This privacy policy aims to inform you about how Ontoforce and its affiliates (“we”, “us”, “our”, or “Ontoforce”) collect and process personal data via its DISQOVER-platform , this is the application, developed and maintained by Ontoforce, which aims at offering you a tool to provide insights on science research data, implementing innovative data integration and interactive search, and through which you can access related content (the “Platform”).
You are typically a Platform-user (“you”, “your”) that uses the Platform:
Ontoforce respects your privacy and is committed to protecting your personal data in accordance with the applicable Belgian and European data protection legislation (including the General Data Protection Regulation (“GDPR”)).
Please read this privacy policy carefully. It describes not only your rights, but also the way in which you can exercise them. By using or accessing our Platform, disclosing your personal data, or accepting this privacy policy, you acknowledge the manner in which Ontoforce collects and processes your personal data as described in this privacy policy.
“Ontoforce” refers to Ontoforce NV, having its registered office at Moutstraat 108, 9000 Gent, Belgium and with company number 0836.138.020.
This privacy policy describes our data processing activities as data controller or data processor (as applicable). Under the GDPR, data controllers are the main decision-makers: they exercise overall control over the purposes and means of the processing of personal data. Data processors act on behalf of, and only on the lawful instructions of, the relevant data controller.
Ontoforce has appointed a data protection officer, whom you can contact by email (DPO@ontoforce.com) for questions about this privacy policy, your privacy and the processing of your personal data.
ONTOFORCE processes different types of personal data; this depends on the functionalities you use on our Platform and on the personal data you share with us.
In general, if we process your personal data, it will be personal data of one of the following categories:
- Identification and contact details (such as your name, email address, job title and company for which you work);
- Login details (such as your username and password);
- Account details (such as language preference and information submitted to personalize your account);
- Usage information (such as information related or generated by your use of the Platform (such as, history, date, time, frequency, duration of the pages you have viewed);
- Technical information (such as, your IP- address and user-ID); and
- Feedback or data you choose to provide us within the Platform.
Your personal data originates from you directly or is automatically collected by us (in case of technical information), or provided to us by your employer.
General
Depending on your use of the Platform, Ontoforce processes personal data for the purposes specified in this section 4 (if and to the extent applicable to your situation). Please note that our Platform may evolve and more functionalities may be added from time to time. In such event, we will update the below table as necessary
For certain processing purposes, Ontoforce requires your consent. The consent you give is always free and you have the right to withdraw it at any time. You can withdraw your consent by sending an email to: DPO@ontoforce.com. Your withdrawal of consent does not affect the processing of personal data prior to such withdrawal or our processing activities which are based on any other legal basis.
Purpose |
Type of personal data |
Legal basis |
Retention period |
To create your user account and to ensure that you can log in, access and use the Platform via your user account. |
Identification and contact details Login details Technical information Account details
|
Performance of a contract |
As long as necessary for the performance of the agreement concluded between you or the organization pursuant to which you have access to the Platform (e.g. your employer, principal, etc.) on the one hand and Ontoforce on the other hand; Your identification and contact details will in any event be deleted no later than 10 years after termination of said agreement. Account details will, in any event, be deleted as soon as you withdraw your consent. |
To manage and respond to your contact and support requests via the Platform |
Identification and contact details Feedback you choose to provide us |
Performance of a contract |
As long as necessary for the performance of the agreement concluded between you or the organization pursuant to which you have access to the Platform (e.g. your employer, principal, etc.) on the one hand and Ontoforce on the other hand; Your identification and contact details will in any event be deleted no later than 10 years after termination of said agreement. Account details will, in any event, be deleted as soon as you withdraw your consent. |
To improve the Platform and tailor it to your use and to gather technical, analytical and statistical insights (including to review your feedback and improve your user experience). |
Usage information Feedback you choose to provide us Identification and contact details Technical information |
Consent |
The retention period varies from as long as the duration of a Platform visit, to as long as your consent is not withdrawn (as applicable). Technical information, will, in any event, be deleted or pseudonymized (i) upon your withdrawal of consent; and (ii) no later than 10 years after the collection of the data. |
To comply with our legal obligations (including to respond to data subject requests) |
Identification and contact details Any additional information you provide us |
Legal obligation |
Up to ten 10 years after the expiry or termination of our client relationship; or As long as required by law. |
To execute our business administration (such as to manage our relationship and address potential complaints) |
Identification and contact details Any additional information you provide us |
Legitimate interest |
Up to ten 10 years after the expiry or termination of our client relationship; or As long as necessary for Ontoforce’s legitimate interest(s). |
For more information, we refer to the ‘Data Processing Register’ of ONTOFORCE or you can always send an email to: dpo@ontoforce.com.
If you disclose any personal data of third parties to us, you guarantee that you have informed those third parties and you have received all necessary consents to communicate the third parties’ personal data to Ontoforce.
Our Platform uses cookies and similar technologies. For more information, we refer to our cookie policy.
Ontoforce may share your personal data, as required for the purposes set forth in section 4, with:
- third party service providers (such as IT service providers, security providers, payment procurement providers, communication and other software providers or hosting providers);
- professional advisers (such as lawyers or auditors); and
- third parties to whom we intend or choose to sell, transfer or merge (parts of) our shares, business or assets.
Upon request, Ontoforce shall, as soon as possible after the request, inform you of the third parties with whom your personal data have been shared by providing you a more detailed list.
In addition, we may disclose your personal data if this is required by law, or if we determine in good faith that such disclosure is required in order to comply with any pending judicial inquiry, judicial order or litigation and/or to safeguard our rights.
