1. Who are we?
1.1. We are CNTRC BV, a limitedliability company established, organized and existing under the laws of Belgium, with registered office at Nieuwewandeling 62, 9000 Gent, Belgium, and registered with the Crossroads Bank for Enterprises under the company number 1010.076.440 (“CNTRC”, “we”). We provide a cutting-edge AI-powered platform designed for data-driven enterprises which offers future-ready insights, leveraging first-party data to enhance customer experiences while ensuring adherence to data privacy regulation (“Platform”).
1.2. We value your rightto privacy and make every effort to protect your personal data in accordance with applicable data protection law, including the General Data ProtectionRegulation (EU) 2016/679 ("GDPR") and national implementing legislation. In this Privacy Policy, we explain what personal data we collect from you, for what purposes we will process this data, on what legal basis we base this processing, to whom your personal data may be transferred, how long we keep your data, how we protect your data and what rights you have in relation to the processing of your personal data.
2. From whom do we collect data?
2.1. This Privacy Policy applies to CNTRC’s collection of personal data, and is not intended to apply to the collection of use of personal data by CNTRC customers use of Services. This Privacy Policy also does not apply to third-party websites, applications or services reachable from our websites or mobile applications.
2.2. In the course of our business, we may collect personal data from customers, users of the Platform, prospects, visitors to our Platform, persons who provide their business card or otherwise their contact details to us, and persons who contact us by e-mail or otherwise.
2.3. If you are a customer of one of CNTRC’s professional users and would like more information on their use of your personal data, you must contact the customer that you interact with directly as CNTRC only processes this data and does not act as data owner.
3. What personal data do we request and why?
3.1. By using ourPlatform, we collect and process your data. Some aspects of these data can be qualified as personal data. We process the following categories of personal data, for the following purposes, on the basis of the following legal grounds:
To provide and maintain the Platform
Name, e-mail address, date of birth, address, postal code, country, telephone number, device or browser data such as screen resolution, operating system, internet browser type and version, IP address … which are publicly available.
Theprior, express, free, specific and informed consent ofyou (art. 9.2 a) GDPR)
Necessary for the exercise of our legitimate interests (art.6.1 f) GDPR), in particular to enhance the quality of our Platform
To help you with technical problems or other questions
Data required to resolve these issues
To inform you of new functionalities to our Platform
Name, email address, address
Necessaryfor the exercise of our legitimateinterests (art.6.1 f) GDPR, in particular communicate relevant information
To analyse statistics about visitors to our Platform in order to improve thePlatform
Data on visitors' behaviour
The prior, express, free, specific and informed consent of you (art. 9.2 a) GDPR)
To comply with legal obligations
Data required by applicable law
Necessary to comply with a legal obligation (art.6.1 c) GDPR).
To prevent, detect and combat fraud and other illegal or unauthorised activities
Data required for detection of fraud and illegal activities
Necessary for the exercise of our legitimate interests (art.6.1 f) GDPR, in particular the prevention of fraud and other illegal activities
To fulfil payment obligations
Email address, type of subscription
Necessary for the exercise of our legitimate interests (art.6.1 f) GDPR, in particular compensating us for the provision of the Platform
For newsletters
Email address
The prior, express, free, specific and informed consent of you. (art. 9.2 a) GDPR) This authorisation can be withdrawn by you at anytime
To administer your account
Name, email address, address, type of subscription
The necessity for the performance of the contract we have concluded with you, in particular the Terms of Use (art. 6.1 b) GDPR).
To contact you for sales purposes
Name, professional email address, Job title, company
Necessary for the exercise of our legitimate interests (art.6.1 f) GDPR, in particular to conduct our business and execute our sales strategy
4. With whom do we share your personal data
4.1. We may disclose your personal data to the following parties:
- With our service providers and partners: We use third parties to help us operate and improve our Platform. These third parties assist us with various tasks, including data hosting and maintenance, analytics, customer care, marketing, advertising, payment processing and security operations. We also share information with partners who distribute and assist us in advertising our Platform. For instance, we may share data with our API services providers.
