Privacy policy

1. Preamble

Greenomy SRL (“Greenomy”, “we”, “our”, “us”) considers the safeguards of Personal Data of Users of its Services of paramount importance. For this reason Greenomy complies with the EU General Data Protection Regulation 2016/679 (“GDPR”).
This Privacy Policy sets out how Greenomy will treat your Personal Data when using our Services

2. Data controller

For the purpose of this Privacy Policy, Greenomy is the Data Controller of your Personal Data.

Name	Greenomy SRL
Address	Avenue Louise 54, 1050 Brussels, Belgium
Email	privacy@greenomy.io

3. Employees, service providers and greenomy’s affiliates

Greenomy has in place written agreements with each of its service providers that are compliant with GDPR. Nevertheless, Greenomy remains responsible for the processing of Personal Data within its Services.
‍
Except as provided in this Privacy Policy, we will not share your Personal Data to any third party

4. Cookies

To find out more about how we use cookies, please see our Cookies Policy.

5. Book a demo privacy

5.1. Personal Data we collect

If you book a demo with Greenomy via our Website, the below Personal Data that you submit to us will be forwarded to Calendly, a third-party that provides calendar services.

Personal Data	Source
First name and last name, email address	Submitted by User when requesting a demo of our Services via the "Book a Demo" page of our Website. .

5.2. How we use your Personal Data and on which legal basis

We use your Personal Data to communicate effectively with you, conduct our business and respond to your demo requests (Article 6.1.(b) and 6.1.(f) GDPR).

5.3. How long we store your Personal Data

Your Personal Data will be stored within Calendly's database and in our internal computer systems for as long as you are still interested in a Greenomy demo.

6. Newsletter & Privacy

6.1. Personal Data we collect

Personal Data	Source
Email address	Submitted by Users when subscribing to our newsletter via our Website.

6.2. How we use your Personal Data and on what legal basis

We use your email address for the sole purpose of sending you the newsletter. The processing of the Personal Data entered into the newsletter subscription form occurs exclusively on the basis of your consent (Art. 6.1.(a) GDPR). You may revoke this consent at any time, by clicking on the “Unsubscribe” link in the newsletter.

6.3. How long we store your Personal Data

The Personal Data you submitted for the purpose of subscribing to the newsletter will be stored by Greenomy until you unsubscribe from the newsletter, following which your Personal Data will be deleted from the newsletter distribution list.

7. Platform privacy

7.1. Personal Data we collect

Personal Data	Source
First name and last name, professional email address	Submitted by Users when creating a User Account on our Platform

7.2. How we use your Personal Data and on what legal basis

a. Create and manage your account to use the Services
By accepting to use the Services, you and your end customers are entering into a business relationship with Greenomy. We process required Personal Data to perform our contractual obligations toward you and your end customers. This includes: setting up User Account and providing important information related to the Services (Article 6.1.(b) GDPR).

b. Customer Support
We process your Personal Data to administer our customer relationship with the company you represent, including managing your user account, providing customer support, and documenting support matters (Article 6.1.(b) GDPR).

c. Prevent fraud and protect our Services
We have a legitimate interest in ensuring the ongoing security and proper operation of our Services and associated IT services and networks by enabling secure logins (Article 6.1.(f) GDPR).

d. Send communications to you
We have a legitimate interest in providing you with updates on our Services and related offers where you have purchased or shown interest in similar services from us (Article 6.1.(f) GDPR).

e. General aggregation of Personal Data
We have a legitimate interest in creating aggregate data sets for benchmarking purposes as an additional service to Users (Article 6.1.(f) GDPR). These data sets do not allow (directly or by inference) the re-identification of any data subject as the source of such data.

f. Legitimate interest
We may process your information based on our legitimate interests in communicating with you and managing our interactions as well as performing obligations to you and your end customers regarding our Services (Article 6.1.(f) GDPR).

7.3. How long we store your Personal Data

We will keep your Personal Data for as long as we have a contractual relationship with you. Afterwards, we will retain your Personal Data to comply with our legal obligations and unless you request the deletion of your Personal Data.

8. Greenomy academy privacy

8.1. Personal Data we collect

Personal Data	Source
First name and last name, professional email address	Submitted by Users when creating a User Account on the Greenomy Academy.

8.2. How we use your Personal Data and on what legal basis

a. Providing courses
‍We use your Personal Data to enable you to navigate the Greenomy Academy, to enrol and participate in courses and programs on the Greenomy Academy, to learn effectively in such courses and programs, to obtain products and services on the Greenomy Academy such as certificates. We offer products and services on the basis that it is necessary to fulfil our contractual obligations to you under the Terms of Use (Art. 6.1.(b) GDPR).