Processors and sub-processors of Ontoforce always act under the responsibility of Ontoforce. If Ontoforce engages processors or sub-processors, this will always be done in accordance with a data processing agreement that meets the requirements of the GDPR. We require all our processors or sub-processors to take appropriate technical and organizational (including security) measures to protect your personal data. In the event we disclose your personal data as described above, we will implement appropriate safeguards to ensure the integrity and confidentiality of your personal data.
Your personal data will only be viewed and made available to processors, sub-processors, employees and other third parties on a “need-to-know” basis, limited to the extent necessary to perform their services.
In principle, Ontoforce does not transfer your personal data to third countries located outside the European Economic Area ("EEA"), unless you are located outside the EEA and visit our Platform from outside the EEA, and to its affiliates. It is also possible that Ontoforce through its (sub-)processors transfers your personal data to countries outside the EEA. In this event, Ontoforce will only transfer your personal data outside the EEA in accordance with the applicable data protection legislation and subject to appropriate safeguards.
Please contact us if you want further information on the specific mechanism(s) used by us when transferring personal data out of the EEA.
Ontoforce is committed to trying to make sure that your personal data is secure and makes all reasonable and appropriate efforts to protect your personal data. We have implemented appropriate technical and organizational measures, safeguards and assurances to process your personal data in accordance with the GDPR, in particular to protect your personal data against loss, misuse, or unauthorized alteration or destruction.
Please contact us if you would like more information on the specific measures taken.
Despite the above measures taken by us, you should be aware that there are always risks associated with sending personal data over the internet. The security and protection of your personal data can never be fully guaranteed, nor can we guarantee that unauthorized third parties will never be able to defeat those measures or use your personal data for improper purposes.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes determined in section 4 of this privacy policy, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you or the organization you work for.
For more information, we refer to the table above and the ‘Data Processing Register’ or you can always send an email to: dpo@ontoforce.com
Within the limits defined in Articles 15-22 of the GDPR, you have the following legal rights in relation to your personal data:
- Right of access: you have the right to obtain confirmation from us as to whether or not we are processing your personal data, to access that personal data and receive information on how and why it is being processed, as well as to receive a copy of that data.
- Right to rectification: you have the right to obtain a rectification of your personal data or to request that we complete your personal data when you become aware that we are processing incorrect or incomplete data about you.
- Right to erasure ('right to be forgotten'): you have the right to obtain erasure of your personal data in certain specific cases.
- Right to restriction: you have the right to have the processing of your personal data restricted in certain specific cases.
- Right to portability: you have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable form, and to transfer (have transferred) that personal data to another controller.
- Right to object: you have the right to object to the processing of your personal data on the basis of our legitimate interest for reasons relating to your specific situation.
You can exercise these rights by sending an e-mail to: DPO@ontoforce.com.
The exercise of these rights is in principle free of charge. Only in the event of unreasonable or repeated requests we may charge a reasonable administrative fee. Ontoforce will inform you of the applicable fee before charging it.
In your request, make sure to clearly specify which right you wish to exercise so we can help you as efficient as possible. Please note that in some case we may require you to give more information about yourself to ensure that we are dealing with the correct person.
If you contact us to exercise your rights we will respond within 1 month. Exceptionally this may take longer (up to 3 months), but then we will inform you within 1 month of the reasons why.
If and to the extent provided for in the applicable data protection legislation, you have the right to file a complaint with the competent supervisory authority if you consider that our processing of your personal data violates the applicable regulations. In Belgium the competent authority is the Data Protection Authority (“Gegevensbeschermingsautoriteit”):
www.gegevensbeschermingsautoriteit.be
Drukpersstraat 35, 1000 Brussels, Belgium
+32 (0)2 274 48 00
contact@apd-gba.be.
We would, however, appreciate the chance to deal with your concerns before you approach the authority, so please contact us in first instance.
Our Platform may contain links to third party websites and/or applications. Ontoforce is not responsible for the content of these websites and applications and is not responsible for the privacy standards and practices of such third parties. We recommend you to read the relevant privacy policies of these third parties and their websites before you accept their cookies and visit their website to ensure yourself that your personal data is sufficiently protected. Nonetheless, we seek to protect the integrity of our Website and Platform and welcome any feedback about these websites and/or applications.
If Ontoforce has legitimately transmitted your personal data to a third party (not being its (sub-)processor), Ontoforce shall not be liable for any unlawful processing or unlawful use by that third party.
Ontoforce is in any case only liable for the damage caused by the processing of personal data if it did not comply with its specific obligations under the GDPR and Ontoforce’s liability shall not exceed an amount equal to the amounts actually paid out by our insurer for the damage causing event. Ontoforce shall in no event be liable for any special, incidental, indirect or consequential losses or damages.
The foregoing exclusions and limitations shall only apply to the maximum extent permitted by applicable law.
Ontoforce may amend this privacy policy at all times. Any changes we may make to our privacy policy will be indicated on the Platform and when proportionate and in line with the significance of the changes, may be notified to you by e-mail or advised to you on your next Platform-visit. The date of the most recent version is shown. Please review Ontoforce’s privacy policy periodically to stay informed of changes that may affect you.
Amended versions of this privacy policy take effect ten (10) days after their publication on the Platform and/or other form of announcement and, if necessary, will always be submitted for approval, unless such modifications are necessary to comply with a legal requirement. In the latter case, such changes will take effect immediately.
This privacy policy shall be governed, interpreted, and implemented in accordance with Belgian laws.
The Ghent courts (department Ghent) are exclusively competent to decide on any dispute that may arise from the interpretation or implementation of this privacy policy, without prejudice to the consumer’s right to present a dispute before a competent court on the basis of a mandatory statutory provision.
Last updated: 31 March 2024