Date of Last Revision: April 29, 2021
Customer: Any natural or legal person who entered into an agreement with Euretos for the use of a Service (i.e. excluding, for the avoidance of doubt, any Users or Visitors).
Customer Data: Proprietary information, metadata or other data including potentially Personal Data that a Customer stores within, or makes available through, the Service.
Personal Data: Any information relating to an identified or identifiable natural person (‘Data Subject’) within the meaning of Regulation (EU) 216/679 (General Data Protection Regulation). A Data Subject can be a Customer, User, Visitor, supplier, partner or employee of Euretos, or any other person whose Personal Data is being processed by or on behalf of Euretos.
EAIP: The Euretos product called “Euretos AI Platform” abbreviated as EAIP. This includes the base platform and integrated data, the API (Application Programming Interface) and specific applications that run on top of the EAIP. These applications include but are not limited to: Analytics, Search, Sets and Relation Map as well as the workflows that are embedded in these applications.
Premium Services: The version of the Services that can be accessed only by Users under a paid agreement between Customer and Euretos.
Services: The Websites, Software and all content, services and/or products available on or through the Software, either for free (in which case those Services are restricted to non-commercial use only) or against payment of a fee (allowing for commercial use of the Services).
Software: The software owned by, or licensed to, Euretos, including (but not limited to) the software which is distributed under the brand name “Euretos AI Platform”
Third Party Data: Any public or proprietary information, metadata or other data from any third party (other than Euretos or Customer), including potentially Personal Data, that Euretos makes available through the Service.
User: An employee, agent, or representative of a Customer, who primarily uses and accesses a Service.
Visitor: An individual other than a User, who accesses publicly available free information provided by Euretos.
Websites: Any website owned by Euretos, including (but not limited to) www.euretos.com and ask.euretos.com
You/Your: Any natural person that is a Data Subject within the meaning of Regulation (EU) 216/679 (General Data Protection Regulation).
Our main Software is distributed under the name Euretos AI Platform (abbreviated as EAIP). Data processed by EIAP may include Personal Data from time to time.
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as “Data Controllers”) and organizations that process Personal Data on behalf of other organizations (known as “Data Processors”). Euretos may act as either a Data Controller or a Data Processor in respect of your Personal Data, depending on the circumstances.
Generally speaking, Euretos is the Data Controller of Personal Data which either (a) you provide to us; (b) is automatically collected when you register to, access or use our Services; or (c) our Customers or third party partners provide to us as part of databases which are integrated in our EIAP search platform.
We do not knowingly collect or solicit Personal Data from anyone under the age of 16 or knowingly allow such persons to register for the Services.
Euretos collects different types of information, which we have classified below based on where we source that information. For each type of information we provide you with an overview of (i) what Personal Data is processed by Euretos (‘What’); the purposes of such processing (‘Why’); and (iii) the lawfulness of such processing (‘Legal Ground’):
3.1. Information You Provide to Us.
We receive and store any information you knowingly and voluntarily provide to us. For example, we collect Personal Data such as when you contact us with inquiries, when you register for the Services or when you access or use these Services. The following information is collected:
3.1.1. Registering to our Websites
What: Your full name, e-mail address and password (encrypted).
Why: We use this information to allow our Users to set-up a user account and manage their login to our Services.
Legal ground: We use this information in order to execute the agreement you have with Euretos.
3.1.2. Entering into a Customer agreement:
What: your full name, e-mail address, title or function, telephone number and billing details (as the case may be).
Why: We use that information for our customer services, contract management, financial management and accountancy (invoicing and payment processing, debt collection). We may also contact you, by email or other means; for example, we may communicate with you about new features or your use of our Services.
Legal ground: We use that information in order to execute the relevant agreement.
When contacting us (through the Websites (contact forms), at conferences, trade fairs, roadshows, meetings etc.):
3.1.3. Contacting us:
What: your full name, e-mail address, title or function, telephone number.
Why: We use that information to invite you to accept commercial information relating to Euretos (through an “opt-in” mechanism), or to contact Customers, Users and Visitors in order to fulfill requests for the Services.
