Privacy

We are aware that you are placing your trust in PLAY IT BV with its registered office at Nelson Mandelaplein 2, 8500 Kortrijk, registered in the Kortrijk Register of Legal Entities under number 0671.574.550 (hereinafter referred to as “PLAY IT”, “we”, “us”). We therefore regard the protection of your privacy as our responsibility.

In this privacy policy (hereinafter referred to as "Privacy Policy"), which should be read together with our Cookie Policy [https://www.playit.training/en/cookies] ("Cookie Policy"), we will inform you concerning the personal data that we collect when you use our website and our game-based learning platform, together with the purposes for which we collect this data.

Please take the time to read through these documents, since these provisions may be of interest to you. In case you have any questions or would like further information, please contact PLAY IT at privacy@playitsafe.eu or +32 56 59 12 88.

According to the legal definition, personal data is any information from which a natural person can be identified or is identifiable ("Personal Data"). In order to be considered Personal Data, it is sufficient if such data allows us to establish a direct or indirect link between one or more data on the one hand, and a natural person on the other.

This Privacy Policy shall apply to (i) our website www.playit.training (hereinafter referred to as the "Website”), (ii) the game-based learning platform Play it Safe (hereinafter referred to as “Play it Safe”), (iii) portal.playitsafe.eu (hereinafter referred to as the “Portal”), (iv) the services of PLAY IT, as well as (v) the sharing of our media posts. (Items (i), (ii) and (iii) shall hereinafter collectively be referred to as the "Services").

PLAY IT wishes to emphasise that it endeavours at all times to act in conformity with (i) the Belgian Privacy Act of 8 December 1992 on the protection of privacy in relation to the processing of personal data and/or (ii) the EU Regulation of 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

We would like to emphasise that we endeavour to act at all times in conformity with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the "GDPR").

PLAY IT acts as the data controller within the meaning of the GDPR and as such we would like to inform you about the processing of your Personal Data.

We would also like to emphasise that we are aware of the difficulties and challenges that companies and employees may face when using the Internet today. We therefore make every effort to create the safest possible Internet environment with a healthy dose of caution in the design of the Portal's content, along with the necessary respect when processing the users' data.

We process your Personal Data on the basis of your consent and the performance of an agreement.

If children under the age of 16 use our Services, express consent must be given by the person charged with parental responsibility for such children.

Our use of collected data

Personal data collected:

Portal + Play it Safe

User

First name;

Last name;

E-mail address;

Date of birth;

Job title;

Department;

Language;

Gender;

Level of education; and

Nationality.

Children

First name;

Last name;

Language;

Date of birth; and

School + class.

Website

First name;

Last name;

E-mail address;

Organisation; and

Telephone number.

It is possible to visit the Portal without providing any data or registering at the Portal. However, you will not be able to login in this manner.

In principle, we do not request sensitive information (e.g. data on race, medical data, ethnic origin, religious beliefs, criminal record or sexual orientation). Wherever necessary, we will request express permission to collect and use such Personal Data.

Method of collecting Personal Data:

Via the contact form on the Website;

Via the registration form on the Portal;

Via the online form at Play it Safe;

Via playing behaviour in Play it Safe; and

Via surveys.

Use of Personal Data:

Your Personal Data will be used for the following purposes:

Direct marketing: to send you (personalised) marketing, advertising and promotional messages, as well as other information in which you may be interested, and which relates to the Services and events offered by Play it Safe. Personal data collected through the Portal shall not be used for this purpose;

Processing of questions;

Providing our services;

Processing of information requested by you;

Providing information on current developments;

Compilation of user statistics;

Security and improvement of our Services;

Replying to requests;

Visitor administration;

Improving the content and quality of the Portal and Play it Safe; and

Monitoring user performance with a view to providing insights and statistics to the employer.

We will not send you direct marketing information without your consent or, in cases where your consent is not required, you have stated that you do not wish to receive such information. You may opt out of these notifications at any time by using the link in the periodic marketing communications that we send.

We do not collect or use information for purposes other than those described in this Privacy Policy unless we have obtained your consent.

Disclosure of personal data to third parties

We do not disclose your Personal Data to any third party except where this is required in order to provide a Service to you. If it is necessary for us to disclose your Personal Data to third parties for this purpose, such third party will be obligated to use your Personal Data in accordance with the provisions of this Privacy Policy.

Without prejudice to the foregoing, however, we may disclose your Personal Data to the competent authorities (i) in case we are required to do so by law or in connection with ongoing or future legal proceedings and (ii) in order to safeguard and defend our rights, and to your employer or external service for prevention and protection at work.

We will not sell, rent or transfer your Personal Data to third parties unless we have concluded a data processing agreement with the third party, which agreement shall provide the necessary guarantees regarding confidentiality and privacy compliance of your Personal Data.

List of third parties to whom Personal Data are transferred:

Unity Technologies SF: for more information, please read the privacy policy of Unity Technologies SF at https://unity3d.com/legal/privacy-policy. Unity Technologies SF states that insofar as they transfer Personal Data outside the EEA, they will only do so to (i) non-EEA countries which are recognised by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). (ii) For transfers from the EEA to countries which are not considered adequate by the European Commission, adequate measures have been put in place, such as Standard Contractual Clauses adopted by the European Commission to protect your Personal Data. These Standard Contractual Clauses can be requested via privacy@playitsafe.eu.

Microsoft Corporation: for more information, please read Microsoft's online service terms (OST)https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=31. Microsoft provides customers with a contractual obligation relating to GDPR in their online service terms. The aforementioned obligation can be found in Annex 4 of the Microsoft Online Services Terms, at the end of the document.

