We respect your privacy and your rights to control your personal data. Our principle guidelines are simple. We will be clear about the data we collect and why. We will make sure that your personal data are adequately secured. We do not and will not sell your data to third parties.
With this Privacy Policy (the ‘Policy’) we inform you about the personal data we collect from you, either directly or indirectly, and how we will use it. Personal data is any information that can be used to identify you or that we can link to you. This Policy applies to all visitors and all users of our online services, including isuna.net, certification.isuna.net, other Isuna-controlled websites, apps, widgets, whitelabels, etc. (taken together, the ‘Services’).
Please read this Policy carefully to understand how Isuna may collect, use and share your personal data. The terms ‘we’ and ‘Isuna’ are each intended as reference to Isuna B.V. and our affiliates, subsidiaries and holdings.
Unless stated otherwise, Isuna is the data controller within the meaning of the General Data Protection Regulation (GDPR) for the processing of personal data mentioned in this Policy.
1. What personal data do we collect about you?
1.1 General users
Digital assistants
Our Services may contain various forms or digital assistants. When you fill in one of these forms or submit a question, we will use your data for the specific purpose indicated. For instance, when you leave your name and e-mail address in the contact form we will use this information to contact you and answer your question. We will retain your information for as long as necessary to answer your question or provide you with the requested service.
Cookies
When you visit our Services we may automatically collect information about your use of the Services through cookies and similar technologies. Please consult our Cookie Policy for more information about our use of cookies.
Registration and user activity
To register at our Services we ask users to provide an e-mail address (username) and generate a password. When you log in using your social media account, we process your social media account name and your e-mail address. Without this information you are not able to register and get access to particular services.
If you want the best possible experience of the Services, you may add additional information to your profile, such as your date of birth, name and interests. We use this information to provide you with suggestions for events that meet, for example, your age and interests.
When logged in to the Services we collect information about any actions done while using the Services, such as clicking on information, and content generated, such as registrations to events, events created and comments shared.
We process this information partly on the basis of your consent, partly because this is necessary for the performance of the contract we have with you, and partly because this is necessary for purposes of our legitimate interests, such as to improve the Services, to protect the safety of our IT-systems, to protect our financial interests, and to create (in aggregated form) data reports for clients, such as amount of venues or organizers in a city and amount of events with a certain topic.
We store user information till the moment when a user requests us to delete his/her account or removes the information manually from the Services. Legal retention periods or other compelling reasons (such as legal claims) may require us to retain your data for a longer period.
Newsletters and alerts
If you are a registered user and have supplied your e-mail address, Isuna may occasionally send you an e-mail to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Isuna and our products and services. You can always unsubscribe to these e-mails by contacting us or by using the unsubscribe option in the e-mail.
1.2 Service buyers
When you purchase an assessment, training or membership (or register for an assessment, training or membership) through our Services, you are generally asked to submit certain information. Generally this includes your name, e-mail address, the university or company where you study or work as well as any additional information requested by the event or membership organizer to complete the registration or purchase. Without this information you may not be able to register or purchase the assessment, training or membership. Isuna takes our responsibility seriously, we will store the information securely, only use it for it’s intended purpose and not disseminate to third parties.
We may link our users to relevant suppliers and events (with permission). Please note Isuna is not the data controller within the meaning of the GDPR for this information. We help the event or membership organizer to manage his/her event through our Services (i.e. by promoting the event, handling registration and payment, sending reminders, solicit feedback etc.), but the event or membership organizer determines the purposes and means of these processing activities. We process the information on behalf of the organizer. If you have any concerns or questions about your privacy, or if you want to execute your privacy rights with regard to these processing operations, please contact the event or membership organizerdirectly.
1.3 Service sellers
When you sell a service through our Services, for example you create paid assessment or training we may collect additional information about you, such as your bank account number, Trade Register number and other transaction data.
