Naxai

Privacy Policy

Last update 02/05/2023

1. Introduction

The Ring Ring Company, a public limited company with registered office at Culliganlaan 2/F, 1831 Machelen, Belgium and registered in the Belgian Crossroads Bank for Enterprises under the number 0445.262.068 (hereinafter “RingRing”, “we” or “us”) values your privacy and is committed to protecting your personal data in accordance with applicable data protection and privacy laws.

This privacy policy applies to the personal data processed via all products, services and websites offered by RingRing in relation to NAXAI (the “NAXAI Privacy Policy”). We refer to these products, services and the website as the “Services”. Personal data is data that can be used to identify an individual person directly or indirectly.

Unless otherwise provided for in your contract, the Services are provided by RingRing inside of Europe on behalf of its customers. Generally RingRing is the data controller for Naxai. However if you are a Respondent and want to identify your data controller please see section 8 below “Who is your data controller?”.

2. To whom does this privacy policy apply to?
2.1 General

We refer to “you” a lot in this Naxai Privacy Policy. To better understand what information is most relevant to you, see the following useful definitions:

  • Customer: You hold an account on the Naxai Platform and you (and other administrators of your company or organisation) either directly send messages, create surveys, forms, applications, or questionnaires or you are collaborating on, commenting on, or reviewing surveys, forms, applications, or questionnaires within an account;
  • Respondent: You have received a text message or e-mail, a survey, form, application or questionnaire powered by RingRing from the Naxai platform;
  • Visitors: you are visiting the NAXAI website because you are curious, or you have heard about us from our marketing and sales channels. Below we will differentiate with visitors of our website and the application.

To create a transparent overview of the Data we process about you we will use the abovementioned definitions as categories.

2.2 Customers
2.2.1. Personal data we collect from our customers

We may collect the following personal data from you:

  • Contact Information: such as your first name, last name, email address or other addresses, time zone, language, company information and registration information you provide to us via the use of our Services, an interaction with us, or by any other means that allows us to communicate with you;
  • Usage information: we collect usage information about you whenever you use our Services. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, what you buy and so on;
  • Device and browser data: we collect information from the device and application you use to access our Services. Device data mainly means your IP address, operating system version, device type, device ID/MAC address, system and performance information, and browser type. If you are on a mobile device we also collect the UUID for that device;
  • Information from page tags: We use first party and third party cookies and tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by RingRing or by customers through our services also include page tags that allow the sender to collect information about who opened those emails and clicked on links in them. We provide more information on cookies in our Cookie Policy.
  • Log data: Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g. HTML pages, graphics, etc.), operating system versions, device type and timestamps.
2.2.2. When do we process your personal data? 

We may collect and process the following personal data that we received from you:

  • Account registration information: you need an account with RingRing before you can use our Services. Our Services are mainly directed to businesses (companies and other types of organizations) so when you register for an account, we collect certain information on your company or organization, such as the name of your company/organization, the company’s/organization’s registration number and its address. In this process we also collect the name, phone number, and email address of the legal representative(s) of the company/organization and of other users within the account (users within the account are also referred to as owner, administrator or collaborator, depending on their role).
  • Billing information: If you make a payment to RingRing, we require you to provide your billing details, a name, address, e-mail address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number).
  • Account settings: when you sign up for our Services you are asked to provide us with information about individuals within your company or organization who can act as an user (whether it be as owner, administrator or collaborator) within the account. The information we collect are: first name, last name, email address, role, time zone, language and phone number. Administrators can also manage various preferences and personal details on their account which may include a profile picture and communication preferences (e.g. opting in or out of receiving our newsletter or product information).

If you use our Services, we may also collect the following data on your behalf for certain Services:

  • Address book information: we may allow the customer to import email addresses and other contact information into an address book so the Customer can easily invite people to take the Customer’s surveys or fill in the Customer’s form via our collectors. We do not use this data for our own purposes or to contact anyone, except at your direction.
  • Survey/form/application data: we store your survey/form/application data (questions and responses) for your Respondents.
2.2.3. How we process your personal data and why?

We may collect and process the above personal data for the following purposes and based on the following legal grounds:

we need to fulfill our contractual responsibility to deliver the Services to you;

This is the case for your Account Registration Information, your Billing Information and your Account Settings to run your account, provide you with our Services, bill you for our Services, provide you with customer support and contact your about your account or our Services, and to send you key communications of a transactional nature related to service announcements, billing related matters, changes to our Services or policies, a welcome e-mail upon your first registration (communications of which you cannot opt-out).

we have a legitimate interest to do so; 

This is the case for (i) your Contact Information when we send you marketing information (for as long as you do not opt-out), (ii) your Device and browser data to Naxai.com (iii) your Log Data to app.naxai.com.