Functional Software Inc.: for more information, please read the privacy policy of Functional Software Inc at: https://sentry.io/privacy/. Functional Software states that they transfer personal data to non-EEA countries that are not recognised by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). For such transfers, they use various legal mechanisms to protect your personal data, such as the conclusion of contracts.

Pipedrive OÜ: for more information, please read the privacy policy of Pipedrive OÜ at https://www.pipedrive.com/en/privacy. Pipedrive OÜ states that insofar as they transfer Personal Data outside the EEA, they either only transfer it to (i) non-EEA countries recognised by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). (ii) For transfers from the EEA to countries which are not considered adequate by the European Commission, adequate measures have been put in place, such as Standard Contractual Clauses adopted by the European Commission to protect your Personal Data.

Storage of Personal Data:

Unless a longer retention period is required or justified (i) by law or (ii) by compliance with any other legal obligation, we will in principle retain your Personal Data for a period of ten years or for the duration of the contract. This period is normally necessary for the achievement and fulfilment of the purposes described in the Privacy Policy under "Use of Personal Data".

However, in case a ten-year retention period is not required, we undertake to apply a shorter retention period.

Your rights:

If you no longer wish to receive newsletters or information about our Services, training courses and/or events, you may unsubscribe at any time by clicking on the "unsubscribe" button, as provided at the bottom of every email from us.

You also have a number of rights under the GDPR, as listed below. If you wish to exercise these rights, please contact privacy@playitsafe.eu or complete the form for exercising your privacy rights and send it to us at privacy@playitsafe.eu or by post to the following address: Nelson Mandelaplein 2, 8500 Kortrijk.

In order to exercise your rights of access or transfer, and to prevent any unauthorised disclosure of your Personal Data, you are required to provide us with proof of your identity. Therefore, when exercising your rights of access or transfer, we request you to attach a copy of the front of your identity card to your written request, to be sent by e-mail or by post to the above addresses.

PLAY IT undertakes to respond to any request to exercise the rights set out below within thirty (30) calendar days.

Your right to information

If you have any questions or suggestions concerning the processing of your Personal Data, and you can prove your identity, you have the right to request information from us regarding such processing. We will then provide you with access to the Personal Data we are processing from you, as well as the source of such Personal Data.

Your right to rectify or delete personal data

You have the right to have your Personal Data rectified or deleted, or to correct inaccuracies, in case such Personal Data is incomplete or inaccurate or is being processed in an unlawful manner. You have the right to request the removal of incorrect or irrelevant data.

You have the right to have your Personal Data removed without unreasonable delay, unless it is Personal Data that must be retained under a legal provision. Such deletion is primarily related to visibility, so it is possible that the deleted Personal Data may be retained temporarily. However, we will take all reasonable steps to delete all your Personal Data comprehensively and to the maximum extent possible.

Your right to data portability

You also have the right to receive a copy of the Personal Data you have provided to PLAY IT in a structured, commonly used and machine-readable format by e-mail, so that you may transfer it to another controller or so that we may, at your request and if technically possible, transfer it to another controller. Requesting a copy is free of charge. If you request additional copies of your Personal Data, PLAY IT may charge a reasonable fee to cover administrative costs.

Your right to object and right to restriction of processing

You may at any time object to the processing of your Personal Data or request that the processing of your Personal Data be restricted.

Your right to lodge a complaint

Of course, we would also be happy to help you if you have any complaints about the processing of your Personal Data via privacy@playitsafe.eu or +32 56 59 12 88. Under the GDPR, you also have the right to lodge a complaint with the Data Protection Authority against our processing of your Personal Data via:

Data Protection Authority Belgium
Drukpersstraat 35, 1000 Brussels
Telephone: +32 2 274 48 00
Fax: +32 2 274 48 35
Email: contact@apd-gba.be

Security of Personal Data:

We undertake to take reasonable, physical, technological and organisational precautionary measures to prevent (i) unauthorised access to your Personal Data, as well as (ii) loss, misuse or alteration of your Personal Data.

Such measures include: (i) password protection of the Personal Data, (ii) encryption of the Personal Data, (iii) anti-virus systems, (iv) security of network connections through Transport Layer Security (TLS) technology, and (v) anonymisation of Personal Data.

Cross-border processing of Personal Data:

In case we use processors outside the European Economic Area (EEA) for the provision of our Services, your Personal Data may be transferred, stored and processed outside the EEA. In case your Personal Data is transferred outside the EEA, we shall implement contractual or other measures in accordance with the GDPR, that ensure that it enjoys an adequate level of protection there, comparable to that which it enjoys within the EEA.

Privacy Policy update:

This Privacy Policy is tailored to the use and capabilities of the Services. Any modifications and/or changes to one of our Services may result in changes to this Privacy Policy. We have the right to update this Privacy Policy by posting a new version on the Website, the Portal and/or Play it Safe. The date at the top of this Privacy Policy will be updated and your consent will be requested again if necessary. It is also advisable to regularly consult this Privacy Policy.

Older versions of our Privacy Policy will be stored in our archives and can be consulted at any time by sending an e-mail to: privacy@playitsafe.eu.

Websites of third parties:

Our Services may contain hyperlinks to other websites. This Privacy Policy only applies to our Services. When visiting other websites, we recommend that you always consult the data protection provisions on the other websites.

We are not responsible for the content of websites to which you are directed via links from our Services, nor are we responsible for the content that is made available via these links. We therefore recommend that you read the privacy policy of these websites before using them. For referral to other websites, PLAY IT is only responsible if it has knowledge of the illegal or criminal content and it is technically possible to prevent the referral.

Contact us:

Controller:

PLAY IT
Nelson Mandelaplein 2, 8500 Kortrijk
+32 (0)56 59 12 88
privacy@playitsafe.eu
BE0671.574.550