of Bizzdesign implement technical and organizational security measures to protect personal data against unauthorized access, disclosure, alteration, or destruction.

Where applicable, certain entities within Bizzdesign certified under internationally recognized standards such as ISO/IEC 27001 or aligned with frameworks such as SOC 2 Type II.

These certifications reflect the implementation of robust information security practices, including access controls, data encryption, business continuity procedures, and regular audits.

In the event of a personal data security incident that may affect your rights and interests, you will be notified in accordance with applicable data protection laws and regulations. We will also report the relevant incident to the competent regulatory authorities, if required by applicable laws and regulations. If an account has been or seemed to be hacked, please contact us at: privacy@bizzdesign.com.

17. Contact us

If you have any questions or concerns about our use of your personal data, or wish to inquire about our personal data handling practices, and exercise your rights to access, correct or inquire about deletion of personal data, please contact us via privacy@bizzdesign.com.

In addition to your rights as described in this Policy, you may have the right to complain to a (local) data protection authority about our collection and use of your personal data. However, we encourage you to contact us first so we can do our best to resolve your concern. You may submit your request to us using the information via privacy@bizzdesign.com.

We respond to all requests we receive from individuals wanting to exercise their personal data protection rights in accordance with applicable data protection laws. Should you have the right under applicable law to appeal a decision we have made to not take action at your request, instructions on how to make that appeal will be included in our response to you.

18. Updates to this policy

We may make changes to this Policy by updating it at any time for various reasons, including (1) to improve them and make them clearer or easier to understand, (2) to comply with legal, regulatory, and/or tax requirements, (3) where we make changes to our services or how we run our business, and/or (4) for security-related reasons. If we propose to make changes that will materially impact your rights or obligations, we will provide you with reasonable advance notice of such changes, unless the changes are urgently required to meet security, legal, or tax requirements.