Legal ground: We use that information based on our legitimate interest or your consent (as the case may be).
3.1.4. Using our Services:
What: your e-mail address and password (encrypted); other Customer Data which may or may not contain Personal Data (such as search queries)
Why: We use that information to enable you to use our Services.
Legal ground: We use that information in order to execute the contract you have with Euretos (if you were the contracting party) or based on our legitimate interest (if your organization entered into that agreement with us). This may include Euretos sending you notifications on new relevant Customer Data (if you signed-up for that service).
3.2. Information Collected Automatically.
What: Whenever you interact with the Websites or use our Services, we automatically receive and record information on our server logs from your browser (“Log Data”). Log Data may include information such as your computer’s IP address, device information, browser type, “cookie” information, search queries (‘query logs’) and access time and dates (‘time logs’).
Why: We use this information to monitor and analyze your use of the Website and the Services and for the Website’s technical administration, to increase our Website’s functionality and user-friendliness, and to better tailor it to our visitors’ needs.
Legal ground: Our usage of this information is based on the execution of your agreement with Euretos (if you were the contracting party) or on our legitimate interest (if your organization entered into that agreement with us).
3.3. Information provided by Customers.
3.3.1. Contact details
What: our Customers may provide us with Personal Data relating to their employees, consultants or other service suppliers (such as contact persons, business consultants, financial advisors, lawyers etc.). These Personal Data may include such persons’ names, e-mail addresses, telephone numbers, usernames (on Skype, Telegram, Trello, etc.) and functions or titles within our Customer’s organization.
Why: we use that information for our customers and contract management and financial management and accountancy (invoicing and payment processing, debt collection). We may also contact you, by email or other means; for example, we may communicate with you about new features or your use of our Services.
Legal ground: we use that information based on our legitimate interest (as your organization entered into that agreement with us).
3.3.2. Customer Data
What: our Service may enable access to our Customer’s own proprietary databases or content which are part of (or constitute) the Customer Data.
Why: Personal Data which is part of Customer Data may be processed by Euretos in view of providing the Services to Customers and Users.
The owner of the relevant data source (which in respect of Customer Data shall be the Customer) is responsible for providing notice to its customers or third persons concerning the purpose for which they collect Personal Data and how this Personal Data is processed as part of the relevant database.
Euretos, just like any other search engine, has no direct relationship with the individuals whose Personal Data is being processed as part of the Service. The relevant Personal Data has already been processed by the owner of the relevant database, and Euretos only applies certain search software on the data to ensure that the data can be more easily retrieved by the User.
In view of the above, Euretos relies on its legitimate interest to process Personal Data that are contained in, or form part of, Customer Data in view of providing the Services to the Customer owning the data.
3.4. Information collected by third parties (Third Party Data)
What: When a Customer, User or Visitor purchases, uses or subscribes to our Services, Euretos may enable access to third party websites, services or content, or may collect Third Party Data that may include Personal Data in order to provide the Services, which may include:
Data from publicly-available sources such as open government databases or other data in the public domain;
Data from research institutions, organizations, data brokers or other third parties from which we obtain access to their data for our Customers, Users or Visitors;
Why: Personal Data which is part of Third Party Data may be processed by Euretos in view of providing the Services to Customers, Users and Visitors.
The owner of the relevant data source (which in respect of Third Party Data shall be the third party owner of the relevant data) is responsible for providing notice to its customers or third persons concerning the purpose for which they collect Personal Data and how this Personal Data is processed as part of the relevant database. Euretos, just like any other search engine, has no direct relationship with the individuals whose Personal Data is being processed as part of the Service. The relevant Personal Data has already been processed and made public by the owner of the relevant database, and Euretos only applies certain search software on the data to ensure that the data can be more easily retrieved by the User or Visitor. In view of the above, Euretos relies on its legitimate interest to process Personal Data that are contained in, or form part of, publicly available Customer Data in view of providing the Services to its Customers, Users and/or Visitors.
If you provide Personal Data to the Services as set out above, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Euretos.