We may also need to disclose certain personal data for the following legal use purposes, namely to disclose it with competent authorities if we are obliged to do so by law or judicial process and to disclose it to legal counsels and/ or courts if we need to protect and defend our rights.

you have consented.

This is the case for (i) usage information and (ii) information from page tags based on the cookies and similar technologies on our website and platform.

2.2.4. Your rights

You may wish to exercise a right to obtain information about yourself or to correct, update or delete that information. Some of these rights may be subject to some exceptions or limitations in local law.

We will take reasonable steps to verify your identity and we will respond to your request to exercise these rights within a reasonable time (and in all cases within 30 days of receiving a request) subject to the below for specific categories of personal data.

  • You always have a right of access your personal data. This allows you to check what personal data we process about you and to get a copy of it;
  • You always have a right to rectify your personal data. This allows you to correct or complete incorrect or incomplete personal data that we process about you;
  • You have a right to erasure of your personal data. This allows you to permanently delete personal data that we process about you. We are not always obliged to delete your personal data at your request – this right only applies in the cases and to the extent provided for by law;
  • You have a right to restrict the processing of personal data relating to you. This allows you to freeze the use of your personal data by us, without deleting it. We are not always obliged to restrict your personal data at your request – this right only applies in the cases and to the extent provided for by law;
  • You have the right to object to the processing of your personal data in general. This allows you to oppose the further processing of your personal data. We are not always obliged to honour your objection – this right only applies when we process your personal data on the basis of our legitimate interest;
  • You always have the right to object to the processing of your personal data for direct marketing purposes (e.g. via clicking on the unsubscribe button);
  • You have the right to withdraw your consent at any time where the processing of your personal data is carried out on the basis of your consent;
  • You have the right to data portability. This allows you to transfer, copy or forward personal data easily from one data controller to another. This right can only be exercised if the processing is based on your consent or on an agreement we have with you.

    If you wish to exercise any of the rights mentioned above, please send your request to dpo@ringring.be.

    Other than your Data Protection Rights mentioned above, you also the right to lodge a compliant with a competent supervisory authority in Belgium (https://www.gegevensbeschermingsautoriteit.be), if you believe we have not handled your request appropriately.

    2.3. Respondent
    2.3.1. Personal data we collect from our Respondents

    We may collect the following personal data from you:

    • Contact Information: such as your first name, last name, email address, telephone number or other information you provide to us via the use of our Services, an interaction with us, or by any other means that allows us to communicate with you;
    • Other information: as the surveys sometimes contains open field, the information collected through these fields will be processed by us as well. We have no control on the information you provide us through these fields.
    • Cookies and other trackers:
      • Usage information: we collect usage information about you whenever you use our Services. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, what you buy and so on;
      • Device and browser data: we collect information from the device and application you use to access our Services. Device data mainly means your IP address, operating system version, device type, device ID/MAC address, system and performance information, and browser type. If you are on a mobile device we also collect the UUID for that device;
      • Information from page tags: We use first party and third party cookies and tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by RingRing or by customers through our services also include page tags that allow the sender to collect information about who opened those emails and clicked on links in them. We provide more information on cookies in our Cookie Policy.
      • Log data: Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g. HTML pages, graphics, etc.), operating system versions, device type and timestamps.
    2.3.2. When do we process your personal data?

    We may collect and process the following personal data that we received from you through:

    • Survey/form/application data: we store your survey/form/application data (questions and responses) from you for the Customer.
    • Cookies: when visiting our platform we use cookies. For more information see our Cookie policy.
    2.3.3. How we process your personal data and why?

    We may collect and process the above personal data for the following purposes and based on the following legal grounds:

    • we have a legitimate interest to do so;

    This is the case for (i) your Device and browser data to Naxai.com and subdomains (ii) your Log Data to app.naxai.com.

    We may also need to disclose certain personal data for the following legal use purposes, namely to disclose it with competent authorities if we are obliged to do so by law or judicial process and to disclose it to legal counsels and/ or courts if we need to protect and defend our rights.

    • you have consented.

    This is the case for (i) your Contact Information when we need to respond to your inquiry made via our website (or any other way) about our Services (e.g. your reach out to us regarding a survey you have received from your company or organization).

