Privacy Policy

GVE values the privacy of those who submit personal data to us.  This privacy policy (the « Privacy Policy ») describes how and why we collect, store and use personal data. It also provides useful information about the rights of individuals.

This Privacy Policy applies to personal data provided to us by both individuals and organisations. Personal data provided to us may be used for the purposes we describe in this Privacy Policy or for other purposes otherwise disclosed at the time of collection.

GVE owns and operates the platform MAYA and the website https://mayaglobal.io/.

1. The terms used in this Privacy Policy

In this document, we use the following terms:

• « Platform«  to refer to the Maya platform for which GVE is providing the services;
• « we », « us », and « our » (or any related terms) to refer to GVE Europe (registered with the CBE under number 0782.439.018);
• “Website” to refer to the website https://mayaglobal.io/;
• « you » and « your » (or any related terms) refer to the users of the Platform or the visitors of the Website.

Other terms such as « personal data », « processing », « data controller » and « supervisory authority » shall be understood in accordance with the applicable data protection laws (in particular the General Data Protection Regulation (EU) 2016/679).

2. Who is the controller of your personal data?

SRL GVE Europe (BCE/KBO 0782.439.018) is responsible for processing your personal data. You will find our contact details at the end of this document.

3. What data do we collect and process?

We collect and process the following personal data from you:

• Identity and Contact Data, including your name, e-mail address and telephone number;
• Technical Data, including information collected during your visits to the Platform, the Internet Protocol (IP) address, login data, location and cookies;
• Profile and Usage Data, including your preferences in receiving marketing information from us, your communication preferences and information about how you use our services.

If you provide us with information about a third party, you must ensure that the third party is aware of how the data will be used and has authorised you to disclose it to us for use (this authorisation also applies to our outsourced service providers). If we need personal data from people related to you to respond to your request, we ask that you bring this document to their attention.

4. How do we collect your personal data?

The circumstances in which we may collect personal data about you are as follows:

• when you subscribe to our Platform;
• when you use any of the services of the Platform;
• When you communicate with us by phone, in writing, by e-mail or via other electronic means;
• When sign up to receive information from us;
• When you browse, fill out a form, make a request or interact on the Website.

 5. How, and on what basis, do we use your personal data?

We endeavour to process your personal data as appropriately as possible, limiting its use to what we deem reasonably necessary, for the following purposes and on the following legal bases:

• The processing is necessary for the performance of the services contract you are party to, in order to grant your access to the Platform, to provide our services, support and maintenance services and to collect the fees for the access to the Platform;

• Where you have given consent to the processing of your personal data, for example to communicate with you to keep you up-to-date on the latest developments, announcements, and other information about our services, events and initiatives (including briefings, newsletters and other information);

• The processing is necessary for the pursuit of our legitimate interests:

• • to ensure our network and information security and prevent or detect security threats, frauds or other criminal or malicious activities;
  • to exercise or defend our legal rights or to comply with court orders.

6. Who else but us may have access to your personal data?

In certain circumstances, we may share your personal data with third parties (such as our subcontractors like WordPress, Odoo, Google Analytics or Google Maps). We will only do this if we are legally permitted to do so.

When you provide us with personal data, we assume that, unless you request otherwise in writing, we may disclose it when we believe it is reasonably necessary for the performance of our duties (as set out in this Privacy Policy) or when required by applicable law.

7. Transfers of information within the European Economic Area

When we transfer your personal data to foreign countries, we protect it in accordance with this Privacy Policy.

In any case, we will not transfer your data outside the European Economic Area (« EEA ») without your consent.

8. Security of your personal data

We have implemented appropriate security measures to prevent the loss, unauthorised use/access, modification or disclosure of your personal data. We concluded strict confidentiality agreements (including our data protection obligations) with our external service providers.

We have also developed procedures for dealing with any breach of personal data and will notify you and the relevant authorities when we are legally required to do so.

9. Your rights

You have the following rights in relation to our use of your personal data:

• Right of access: The right of access allows you to obtain a copy of your personal data. This allows you to understand how and why we use it and to check that we do so in accordance with the legal framework. There are, however, certain exceptions to this right, which allow us to deny you access to the data provided. This is particularly the case if you have provided us with personal data relating to a third party, or if we are prohibited by law from disclosing this information.
• Right of rectification: If any of your personal data is incorrect, you have the right to request rectification. It is also possible for you to fill in the missing data. You are invited to contact us using the contact details below, so that we can update your personal data if it is incorrect or if it has been changed. We will not be liable for any loss if you have provided us with inaccurate, false, incomplete or truncated personal data.
• Right to erasure: You may request the erasure of your personal data. This right is not absolute (e.g. legal obligations may require us to retain your data) and only applies in certain circumstances (e.g. where your personal data has been collected unlawfully).
• Right to restrict: In certain circumstances, you have the right to restrict the processing of your personal data. This means that, if you have a specific reason for the restriction, you can limit our use of that data. This may be the case if you have concerns about the information we hold or how we process it.
• Right to portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format. This right to data portability only applies when our lawful basis for processing this information is consent or for the performance of a contract and we are carrying out the processing by automated means (i.e. excluding paper files).
• Right to object: You have an absolute right to object to the processing of your personal data for direct marketing campaigns. In other specific circumstances, you also have the right to object to the processing of your personal data by asking us to block, delete and restrict access to it.
• Automated individual decision making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. The right is not absolute and only applies in certain circumstances. You will be specifically informed if we make such automated individual decision. 
• Complaints: In the event of a dispute concerning your privacy, we undertake to make every effort to find an amicable solution with you. If, however, you feel that we have been unable to do so, you may lodge a complaint with the competent supervisory authority either in your country of habitual residence, or in the country where you carry out your profession, or in the country where you suspect that a violation of data protection laws has occurred (for Belgium see www.dataprotectionauthority.be and for other countries click here [INSERT: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm ). You also have the right to bring an action before the courts.

You may, at any time, exercise any of the rights listed above, by contacting us via the contact details at the end of this document. In case of doubt, we may ask for a copy of your identity card, passport or any other valid document that can confirm your identity.

10. Withdrawal of consent

When personal data is processed on the basis of your consent, you may withdraw consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.

In the event that you no longer want to receive any marketing communications from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact us using the contact details provided below. Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our legal services. 

11. How long do we keep your personal data?

We limit the retention of your personal data to the period necessary to fulfil the purposes for which it was collected, including to meet legal and accounting requirements and, where applicable, to defend our interests in legal proceedings, until such proceedings have been concluded.

At the end of the applicable retention period, we will destroy your personal data, securely and in accordance with applicable laws and regulations.