Security, privacy and compliance are core principles of how we enable organizations to serve their customers

Privacy Policy

This privacy policy (hereinafter: “Privacy Policy”) explains how Billit collects and processes your personal data when you use the Billit Website, to be reached at www.billit.be (hereinafter: “Website”) and the services offered on this Website (hereinafter: “Services”).

We use cookies and comparable technology to learn about and respond to your use of the Website. Consequently we collect and process personal information that relates to you. To find out more about this, please review our Cookie Policy.

From 25 May 2018 you will see a notification in your account about the DPA of Billit. This Data Processing Agreement or data processing agreement explains everything about your data in Billit: what we do with it, what rights you have, what security measures we take, etc. In order to comply with the GDPR, every data manager (in this case you) must have a DPA with his or her data processor (in this case Billit). By accepting our DPA you are therefore one step closer to fully meeting the GDPR.

1. General

Definition Explanation
1.1. Billit BV, Oktrooiplein 1 bus 302, 9000 Ghent, Belgium, registered in the Crossroads Bank of Enterprises with number 0563.846.944 (hereinafter: “Billit”, “we”, “us”) gathers and processes personal information relating to you. You can reach us at dpo@billit.be. This entity is responsible for the processing of your personal information according to this Privacy Policy.
1.2. Any term that is capitalised must be understood in accordance with the definitions contained in this Privacy Policy. Where necessary, in view of the context, singular words shall be understood as also comprising their plural and vice versa To be certain that we understand this text in the same way, it is crucial that we interpret certain terms in the same way.
1.3. Where reference is made to specific legislation and the related implementing measures, such a reference shall also be deemed to comprise all future changes, substitutions or cancellations of this legislation and measures. Legislation regularly changes and we want to ensure that this Privacy Policy continues to comply with these changes.
1.4. Billit reserves the right to amend, supplement or replace provisions in this Privacy Policy now and then. You will be notified of such changes, additions or substitutions through our Website. If you do not agree with these changes, additions or substitutions, then kindly send an e-mail to the e-mail address listed in Article 1.1. Changes in legislation or market conditions may give rise to occasional changes to this Privacy Policy in order to remain accurate.
If we do not receive a message from you within three (3) business days after you were notified of the changes, additions or substitutions through the Website, then you will be deemed to have accepted all changes, additions or substitutions. In such a case, you can check these changes and, if possible, accept them.

2. Categories of personal information that we process

Definition Explanation
2.1. When you register as a user of the Website or use the Website and/or the Services on it, we obtain information that relates to you. The personal information that we can collect and process includes: Below we explain which personal information we process when you use the Website.
Technical information related to the browser and the device that you use, including the IP address, type of browser, which components of the Website you visited and the webpage that directed you to the Website.
2.2. When you create an account on the Website, we collect: Identity information: name and first name, company name, date of birth and sex. Account data: user name and login details. Contact details: private address, company address, e-mail address and telephone number. These include the correspondence with and emanating from Billit, as well as your communication preferences. Financial data: bank account number, payment method. Geographic location data: when using a mobile device. Here we explain which data we process when you create an account on the Website.
2.3. When you give us your business card or engage with us in another way at an event that we attend, we may process the following data: The general identity information listed on your business card, such as but not limited to your name, your e-mail address, your postal address, your phone number, the company where you work and your job title; Your picture. Here we explain which data we process when you actively engage with us at events.
2.4. The Billit platform will never request sensitive personal information from you. The invoices that are processed through the platform may however contain sensitive personal information. For the application of this provision, sensitive personal information shall be understood as: (definition in next block) Here we explain that Billit will never request sensitive personal information. You may, however, supply sensitive personal information through the invoices that Billit processes.
We define sensitive personal information (as mentioned in the previous block) as: Personal information pertaining to your race or ethnic origin; Political opinions; Religious or moral convictions; Trade union membership; Genetic or biometric data; Health data; Data pertaining to an individual’s sexual behaviour or sexual orientation.