The Services are performed using equipment or facilities located in the European Union or the US. The Euretos’s US service providers are either Privacy Shield compliant or have executed Standard Contractual Clauses (as approved by the European Commission) that provide legal grounds for assuring that, when processed in the United States, the personal data of EU citizens that are processed by Euretos customers when using the Euretos Service will receive from Euretos and its service providers located outside the EU an adequate level of protection within the meaning of Article 46 of Regulation (EU) 2016/679 (General Data Protection Regulation).
List of processors processing your Personal Data or processing Personal Data from Data Subjects contained in Customer Data or Third Party Data:
- Google analytics: monitoring and measuring website traffic and access, creating user navigation reports
- Hubspot – direct marketing tool, monitoring and measuring website traffic and access, crm tool, support services, website, email marketing
- Microsoft (office 365) – e-mail systems and office productivity tools;
- Zoom, Microsoft Teams – communication tools
- Digital Marketing Service Providers
We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information. Our appointed data processors include:
Personal Data that you provide to us will neither be sold nor rent in personally identifiable form to anyone. We only share Personal Data in personally identifiable form with third parties as described under section 4 above and as further set out hereinafter.
5.1. Protection of Euretos and Others: We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or a court order; enforce or apply our conditions of use and other agreements; project against legal liability; or protect the rights, property, or safety of Euretos, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
5.2. Business Transfers: As Euretos develops its business, it might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. In the transfer we will ensure that similar protection of Personal Data will be included.
5.3. Agents, Consultants and Related Third Parties: Euretos, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, hosting, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function, as specified in section VI. In the transfer we will ensure that similar protection of Personal Data will be included.
5.4. With Your Consent: Except as set forth above, Euretos will always explicitly ask for Your consent before sharing any of Your Personal Data with third parties, and will always be able to prevent such sharing.
We use a secure protocol whenever you connect to the Euretos Services. You are responsible for preventing unauthorized access to these services and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We endeavor to protect the privacy of your account and other Personal Data we hold in our records, but we cannot guarantee complete security. The transmission of information via the Internet is never completely secure. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
7. Rights of choice or Personal Data
You can always opt not to disclose information to use. In addition, you have the following rights in respect of your Personal Data:
- The right to be informed – this is information on for what purpose we are processing it and what Personal Data we are processing.
- The right of access – You have the right to be provided with copies of the Personal Data of you that we are processing as well as confirmation of the processing we are doing. You can do this by sending a “subject access request” to the contact details noted below for our consideration.
- The right to rectification – if you think the Personal Data that we hold on you is wrong you can tell us and we will fix it.
- The right to erasure (also known as the right to be forgotten) – if you want us to permanently delete the Personal Data we hold for you then you can ask us to do so. Our ability to delete such Personal Data is subject to exceptions in accordance with data protection laws.
- The right to restrict processing – if you do not like how we are using your Personal Data then you can let us know and we will stop processing it in that way.
- The right to data portability – if you want us to pass on your Personal Data to someone else then please let us know. This transfer should not affect the integrity or otherwise damage your Personal Data.
- The right to withdraw your consent – You can withdraw your consent for us to process your Personal Data (if we have relied on your consent to process your Personal Data) at any time by contacting us. If we have relied only on your consent as the basis to process your personal data then we will stop processing your Personal Data at the point you withdraw your consent. Please note that if we can also rely on other bases to process your Personal Data aside from consent then we may do so even if you have withdrawn your consent.
- Rights in relation to automated decision making and profiling – if we use either automated decision making or profiling then you have a right to know. Also, we need your consent if either of these are used to make a decision that affects you. As with all consent, you can withdraw it at any time.
You can exercise any of the rights above by contacting us at the contact details mentioned below.
Please note that some information may remain in our private records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Data after you update or delete it, but not in a manner that would identify you personally.
If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to email@example.com.
Euretos has no direct relationship with the Customer’s customers or third party whose Personal Data it may process on behalf of a Customer. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the relevant Customer or User which acts as the Controller of the data processing.
If You have any questions or concerns regarding our privacy policies, please send us a detailed message at firstname.lastname@example.org. We will make every effort to resolve your concerns.
Other contact details:
Euretos Services BV
Att.: Data Protection Officer
Utrecht Science Park,
3584 CL Utrecht,