    2.3.4. Your rights

    If you are a Respondent, you will need to reach out directly to the company or organization, data controller, to exercise these rights. We are not in control of your response data and, accordingly, are not in a position to directly handle these requests in relation to your personal data. If you are having difficulties finding the Customer, you can contact us through dpo@ringring.be and we will try our best to help you.

    2.4. Visitors
    2.4.1. Personal data we collect from the Visitors of our website/platform

    We may collect the following personal data from you:

    • Contact Information: such as your first name, last name, email address, time zone, language, company information and registration information you provide to us via the use of our Services, an interaction with us, or by any other means that allows us to communicate with you;
    • Cookies and other trackers:
      • Usage information: we collect usage information about you whenever you use our Services. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, what you buy and so on;
      • Device and browser data: we collect information from the device and application you use to access our Services. Device data mainly means your IP address, operating system version, device type, device ID/MAC address, system and performance information, and browser type. If you are on a mobile device we also collect the UUID for that device;
      • Information from page tags: We use first party and third party cookies and tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by RingRing or by customers through our services also include page tags that allow the sender to collect information about who opened those emails and clicked on links in them. We provide more information on cookies in our  Cookie Policy.
      • Log data: Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g. HTML pages, graphics, etc.), operating system versions, device type and timestamps.
    2.4.2. When do we process your personal data?

    We may collect and process the following personal data that we received from you through:

    • Address book information: we may allow the customer to import email addresses and other contact information into an address book so the Customer can easily invite people to take the Customer’s surveys or fill in the Customer’s form via our collectors. We do not use this data for our own purposes or to contact anyone, except at your direction.
    • Cookies: when visiting our platform we use cookies. For more information see our Cookie policy.
    2.4.3. How we process your personal data and why

    We may collect and process the above personal data for the following purposes and based on the following legal grounds:

    • we have a legitimate interest to do so;

    This is the case for (i) your Device and browser data to Naxai.com and subdomains (ii) your Log Data to app.naxai.com.

    We may also need to disclose certain personal data for the following legal use purposes, namely to disclose it with competent authorities if we are obliged to do so by law or judicial process and to disclose it to legal counsels and/ or courts if we need to protect and defend our rights.

    • you have consented.

    This is the case for (i) your Contact Information when we need to respond to your inquiry made via our website (or any other way) about our Services, (ii) usage information and (iii) information from page tags based on the cookies and similar technologies on our website and platform.

    2.4.4. Your rights

    You may wish to exercise a right to obtain information about yourself or to correct, update or delete that information. Some of these rights may be subject to some exceptions or limitations in local law.

    We will take reasonable steps to verify your identity and we will respond to your request to exercise these rights within a reasonable time (and in all cases within 30 days of receiving a request) subject to the below for specific categories of personal data.

    • You always have a right of access your personal data. This allows you to check what personal data we process about you and to get a copy of it;
    • You always have a right to rectify your personal data. This allows you to correct or complete incorrect or incomplete personal data that we process about you;
    • You have a right to erasure of your personal data. This allows you to permanently delete personal data that we process about you. We are not always obliged to delete your personal data at your request – this right only applies in the cases and to the extent provided for by law;
    • You have a right to restrict the processing of personal data relating to you. This allows you to freeze the use of your personal data by us, without deleting it. We are not always obliged to restrict your personal data at your request – this right only applies in the cases and to the extent provided for by law;
    • You have the right to object to the processing of your personal data in general. This allows you to oppose the further processing of your personal data. We are not always obliged to honour your objection – this right only applies when we process your personal data on the basis of our legitimate interest;
    • You always have the right to object to the processing of your personal data for direct marketing purposes (e.g. via clicking on the unsubscribe button);
    • You have the right to withdraw your consent at any time where the processing of your personal data is carried out on the basis of your consent;
    • You have the right to data portability. This allows you to transfer, copy or forward personal data easily from one data controller to another. This right can only be exercised if the processing is based on your consent or on an agreement we have with you.

    If you wish to exercise any of the rights mentioned above, please send your request to dpo@ringring.be.

    Other than your Data Protection Rights mentioned above, you also the right to lodge a compliant with a competent supervisory authority in Belgium (https://www.gegevensbeschermingsautoriteit.be), if you believe we have not handled your request appropriately.

    3. Do we share personal data with third parties?

    We only use the personal data we receive for the purposes described above. In that regard, we may need to share your personal data with third parties, so-called ‘recipients’:

    3.1 External service providers:

    We may use external service providers to provide or perform services and functions on our behalf. We may make personal data available to them solely to perform these services and functions. We have taken the necessary technical and organizational measures to ensure compliance with data protection provisions and also require external service providers to do so. You can access the list of sub-processors here.