‍b. Communicating with you
‍We use information we collect to communicate with you, including answering your course and platform questions and notifying you of course and Greenomy Academy maintenance and updates. We do this on the basis of our legitimate interests in keeping learners up to date about our courses and responding to learner questions (Art. 6.1.(f) GDPR).

8.3. How long we store your Personal Data

We will retain your Personal Data for as long as your account is active or as needed for the Greenomy Academyor to comply with our legal obligations, resolve disputes, enforce our agreements, and as otherwise permitted by applicable law.

9. Webinar Privacy

9.1. Webinar Software

Our Webinars are hosted by the platform LiveStorm, a company incorporated under the laws of France, with registered seat at 60, rue François 1er 75008 Paris France. You can find their privacy policy here: https://livestorm.co/privacy-policy.

9.2. Personal Data we collect

Personal Data	Source
First name, last name, email address	Submitted by you on our Website

9.3. Session’s recording

Greenomy may record the Webinar with a view to publish it on the Platform and the Website to allow its customers to watch the event online. If that is the case, this will be mentioned on the Webinar invitation.

We may record the Webinar solely for the purpose of making it available for invitees who would like to replay it or could not attend it. If the Webinar is recorded, we will inform you and take measures to keep the participants list anonymous. If the Webinar is recorded for further publication, we will make it clear in the invitation.

9.4. How we use your Personal Data and on what legal basis

a. Participation in to Webinars
‍We use your Personal Data to manage the attendance to our Webinar and keep you updated about them. This includes sending you notifications before the Webinars take place so that you can participate in them (Article 6.1.(b) GDPR).

‍b. CommunicationIf the Webinar is held in the framework of a Pilot, we use your Personal Data to communicate to the bank which is inviting your company to the Pilot the contact details of all those included in the list of registrants, subject to your explicit consent (Article 6.1.(a) GDPR).In addition, we use your Personal Data to communicate the name of participants to Greenomy’s Affiliates, subject to your informed consent (Article 6.1.(a) GDPR).

‍c. Promotion
We may use your Personal Data to contact you for sharing information about Greenomy products and services subject to your informed consent ((Article 6.1.(f) GDPR). Additionally, we may use your Personal Data to inform you of similar future Webinars or to send surveys about Webinars (Article 6.1.(f) GDPR).

9.5. How do we share your Personal Data and with whom

Subject to consent as explained above, access to your Personal Data is also granted to Greenomy’s Affiliates and the bank which is inviting your company to the Pilot as the case may be.

9.6. How long we store your Personal Data

We will retain your Personal Data for as long as your account is active or as needed to comply with our legal obligations, resolve disputes, enforce our agreements, and as otherwise permitted by applicable law.

10. Careers Privacy

In order to see which Personal Data we collect in our recruitment process, how we use your Personal Data, on what legal basis, and for how long we store your Personal Data, please visit: https://careers.greenomy.io/cookie-policy

11. Your Rights Over Your Personal Data

11.1. Your rights

You have the following rights regarding your Personal Data:
‍
a. To know how we are processing your Personal Data and to access to your Personal Data held by Greenomy (DSAR-01);
‍
b. To request the rectification of inaccurate or incomplete Personal Data (DSAR-02);
‍
c. To request the erasure of your Personal Data when, among others, such data is no longer necessary for the initial purposes for which it was initially collected, in accordance with applicable law (DSAR-03);
‍
d. To restrict our processing of your Personal Data, under certain circumstances (in which case we will only retain the Personal Data for the exercise and/or defence of Greenomy's rights) (DSAR-04);
‍
e. To request the portability of your Personal Data, which will allow you to obtain and reuse the personal data in a usable electronic format for your own purposes and across different services without hindrance to usability, including its transmission to another third party (DSAR-05);
‍
f. To withdraw the consent you may have granted to a specific processing, at any time (DSAR-06)

11.2. How to exercise your rights

In order to exercise any of these rights, please send your Data Subject Access Request by email to privacy@greenomy.io specifying the code of your specific request.

11.3. Right to lodge a complaint with supervisory authority

In accordance with Article 77 GDPR you have the right to lodge a complaint with a supervisory authority, in particular in the European Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that Greenomy’s processing of your Personal Data infringes the GDPR.

Please visit the website of your relevant supervisory authority for more information on how to submit such a complaint.

12. Security of Your Personal Data

Security is in our DNA and embedded in our people, processes, and technologies. We take reasonable technical and organisational precautions to preventthe loss, misuse or alteration of your Personal Data. We have implemented several management systems that attests of our security maturity:

-ISO 27001 Certified - Information Security Management System (ISMS)
-ISO 27701 Certified - Privacy Information Management System (PIMS)
-SOC 2 Type 1 (expected Q2 2023) - Attestation of controls designed and implemented

For more information, feel free to reach out to support@greenomy.io.