- With law enforcement/when required by law: We may disclose your information if reasonably necessary:
(i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements;
(ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or
(iii) to protect the safety of any person.
4.2. When transferring personal data to third parties, we always ensure that we implement appropriate technical and organisational protection measures. Where necessary, we will, for example, conclude a transfer agreement or a processor agreement, which sets out restrictions on the use of your personal data and obligations in respect of the security of your personal data.
4.3. To the extent that your data is transferred in the context of this article to countries outside the EuropeanUnion which do not provide an adequate level of protection for your data, CNTRC will ensure that the companies to which your data is transferred do provide an adequate level of protection. In particular, we have concluded Standard Contractual Clauses (SCC) with them. CNTRC guarantees to always verify, on a case-by-case basis, whether an adequate level of protection is in place for transfers to third countries.
5. How long do we store your data?
5.1. We do not keep your personal data longer than necessary for the purposes for which it is collected and processed (as described above).
5.2. For the purposes of providing Platform to our customers, we will retain it for as long as necessary to fulfil the purposes set out above, unless a longer retention period is
(i) necessary to cover our liability or
(ii) required or permitted by law.
5.3. All personal data purely for the purpose of scientific research or statistical purposes may be stored for longer periods.
5.4. Regarding the data of visitors to our Platform, we refer to our section 9 of this Privacy Policy.
6. How do we secure your personal data?
6.1. We are dedicated to constantly enhancing our security infrastructure, ensuring the utmost protection for user data. All user data is stored on the client's own servers and can be hashed. First-party data belongs to the customer solely and is not shared with other CNTRC clients. We take appropriate technical and organisational measures to ensure a level of security appropriate to the specific risks we have identified.
6.2. We thus protect your personal data as best as we can against the destruction, loss, alteration or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. It is important to understand that no method of transmitting data over the Internet or storing it electronically can be completely secure. More information on our security measures is available upon request.
7. Which rights do you have as a data subject?
7.1. Withdraw your consent at anytime: you have the right to withdraw consent where they have previously given their consent to the processing of your personal data.
7.2. Object to processing of your personal data: you have the right to object to the processing of your personal data if the processing is carried out on the legal basis of a legitimate interest, including profiling. You also have the right to object to the processing of your personal data for direct marketing purposes. This right is absolute - we will always comply with it.
7.3. Right to access: You have the right to obtain confirmation from us as to whether or not we are processing your personal data, to obtain access to that personal data and how and why it is being processed, as well as to receive a copy of that data.
7.4. Right to rectification: You have the right to obtain a correction of your personal data or to request that we complete your personal data if you notice that we are processing incorrect or incomplete data about you.
7.5. Right to erasure: You have the right to obtain data erasure in certain specific cases. Our system is equipped with a swift and secure mechanism to delete user data upon request, ensuring comprehensive erasure—including identification data.
7.6. Right to restriction: You have the right to have the processing of your personal data restricted in certain specific cases.
7.7. Right to data portability: You have the right to obtain the personal data you have provided us with in a structured, commonly used and machine-readable form, and to transfer that personal data (or have it transferred) to another controller.
7.8. You may exercise the above rights by sending an e-mail to legal@cntrc.aior in the case of the right to object to direct marketing also via the opt-out link included in our marketing e-mails. The exercise of these rights is in principle free of charge. Only in case of unreasonable or repeated requests may we charge a reasonable administrative fee. We always try to answer your requests or questions as quickly as possible. It is possible that we will first ask you for proof of identity in order to verify your identity. For further information and advice on the above rights, please visit the Platform of the Data Protection Authority: www.gegevensbeschermingsautoriteit.be. In addition to the above rights, you also have the right at any time to lodge a complaint with the Data ProtectionAuthority in connection with the processing of your personal data by us. You can contact the authority at contact@apd-gba.be or by mail at the following address: Gegevensbeschermingsautoriteit Drukpersstraat 351000 Brussel
7.9. Furthermore, you can always choose to uninstall the Platform or delete your account. When the information on your profile is inaccurate, you have the right to update your information.
