Greenomy legals

Privacy Policy V1

This version is no longer applicable as of March 4, 2024. Please refer to the latest version of the Privacy Policy.

1. Preamble

Greenomy SRL (“Greenomy”, “we”, “our”, “us”) considers the safeguards of Personal Data of Users of its Services of paramount importance. For this reason Greenomy complies with the EU General Data Protection Regulation 2016/679 (“GDPR”).This Privacy Policy sets out how Greenomy will treat your Personal Data when using our Services.

2. Data controller

For the purpose of this Privacy Policy, Greenomy is the Data Controller of your Personal Data.

Name Greenomy SRL
Address Avenue Louise 54, 1050 Brussels, Belgium
Email privacy@greenomy.io

3. Employees, service providers and greenomy’s affiliates

We may disclose your Personal Data to some of our employees, ,our service providers and Greenomy’s Affiliate insofar as reasonably necessary for the purposes set out in this Privacy Policy.Greenomy has in place written agreements with each of its service providers that are compliant with GDPR. Nevertheless, Greenomy remains responsible for the processing of Personal Data within its Services.Except as provided in this Privacy Policy, we will not share your Personal Data to any third party.

4. Cookies

To find out more about how we use cookies, please see our Cookies Policy.

5. Book a demo privacy

5.1. Personal Data we collect

If you book a demo with Greenomy via our Website, the below Personal Data that you submit to us will be forwarded to Calendly, a third-party that provides calendar services.

Personal Data Source
First name and last name, email address Submitted by User when requesting a demo of our Services via the "Book a Demo" page of our Website. .

5.2. How we use your Personal Data and on which legal basis

We use your Personal Data to communicate effectively with you, conduct our business and respond to your demo requests (Article 6.1.(b) and 6.1.(f) GDPR).

5.3. How long we store your Personal Data

Your Personal Data will be stored within Calendly's database and in our internal computer systems for as long as you are still interested in a Greenomy demo.

6. Newsletter & Privacy

6.1. Personal Data we collect

Personal Data Source
Email address Submitted by Users when subscribing to our newsletter via our Website.

6.2. How we use your Personal Data and on what legal basis

We use your email address for the sole purpose of sending you the newsletter. The processing of the Personal Data entered into the newsletter subscription form occurs exclusively on the basis of your consent (Art. 6.1.(a) GDPR). You may revoke this consent at any time, by clicking on the “Unsubscribe” link in the newsletter.

6.3. How long we store your Personal Data

The Personal Data you submitted for the purpose of subscribing to the newsletter will be stored by Greenomy until you unsubscribe from the newsletter, following which your Personal Data will be deleted from the newsletter distribution list.

7. Platform privacy

7.1. Personal Data we collect

Personal Data Source
First name and last name, professional email address Submitted by Users when creating a User Account on our Platform
Any Personal Data as may be present in documents uploaded by Users on our Platform Submitted by Users when uploading documents containing such Personal Data on our Platform

7.2. How we use your Personal Data and on what legal basis

a. Create and manage your account to use the Services
By accepting to use the Services, you and your end customers are entering into a business relationship with Greenomy. We process required Personal Data to perform our contractual obligations toward you and your end customers. This includes: setting up User Account and providing important information related to the Services (Article 6.1.(b) GDPR).

b. Customer Support
We process your Personal Data to administer our customer relationship with the company you represent, including managing your user account, providing customer support, and documenting support matters (Article 6.1.(b) GDPR).

c. Prevent fraud and protect our Services
We have a legitimate interest in ensuring the ongoing security and proper operation of our Services and associated IT services and networks by enabling secure logins (Article 6.1.(f) GDPR).

d. Send communications to you
We have a legitimate interest in providing you with updates on our Services and related offers where you have purchased or shown interest in similar services from us (Article 6.1.(f) GDPR).

e. General aggregation of Personal Data
We have a legitimate interest in creating aggregate data sets for benchmarking purposes as an additional service to Users (Article 6.1.(f) GDPR). These data sets do not allow (directly or by inference) the re-identification of any data subject as the source of such data.

7.3. How long we store your Personal Data

We will keep your Personal Data for as long as we have a contractual relationship with you. Afterwards, we will retain your Personal Data to comply with our legal obligations and unless you request the deletion of your Personal Data.

8. Greenomy academy privacy

8.1. Personal Data we collect

Personal Data Source
First name and last name, professional email address Submitted by Users when creating a User Account on the Greenomy Academy.

8.2. How we use your Personal Data and on what legal basis

a. Providing courses
We use your Personal Data to enable you to navigate the Greenomy Academy, to enrol and participate in courses and programs on the Greenomy Academy, to learn effectively in such courses and programs, to obtain products and services on the Greenomy Academy such as certificates. We offer products and services on the basis that it is necessary to fulfil our contractual obligations to you under the Terms of Use (Art. 6.1.(b) GDPR).

b. Communicating with you
We use information we collect to communicate with you, including answering your course and platform questions and notifying you of course and Greenomy Academy maintenance and updates. We do this on the basis of our legitimate interests in keeping learners up to date about our courses and responding to learner questions (Art. 6.1.(f) GDPR).