13. Third-party Websites

The Website and the Greenomy Academy may contain links to third party websites. Greenomy is not responsible for the privacy policies or practices of third party websites, so you should pay attention anytime you are redirected to a third-party website and be sure to review its privacy policy.

14. Subprocessors

Greenomy uses various subprocessors to assist in the delivery of the Services. These sub-processors may process your personal data if you use our Services.

Entity	Service	Address	Purpose	Location of processing
Allbound, Inc.	Platform	3411 Pierce Dr, Chamblee, GA 30341, United States	Partner Management System	United States
Calendly	Calendar Scheduling	115 E Main St., Ste A1BBuford, GA 30518 USA	Calendar Scheduling	United States
Crisp IM SARL	Platform	2 Boulevard de Launay, 44100 Nantes, France	Live Chat of the Platform	Germany and the Netherlands
Learnworlds	Greenomy Academy	Gladstonos 120, Foloune Building, 2nd Floor, B1, Limassol, 3032, Cyprus	Online Training facilitation	EuropeanUnion
Microsoft Ireland Operations Limited	Platform	70 Sir John Rogerson's Quay, Dublin 2, Ireland	Cloud Infrastructure Hosting (Microsoft Azure) & Generative AI functionality (Microsoft Azure OpenAI)	European Union
MongoDB	Platform	Building 2 Number One Ballsbridge, Shelbourne Rd, Ballsbridge, Dublin 4, D04 Y3X9, Ireland	Platform's database	European Union
Mailjet SAS	Platform	Rue Jules Lefebvre 4 75009 Paris, France	Automatic email distribution	European Union
M4KE.IT SPRL	Platform and Website	Rue Lambert-Lomb ard 5 4000 Liège, Belgium	IT Development	Belgium and Germany
Planhat AB	Platform	c/o Bambuser AB, Malmskillnadsgatan 13, 111 57 Stockholm, Sweden	Customer Success platform	Belgium and the Netherlands
Safebase.INC	Trust Portal	441 43rd Avenue San Francisco, CA 94121, United States	Customer Due Diligence	United States
SFDC Ireland Limited (Salesforce)	Newsletter	Level 1, Block A, Nova Atria North, Sandyford Business District, Dublin 18, Ireland	Marketing Automation by Salesforce (Pardot)	European Union
TeamTailor AB	Greenomy Career	Östgötagata 16, 116-21 Stockholm, Sweden	Applicant tracking software	European Union

15. Contact

If you have any questions about this Privacy Policy or our treatment of your Personal Data, please write to our Data Protection Officer (“DPO”) by email or by post to the following address:
Data Protection Officer
Greenomy SRL
Avenue Louise 54 - 1050 Brussels, Belgium
‍privacy@greenomy.io

16. Modification of the Privacy Policy

We may update this Privacy Policy from time-to-time by posting a new version on our Website. All changes are effective immediately upon communication. We encourage you to occasionally check this page to ensure you are happy with any changes to the Privacy Policy.

Material modifications will be subject to notification by Greenomy by Website notice, email or any other form of communication

17. Definitions

Any capitalised term used herein will have the meaning ascribed to it under this Section.

Term	Definition
Greenomy’s Affiliate	Any person, corporation, or other entity which, directly or indirectly, controls, is controlled by or is under common Control with Greenomy at any point in time.
GDPR	Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Greenomy	Greenomy SRL, a limited liability company, incorporated under the laws of Belgium, having its registered office and principal place of business at Avenue Louise 54, 1050 Brussels, Belgium.
Greenomy Academy	Greenomy educational platform: https://academy.greenomy.io
Greenomy Career	Greenomy recruitment portal: https://careers.greenomy.io.
Personal data	Information relating to an identified or identifiable natural person pursuant to the GDPR.
Pilot	The short-term subscription to the Platform by a bank inviting you for the purpose of evaluating the fitness of the Platform and Greenomy’s Services.
Platform	All-inclusive reference to the software developed by Greenomy, including: the Portals, APIs and any integration or add-on functionalities.
Services	An all-inclusive reference to the Services provided by Greenomy, including: Website, Greenomy Academy, Platform, Webinar, etc.
Trust Portal	Greenomy trust platform: https://.trustportal.greenomy.io.
User	The individual using our Services. The User corresponds to the subject of Personal Data.
Website	Greenomy website: https://greenomy.io.
Webinar	Greenomy webinars.