    • Network operators and telecom providers to facilitate our Services by text or e-mail to Respondents.
    • Facilitate customers in making payments;
    • IT service providers (such as IBM);
    3.2 Authorities and justice system

    We may also make personal data concerning individuals available to public or judicial authorities, law enforcement personnel and agencies as required by law, including to meet national security or law enforcement requirements, and including to agencies and courts in the countries where we operate. Where permitted by law, we may also disclose such information to third parties (including legal counsel) when necessary for the establishment, exercise or defense of legal claims or to otherwise enforce our rights, protect our property or the rights, property or safety of others, or as needed to support external audit, compliance and corporate governance functions;

    3.3 Potential acquires of RingRing

    In the event of a sale, merger, liquidation, dissolution, or other, certain personal data may be disclosed to the party (and/or its legal counsels) acquiring all or part of the equity or assets of RingRing or its business operations. If this proves to be necessary, we will take the necessary precautions (e.g. need-to-know-basis only, enter into confidentiality agreements and apply other industry best practices) to protect your privacy at all times.

    4. Do we share personal data outside of the European Economic Area

    In principle, RingRing does not transfer your personal data to recipients in countries outside the European Economic Area. However, when the platform is used to relay a message to or receive feedback from a recipient in a country outside of the European Union, RingRing will ensure that if personal data is transferred to a recipient in a country not covered by a European Commission decision to provide an adequate level of protection, it will be subject to the provisions of a data transfer agreement, which will include (a) the standard contractual clauses issued by the European Commission, or (b) any other mechanism in accordance with the privacy legislation, or any other regulation relating to the processing of personal data.

    5. How long do we retain personal data

    We may retain your personal data no longer than necessary for the purposes for which they were collected or as required by applicable law.

    If you are a Customer, we generally do not delete the data in your account as long as your account is active in order to maintain and expand our relationship with you and in order to provide proof and evidence concerning our relationship with you. You are responsible for and control the time periods for which you retain this data.

    We also describe the expiry periods for cookies on our websites in our Cookie Policy.

    6. Data portability

    If you are a Customer, this means that you are also the data owner. It is completely your decision on where and with whom your data must reside. You can use our standard data export functionality to export the data. If this is not working, you can contact us to help you export the data.

    7. Security?

    We apply appropriate technical, physical and organizational measures that are reasonably designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful forms of processing. Access to personal data is restricted to authorized recipients on a need-to know basis. We maintain a comprehensive information security program that is proportionate to the risks associated with the processing. The program is continuously adapted to mitigate operational risks and to protect personal information, taking into account industry-accepted practices.

    8. Who is your data controller?

    The data controller determines the purpose and means of the processing of your personal data. You can determine your data controller based on the following:

    • If you are a user within the NAXAI platform, it is your company or organization who has provided us with your contact details (name, e-mail address and role within the NAXAI platform).
    • If you are an administrator or user within app.naxai.com. You can reach out to your organization in case of any questions or concerns.
    • If you are a Respondent, we have received your personal data via the company or organization that is contacting you by using our Services. That company or organization is your data controller, who you can reach out to if you wish to amend, delete or receive a copy of your personal data.
    • If you are a Visitor, we only receive the personal data that you have entered into our website or that we acquired with cookies in compliance with our Cookie Policy.

    9. Unsubscribe from our communication

    If you want to unsubscribe from our marketing communications, you can do so by clicking on the “Unsubscribe” link provided at the bottom of the emails, updating your communication preferences, or by sending an email to support@naxai.com

    Please note that Customers cannot unsubscribe from transactional emails which relate to their account or the Subscription Service.

    10. Unsubscribe from our customers' communication

    If you received a survey or mail sent from our platform, this action was initiated by our Customer who is solely responsible for their marketing mails and any communication. We cannot guarantee an unsubscribe link in their communications. If the link is not included and you are having difficulties finding the Customer, you can contact us through support@naxai.com and we will try our best to help you.

    11. Changes to this Privacy Policy

    We may update this Privacy Policy from time to time. In circumstances where a change will materially change the way in which we collect or use your personal data, we will send a notice of this change to all of our customers.

    12. Do you have any questions or a complaint or you want to exercise your rights?

    If you have any comments, questions, complaints or of you wish to exercise any of the rights mentioned above, please do not hesitate to contact us dpo@ringring.be.

    Other than your Data Protection Rights mentioned above, you also the right to lodge a compliant with a competent supervisory authority in Belgium (https://www.gegevensbeschermingsautoriteit.be), if you believe we have not handled your request appropriately.