8.3. How long we store your Personal Data

We will retain your Personal Data for as long as your account is active or as needed for the Greenomy Academyor to comply with our legal obligations, resolve disputes, enforce our agreements, and as otherwise permitted by applicable law.

9. Webinar Privacy

9.1. Webinar Software

Our Webinars are hosted by the platform LiveStorm, a company incorporated under the laws of France, with registered seat at 60, rue François 1er 75008 Paris France. You can find their privacy policy here: https://livestorm.co/privacy-policy.

9.2. Personal Data we collect

Personal Data Source
First name, last name, email address Submitted by you on our Website

9.3. Session’s recording

Greenomy may record the Webinar with a view to publish it on the Platform and the Website to allow its customers to watch the event online. If that is the case, this will be mentioned on the Webinar invitation.We may record the Webinar solely for the purpose of making it available for invitees who would like to replay it or could not attend it. If the Webinar is recorded, we will inform you and take measures to keep the participants list anonymous. If the Webinar is recorded for further publication, we will make it clear in the invitation.

9.4. How we use your Personal Data and on what legal basis

a. Participation in to Webinars
We use your Personal Data to manage the attendance to our Webinar and keep you updated about them. This includes sending you notifications before the Webinars take place so that you can participate in them (Article 6.1.(b) GDPR).

b. CommunicationIf the Webinar is held in the framework of a Pilot, we use your Personal Data to communicate to the bank which is inviting your company to the Pilot the contact details of all those included in the list of registrants, subject to your explicit consent (Article 6.1.(a) GDPR).In addition, we use your Personal Data to communicate the name of participants to Greenomy’s Affiliates, subject to your informed consent (Article 6.1.(a) GDPR).

c. Promotion
We may use your Personal Data to contact you for sharing information about Greenomy products and services subject to your informed consent ((Article 6.1.(f) GDPR). Additionally, we may use your Personal Data to inform you of similar future Webinars or to send surveys about Webinars (Article 6.1.(f) GDPR).

9.5. How do we share your Personal Data and with whom

Subject to consent as explained above, access to your Personal Data is also granted to Greenomy’s Affiliates and the bank which is inviting your company to the Pilot as the case may be.

9.6. How long we store your Personal Data

We will retain your Personal Data for as long as your account is active or as needed to comply with our legal obligations, resolve disputes, enforce our agreements, and as otherwise permitted by applicable law.

10. Careers Privacy

In order to see which Personal Data we collect in our recruitment process, how we use your Personal Data, on what legal basis, and for how long we store your Personal Data, please visit: https://careers.greenomy.io/cookie-policy

11. Your Rights Over Your Personal Data

11.1. Your rights

You have the following rights regarding your Personal Data:
a. To know how we are processing your Personal Data and to access to your Personal Data held by Greenomy (DSAR-01);
b. To request the rectification of inaccurate or incomplete Personal Data (DSAR-02);
c. To request the erasure of your Personal Data when, among others, such data is no longer necessary for the initial purposes for which it was initially collected, in accordance with applicable law (DSAR-03);
d. To restrict our processing of your Personal Data, under certain circumstances (in which case we will only retain the Personal Data for the exercise and/or defence of Greenomy's rights) (DSAR-04);
e. To request the portability of your Personal Data, which will allow you to obtain and reuse the personal data in a usable electronic format for your own purposes and across different services without hindrance to usability, including its transmission to another third party (DSAR-05);
f. To withdraw the consent you may have granted to a specific processing, at any time (DSAR-06)

11.2. How to exercise your rights

In order to exercise any of these rights, please send your Data Subject Access Request by email to privacy@greenomy.io specifying the code of your specific request.

11.3. Right to lodge a complaint with supervisory authority

In accordance with Article 77 GDPR you have the right to lodge a complaint with a supervisory authority, in particular in the European Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that Greenomy’s processing of your Personal Data infringes the GDPR.Please visit the website of your relevant supervisory authority for more information on how to submit such a complaint.

12. Security of Your Personal Data

Security is in our DNA and embedded in our people, processes, and technologies. We take reasonable technical and organisational precautions to preventthe loss, misuse or alteration of your Personal Data. We have implemented several management systems that attests of our security maturity:

-ISO 27001 Certified - Information Security Management System (ISMS)
-ISO 27701 Certified - Privacy Information Management System (PIMS)
-SOC 2 Type 1 (expected Q2 2023) - Attestation of controls designed and implemented

13. Third-party Websites

The Website and the Greenomy Academy may contain links to third party websites. Greenomy is not responsible for the privacy policies or practices of third party websites, so you should pay attention anytime you are redirected to a third-party website and be sure to review its privacy policy.