8. References to other websites
8.1. Our Platform may contain links to other sites that are not operated by us. If you click on a third-party link, you will be redirected to that third-party site. We strongly recommend that you review the Privacy Policy of each site you visit.
8.2. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party web sites or Platform.
9. Cookies & tracking
9.1. In this section, we explain what cookies and similar tracking technologies are, their purposes and which cookies we use. When reference is made to cookies in this section we refer to any technology that allows the tracking of users.
9.2. We and our services providers collect personal data and other information in a variety of ways(referred to as 'tracking'), including:
9.2.1. Through cookies and other similar technologies. Cookies are small data or text files sent from a website and stored on your local computer. Cookies can be stored for different purposes; some cookies are of a technical nature (e.g. to store language preferences), session cookies (temporary cookies) and tracking cookies (cookies that follow and store your behaviour on the website in order to provide the user with the best possible user experience).
9.2.2. Through Your Browser or Device: Certain information is collected by most browsers or automatically through your device, such as your browser type, operating system, Time zone, User agent and hardware specifications.
9.3. The Belgian Electronic Communications Act (implementation of the Telecommunications Act)contains some provisions regarding cookies and similar technologies and their use on websites. The Belgian implementation is derived from the European-Privacy Directive. This directive implies that each EU member state has a certain discretion with regard to cookie legislation.
9.4. CNTRC wants to inform the user as much as possible about this new legislation and about the cookies they use. Cookies are essential for us to optimise every visit to the website (“Website”). For example, cookies remember every technical choice the user has made (e.g. choices regarding language, newsletter, etc.) and help to offer the user all relevant services and suggestions. We also use cookies to dynamically adjust the Website based on the stored preferences of the user. The cookies with their different purposes are described more in detail below.
9.5. If you want to visit our Website, it is recommended to enable cookies and enable consent. If you prefer not to, you can disable cookies by changing browser settings or disable consent through the consent panel.
9.6. To visit our Website, it is recommended to enable cookies on your computer, tablet or mobile phone. Without cookies enabled, CNTRC cannot guarantee an optimal use of our Website.
9.7. CNTRC uses session, preference, security and tracking cookies. Session cookies are used to operate our Service. Preference cookies are used to remember your preferences and various settings. Security cookies are used for security purposes and analytical cookies are used for the compilation of statistics on the number of visitors, our most popular webpages, etc.
9.7.1. Third parties that may set cookies on your computer or device when you visit our Sites:
- Active campaigns
- Bing
- Hubspot
- Klaviyo
- Meta
- Google Analytics
- Google Tag Manager
- Linkedin
- Microsoft
- Outbrain
- Shopify
- Teads
- TikTok
- Youtube
- X9.
7.2. We use the personal data we collect through similar technologies, with prior explicit consent, for the purpose described in the 3. WHAT PERSONAL DATA DO WE REQUEST AND WHY? Section above or as otherwise disclosed to you in this privacy statement. A list of how we use your information:
- Facilitate the creation of and securing of your account on our network;
- Identify you as a user in our Services;
- Improve our Services and how we operate our business;
- Understand and enhance your experience using ourServices;
- Provide and deliver products and services, including theServices, that you request, including securing, troubleshooting, and personalizing those Services;
- Respond to your comments or questions, including assistance from our support team related to the Services;
- Send you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages;
- Communicate with you about promotions, upcoming events and news about products and services offered by CNTRC and our selected partners, and for other marketing purposes of CNTRC;
- Link or combine it with additional information we get from third parties, to help understand your needs and provide you with better service;
- Protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
10. Changes to the privacy policy
10.1. From time to time, it may be necessary to amend this Privacy Policy. When we post changes to the policy, we will change the "last updated" date at the top of the document. The most recent version of this Privacy Policy will be available on our Platform and/or our website at all times.
11. CONTACT
11.1. If you have any questions or concerns regarding this Privacy Policy or our processing of your personal data, you may contact us at contact@cntrc.ai, Nieuwewandeling 62, 9000 Gent.
Last updated 01/02/2025