4. Location and transfer

Definition Explanation
4.1. Billit shares your personal information solely with the following categories of recipients: Subcontractors and partners of Billit with whom we have an agreement and that help us make the Website and the related Services available, such as IT service providers and financial service providers; Third parties with whom we engage in negotiations in the margin of mergers, acquisitions and similar operations. In order to provide our Services, specific personal information must be provided to other parties.
4.2. Billit shall not pass on your personal information to third parties without your consent. When you use our social media channels, this is based on the understanding that our social media providers process your personal data. You can find further information about how these parties process your personal information in their respective privacy policies. We do not pass on your personal information to third parties unless you give your consent to this or as anonymised data. When you communicate with us through Facebook, this is based on the understanding that Facebook will also process your personal information.
4.3. Billit will only pass on your personal data to parties located outside the European Economic Area under one of the following conditions: This provision is self-explanatory.
1. According to the European Commission, the country of destination offers an adequate level of protection; 2. The country of destination does not in itself offer an adequate level of protection, but Billit makes the necessary contractual arrangements with the party in question, taking into account the standard clauses as imposed by the Data Protection Authority in Belgium.

5. Quality guarantees

Definition Explanation
5.1. Billit does its utmost to solely process the personal information that is necessary to achieve the objectives listed in Article 3. We will not process more personal information than necessary for the stated purposes.
5.2. Your personal information will only be processed for as long as needed to achieve the objectives listed in Article 3. As soon as this time limit has expired, Billit will de-identify your personal information unless: Billit or another third party has an interest in maintaining your personal data in an identified format whereby this interest takes precedence over your fundamental rights; A legal or statutory obligation or a judicial or administrative order prevents Billit from deleting your personalinfo. Here we explain how long we hold your personal information in an identifiable format.
5.3. Billit shall take the appropriate technical and organisational measures to protect your personal information against unauthorised access, theft and accidental loss, unintended alteration or destruction. We commit to securely holding your personal data.
Access to your personal information shall be limited to the employees of Billit and service providers appointed by us, who effectively require access to this information to achieve the objectives listed in Article 3. All employees who have access to your personal information are bound by a confidentiality agreement. You must, however, understand that data security implies an obligation to use our best endeavours and that we are unable to fully guarantee data security.

6. Your rights

Definition Explanation
6.1. You have the right to request access to all personal information that Billit processes following your use of the Website and Services. Billit reserves the right to charge administrative fees for multiple, successive requests for access that are clearly submitted with a view to causing nuisance for or damage to Billit. In this article we explain which rights you have regarding the processing of your personal information. These rights are self-explanatory.
6.2. You have the right to request that any incorrect personal information is corrected free of charge. If a request for correction is submitted, this will be accompanied by proof of the poor data quality for which the correction is submitted.
6.3. You have the right to revoke the consent that was given under Clause 3.3 at any time.
6.4. You have the right to request that your personal information is deleted if it is no longer necessary in light of the purposes set out in Article 3. A request for deletion shall, however, be weighed against:
A legitimate interest of Billit or another third party to maintain your personal information in an identifiable format whereby this interest takes precedence over your fundamental rights; A legal or statutory obligation or a judicial or administrative order that prevents Billit from deleting your personal information.
Instead of requesting the deletion of your personal information, you can also request that Billit limits the processing of your personal information if (a) you dispute the correctness of this information, (b) the processing is unlawful or (c) the data are no longer required for the purposes listed under Article 3, but you need them to defend yourself in legal proceedings.
6.5. You have the right to object to the processing of personal information in the cases listed in Articles 3.4, 3.5 and 3.6 if you are capable of proving that your specific conditions warrant such opposition. If the intended processing is qualified as direct marketing, however, you have the right to object against such processing without any charges or justification.
6.6. You have the right to receive all the personal information that you provided to us in a structured, widely-used and machine-readable format.
6.7. Should you wish to submit a request to exercise one or more of the aforementioned rights, you can always address such a request to Billit directly by sending an e-mail to dpo@billit.be.
The e-mail that you send to exercise your rights will not be interpreted as consent for the processing of your personal data beyond the requirements for processing your request.
Any request must clearly state which right you wish to exercise and the reasons for this if this is required in accordance with Articles 6.1 to 6.5. In order to avoid fraud and to prevent the unauthorised transfer of data to other persons, we reserve the right to verify your identity by means of additional questions or data, or to contact you, if necessary.
As soon as we receive your request, we will acknowledge receipt thereof at the earliest convenience. If this request proves valid, then we will grant your request as soon as reasonably possible, no later than thirty (30) days after receipt of this request.
Should you have a complaint about how Billit processes your personal information, then you can always contact us at the e-mail address listed in this Article. If you are not satisfied with our response, then you may lodge a complaint with the competent data protection authority, i.e., the Belgian Data Protection Authority. For further information, please refer to https://www.dataprotectionauthority.be.