14. Subprocessors

11.3. Right to lodge a complaint with supervisory authority

Greenomy uses various subprocessors to assist in the delivery of the Services. These sub-processors may process your personal data if you use our Services.

Entity Service Address Purpose Location of Personal Data
Calendly LCC Book a demo 115 E Main St., Ste A1BBuford, GA 30518 USA Calendar Scheduling United States
SFDC Ireland Limited (Salesforce) Newsletter Level 1, Block A, Nova Atria North, Sandyford Business District, Dublin
18, Ireland
Marketing Automation by Salesforce (Pardot) European Union
Amazon Web Services EMEA SARL Platform 38 avenue John F. Kennedy, L-1855 Luxembourg Cloud Infrastructure Hosting European Union
MongoDB Platform Building 2 Number One Ballsbridge, Shelbourne Rd, Ballsbridge, Dublin 4, D04 Y3X9, Ireland Platform’s database European Union
Mailjet SAS Platform Rue Jules Lefebvre 4 75009 Paris France Automatic email distribution European Union
Crisp IM SARL Platform 2 Boulevard de Launay, 44100 Nantes, France Live Chat of the Platform Germany and the Netherlands
M4KE.IT SPRL Platform and Website Rue Lambert-Lomb ard 5 4000 Liège Belgium IT Development Belgium and Germany
Learnworlds Greenomy Academy Gladstonos 120, Foloune Building, 2nd Floor, B1, Limassol, 3032, Cyprus Online Training facilitation European Union
LiveStorm SAS Webinar 60 rue François 1er, 75008 Paris, France Webinar Software European Union
TeamTailor AB Greenomy Career Östgötagata 16, 116-21 Stockholm, Sweden Applicant tracking software European Union
Allbound, Inc. Platform 3411 Pierce Dr, Chamblee, GA 30341, United States Partner Management System United States

14.2. Infrastructure subprocessor: Service Data Storage

Greenomy uses Amazon Web Services EMEA SARL for cloud hosting services as a logical service. Greenomy has completed a review of the AWS Compliance Program to understand the robust controls in place at AWS to maintain security and compliance of the cloud. By tying together governance-focused, audit-friendly service features with applicable compliance or audit standards, AWS Compliance Enablers build on traditional programs, helping Greenomy operate in an AWS security control environment.AWS has certification for compliance with ISO/IEC 27001:2013, 27017:2015, 27018:2019, 27701:2019, 22301:2019, 9001:2015, and CSA STAR CCM v4.0AWS System and Organization Controls (SOC) Reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. The purpose of these reports is to help understand the AWS controls established to support operations and compliance. There are five AWS SOC Reports:

- AWS SOC 1 Report,
- AWS SOC 2 Security, Availability Confidentiality Report,
- AWS SOC 2 Privacy Type II Report,
- AWS SOC 3 Security, Availability Confidentiality Report, publicly available as a whitepaper.

15. Contact

If you have any questions about this Privacy Policy or our treatment of your Personal Data, please write to our Data Protection Officer (“DPO”) by email or by post to the following address:
Data Protection Officer
Greenomy SRL
Avenue Louise 54 - 1050 Brussels, Belgium
privacy@greenomy.io

16. Modification of the Privacy Policy

We may update this Privacy Policy from time-to-time by posting a new version on our Website. All changes are effective immediately upon communication. We encourage you to occasionally check this page to ensure you are happy with any changes to the Privacy Policy.Material modifications will be subject to notification by Greenomy by Website notice, email or any other form of communication.

17. Definitions

Any capitalised term used herein will have the meaning ascribed to it under this Section.

Term Definition
Greenomy’s Affiliate Any person, corporation, or other entity which, directly or indirectly, controls, is controlled by or is under common Control with Greenomy at any point in time.
GDPR Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Greenomy Greenomy SRL, a limited liability company, incorporated under the laws of Belgium, having its registered office and principal place of business at Avenue Louise 54, 1050 Brussels, Belgium.
Greenomy Academy Greenomy educational platform: https://academy.greenomy.io
Greenomy Career Greenomy recruitment portal: https://careers.greenomy.io.
Personal data Information relating to an identified or identifiable natural person pursuant to the GDPR.
Pilot The short-term subscription to the Platform by a bank inviting you for the purpose of evaluating the fitness of the Platform and Greenomy’s Services.
Platform All-inclusive reference to the software developed by Greenomy, including: the Portals, APIs and any integration or add-on functionalities.
Services An all-inclusive reference to the Services provided by Greenomy, including: Website, Greenomy Academy, Platform, Webinar, etc.
Trust Portal Greenomy trust platform: https://.trustportal.greenomy.io.
User The individual using our Services. The User corresponds to the subject of Personal Data.
Website Greenomy website: https://greenomy.io.
Webinar Greenomy webinars.

greenomy

Book your demo and accelerate your green transition today

wave 2