We use this information to allow you to sell the specific service through our Services. We process this information because it is necessary for the performance of the contract we have with you and because it is necessary for compliance with a legal obligation. We store this data for 10 years, in accordance with Dutch statutory obligations.
Data subject | Processing activity | Type(s) of personal data | Legal basis | Retention period |
General user | Digital assistant | Name, e-mail address, question | Consent | For as long as necessary |
Cookies | See Cookie Policy | Consent, legitimate interest | See Cookie Policy | |
Registration and user activity | E-mail address, password, social media account, data added to profile, activity on the Services | Consent, performance of a contract, legitimate interest | Until registration is terminated | |
Newsletter | E-mail address | Consent, legitimate interest | Until subscription is terminated | |
Service buyer | Purchasing assessment, training or memberships | Name, e-mail address, other personal data (as instructed by event organizer) | As processor on behalf of event organizer | As instructed by event organizer |
Service seller | Selling assessment, training or memberships | Financial details and transaction data | Performance of contract, legal obligation | 10 years |
2. With whom do we share your personal data?
2.1. General
We may disclose your personal data to any member of our group companies, which means our affiliates, subsidiaries and our holding company. In the event that we sell or buy any business, shares in a business or assets, we may disclose your personal data to the prospective seller or buyer of such business, shares in a business or assets.
If you register or purchase an assessment, training or membership through our platform, we share your personal data with the event or membership organizer.
If you create events on the Services and you include any personal data in the event description, this information will be visible for other users. This information may also be displayed on a website of a third party with whom we have a relationship, for instance when we provide agenda integration services to that third party.
Finally, we may share your personal data with law enforcement authorities or in legal proceedings or in any other situation when required by law. We do not and will not sell your data to third parties.
2.2. Processors
We use a variety of third-party vendors to carry out services, such as hosting and data management. We only share your personal data as necessary. These vendors may only process the personal data on behalf of Isuna and for the purposes described in this Policy.
2.3. Do we transfer your personal data internationally?
Our Services are hosted in datacenters in the Netherlands. Occasionally, we may transfer your personal data to a country outside the European Economic Area (EEA) or an international organization. We take great care in protecting your personal data and have put in place adequate mechanisms to protect it when it is transferred internationally. We will transfer your personal data in compliance with applicable data protection laws and will implement suitable safeguards to ensure that your personal data are adequately secured by any third party that will access your data (for instance, by using the Standard Contractual Clauses as approved by the European Commission).
2.4. Links to websites of third parties
Our Services may, from time to time, contain links to external websites. If you follow a link to any external websites, please note that these websites have their own privacy policies and website terms and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to these websites.
In addition, our Services may contain ads delivered to users by our advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. Please note this privacy policy does not cover the use of cookies by any advertisers.
3. Security of information
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Services and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features which are appropriate to the type of personal data you have provided to try to prevent unauthorized access or inadvertent disclosure.
4. What rights do you have?
We want to be transparent about how we use your personal data and we want you to have control about how we use your personal data. You may therefore:
– ask us for a copy of the personal data we hold about you;
– inform us of any changes to your personal data and ask us to rectify or complete your personal data;
– ask us to erase your personal data or limit the processing thereof, or object to particular ways in which we are using your personal data;
– ask us to transmit your personal data to a third party;
– when we process your personal data on the basis of your consent, you may withdraw your consent at any time. Moreover, where we process your personal information based on legitimate interest, you have the right to object at any time to that use of your personal data.
We are committed to working with you to find a resolution to any complaint or concern you may have about our use of your personal data. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to file a complaint with a data protection authority.
5. How to contact us?
Questions, comments and requests regarding this Policy or regarding the execution of your rights are welcomed and should be addressed to support@isuna.net.
6. Can we change this Policy?
We may modify or update this Policy when necessary. Please review it regularly. New versions of the Policy will be posted on our websites. If there are material changes to the Policy, we will inform you by the means available to us.