Privacy statement.

Privacy Policy 

This website and these services are offered by GoodHabitz B.V., established in the Netherlands, Germany, the United Kingdom, Belgium, France, Spain, Italy, Switzerland, Austria, Portugal and registered with the Chamber of Commerce under number 17217883. Where reference is made in this privacy policy to 'we', 'us' or 'GoodHabitz' this refers to GoodHabitz B.V. and its companies. GoodHabitz is responsible for the way in which it organises its online learning environment and adapts its services accordingly.

These services include:

• The delivery of online learning materials
• Delivering innovations
• Providing customer support
• Activities related to marketing and Sales

When purchasing our services, your employer is responsible for the personal data that we process within this framework. Your employer decides, for instance, which employees get access to the online learning materials. In addition, your employer receives reports on the use of our service within your organisation. If you would like to know more about the way in which your employer handles your personal data, please ask your employer. In this privacy policy, we provide information about what we do with your personal data.

You may be using a demo account, which you have requested yourself through our website, or have been offered by a GoodHabitz employee. In this case, the privacy policy applies in full and you are responsible for the sharing of your personal data with GoodHabitz yourself.

Purpose of the data

Processing GoodHabitz aims to get and keep everyone learning! We respect your privacy as a user and ensure that the personal data you share with us is treated confidentially. Personal data will only be processed in accordance with the requirements of the General Data Protection Regulation (GDPR). We may process this data to the extent required to put into practice an agreement with your employer that gives you, as a user, access to the GoodHabitz learning environment.

Your personal data will be processed by us within the framework of our services (see above) in order to:

• be able to perform these optimally
• be able to adapt these to your personal preferences
• continue to develop and improve them

We may also use your personal data to send you a newsletter, to inform you about our services. You can unsubscribe from this newsletter via the link at the bottom of the e-mail. In order to optimise our services, we like to ask you for your opinion. We will never force you to do so. For example, if you decide to take part in our evaluations, we will be able to better tailor our services to your personal preferences. Personal data Depending on the course delivery method chosen by your employer, we require no more than the following personal data when granting you access to our online learning platform:

• Name
• E-mail address
• Password (encrypted)
• IP address
• UserID (provided by customer) 

An invitation e-mail will be sent by your employer via [email protected] It contains a link to activate your account. We will encrypt your password and store it on our system. We will use your e-mail address as an identifier when logging into our website.

Your employer can also choose to register your account with us in a different way. We offer various linking techniques for this, which do not necessarily require you to share your email address with us. In that case, identification takes place on the basis of a UserID. You can ask your employer if and which data is being shared with us.

Usage data

If you have access to our online learning resources, we will, depending on your use, also process the following:

• Information about your learning process, which can be subdivided into:
  • Activities
    • Duration
    • Progress
    • Result
    • Your rating
  • Web sessions
    • Log times
    • Browser
    • Operating System

Access to your data

A limited number of employees within GoodHabitz are authorised to access your personal data. Access is based on roles, responsibilities and a need to know basis. These employees are bound to secrecy by their employment contract. No employee has access to your password.

Your employer can apply internally for the role of 'Reporter' to be assigned to different people. These people will also have access to your data about the learning process. You can ask your employer who these people are.

Retention periods

All your data will be kept safe by us. Your personal data is stored for at least as long as your employer is our client. Unless otherwise agreed, all personal data known to us will be irrevocably deleted 12 months after termination of the contract.

Rights of data subjects

You can exercise your right of access through your account settings, where you can download all of your personal data that we store by simply clicking a button. In addition, individual users always have the right to be forgotten, which can also be exercised through your account settings. Exercising this right irrevocably removes all of your personal data from our systems. If you want to exercise any of these rights but are unable to login (because the contract has been terminated, for instance), please contact our customer support team at [email protected] You can contact them at any time if you want access to your data, or if you want to have your data rectified.

Suppliers

GoodHabitz places high demands on its suppliers. Needless to say, we have made agreements about the way in which suppliers should handle your data. They may never use your data for their own purposes. We have marked the suppliers who process your personal data on our behalf as subprocessors. We have entered into data processing agreements with these parties.

General services suppliers

Within the framework of our services we use the following parties who may come into contact with your personal data:

• Microsoft Azure
• Copernica (SMTPeter)
• Bouncer

Below we indicate for each party what they are used for and what personal data we share with them for that purpose.

Microsoft Azure

Microsoft Azure is our cloud service provider. We store and process your personal data and usage data within the European Union. Relevant compliance offerings: ISO/IEC 27001 (Information security), ISO/IEC 27701 (international privacy standard), ISO/IEC 27018 (privacy in the cloud), SOC framework.

Copernica (SMTPeter):

• Sending newsletters and other e-mails (e.g., the activation e-mail, password reset, etc.).
• The compilation of statistics to gain insight into the results and effectiveness of our e-mails, solely for the benefit of (and perusal by) GoodHabitz.

Only your name and e-mail address will be exchanged with this party, never your password or information about your learning process.

Bouncer:

• To check if an e-mail address provided to us is an existing e-mail address.

Only your name and e-mail address will be exchanged with this party, never your password or information about your learning process.

Data security

GoodHabitz is ISO 27001 certified. This certification is a formal confirmation that we at GoodHabitz attach great importance to the protection of (personal) data. You can read more about this on our website.

Finally

We reserve the right to change this privacy policy. The most recent privacy policy is always available on our website, you can find it in the footer. The effective date is at the top of this document.

If you have a complaint about the way in which we process your personal data, please get in touch with our security department ([email protected]), so that we can deal with your complaint. If you are not satisfied with the way we handle your complaint, you can contact the Dutch Data Protection Authority [Autoriteit Persoonsgegevens].

Contact details

GoodHabitz B.V.

Willemstraat 1 5611 HA

Eindhoven

[email protected]

+31 (0)40 - 2 444 850

www.goodhabitz.com

To contact our Data Protection Officer directly please send an e-mail to: [email protected]