Oniroco
Back to home

Privacy policy

1. Definitions

Personal Data Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. INTESO GROUP INTESO GROUP BV, with registered office at 9000 Ghent, Rooigemlaan 532 (bus 1.6), company number 0728.495.140, RPR Ghent, Division Ghent. Tel: +32 (0)9 227 39 33 — Email: info@chathive.co Processing Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

2. Subject Matter

This Privacy Policy sets out the provisions and conditions applicable to the processing of personal data that you provide to INTESO GROUP via Chathive (chathive.co).

3. What Personal Data Does INTESO GROUP Process?

Chathive is a platform that allows customers to build and configure their own AI assistants and chatbots. INTESO GROUP only processes personal data that is collected through these assistants if and to the extent that you, as a customer, have configured your chatbot or agent to collect that data. Depending on your configuration, this may include:
  • Identification data (name, address, phone number, …)
  • Electronic identification data (IP addresses, …)
  • Electronic location data (mobile, GPS, …)
  • Financial data
  • Personal characteristics (age, gender, marital status, …)
  • Household composition
  • Consumption habits
  • Housing characteristics
  • Occupation and employment
⚠️ If you configure your chatbot or agent to collect sensitive personal data, INTESO GROUP will process that sensitive data on your behalf. As a customer, you are responsible for ensuring that your configuration complies with applicable privacy legislation, including the GDPR. INTESO GROUP acts as a data processor in respect of data collected through your configured assistants.

4. For What Purposes Is Your Personal Data Used?

Your personal data is collected for the following purposes:
  • Entering into or performing agreement(s)
  • Relationship management (customers (CRM) and/or suppliers)
  • Direct marketing
  • Market research
  • Website and/or application(s)

5. What Does INTESO GROUP Do With Your Personal Data?

5.1. INTESO GROUP takes the protection of your privacy and personal data seriously. It has already taken all initiatives it deems necessary to comply with applicable privacy legislation, in particular the Belgian Act of 30 July 2018 on the protection of natural persons with regard to the processing of personal data (hereinafter the "Privacy Act"), its implementing decrees, amendments thereto, and as recently updated and subject to further amendment pursuant to the General Data Protection Regulation (GDPR). 5.2. INTESO GROUP commits to following this legal framework and, where necessary, implementing additional measures and adjustments in response to updates thereto. The personal data requested by INTESO GROUP is always limited to data that is necessary and adequate for the correct performance of the service. Your data is always retained for a specific period, depending on the service provided and/or the legal requirements INTESO GROUP must comply with. INTESO GROUP guarantees adequate protection (including through encryption) against unauthorised or unlawful processing and against accidental loss, destruction or damage of your personal data.

6. Lawfulness of Processing (Opt-In)

6.1. INTESO GROUP will only process your personal data if:
  1. You have given your consent for one or more specific purposes;
  2. The processing is necessary for the performance of the service you request from INTESO GROUP;
  3. The processing is necessary to comply with a legal obligation;
  4. INTESO GROUP can invoke a legitimate interest, provided your interests or fundamental rights and freedoms do not override it.
For the purposes of direct marketing and market research, INTESO GROUP will always request your explicit consent. You have the right at any time to object to the processing of your personal data for these purposes. 6.2. If you have changed your mind after opting in, you may withdraw your consent at any time by contacting us via:
  • 📧 Email: info@chathive.co
  • 📮 Post: INTESO GROUP, Rooigemlaan 532 (bus 1.6), 9000 Ghent, Belgium

7. Your Rights

7.1. General

INTESO GROUP strives for transparency regarding the processing of your personal data. You have the right to request:
  • Access to your personal data
  • Rectification or erasure of your personal data
  • Restriction of processing
  • Objection to processing
  • Data portability

7.2. Right of Access

You have the right to access your personal data and may also request information about:
  • The purposes of processing
  • The categories of personal data concerned
  • The recipients or categories of recipients
  • The retention period of your personal data
  • The source of your personal data (if not obtained directly from you)
For more than one copy, INTESO GROUP reserves the right to charge an administrative fee.

7.3. Right to Rectification

If the personal data we process is inaccurate or incomplete, you may request us to make the necessary corrections or additions.

7.4. Right to Erasure

You have the right to request the erasure of your personal data in the following cases:
  • Your personal data is no longer necessary for the purposes for which it was collected;
  • You withdraw your consent and there is no other legal basis for the processing;
  • You object to the processing and there are no overriding legitimate grounds;
  • Your personal data has been unlawfully processed;
  • Your personal data must be erased to comply with a legal obligation.

7.5. Right to Restriction of Processing

You may request a restriction of processing in the following cases:
  • You contest the accuracy of your personal data;
  • The processing is unlawful but you do not wish erasure;
  • INTESO GROUP no longer needs your data, but you require it for a legal claim;
  • You have objected to processing and are awaiting confirmation of whether legitimate grounds override your objection.
A restriction results in your data being flagged to limit its processing in the future.

7.6. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transfer it to another controller, provided that:
  1. The processing is based on your consent or is necessary for the performance of a contract; and
  2. The processing is carried out by automated means.
INTESO GROUP reserves the right to refuse portability where it would adversely affect the rights and freedoms of others.

8. Security of Your Personal Data

8.1. INTESO GROUP ensures that appropriate security measures have been implemented and are regularly updated. These measures may include:
  • Pseudonymisation and encryption of your personal data
  • The ability to ensure the ongoing confidentiality, integrity and availability of processing systems and services
  • The ability to restore the availability of and access to personal data in a timely manner in the event of an incident
  • A process for regularly testing, assessing and evaluating the effectiveness of security measures
Where INTESO GROUP is responsible for storing your personal data, this is done on its own secured servers. 8.2. INTESO GROUP also guarantees that any person who, in the course of their duties, gains access to your personal data will only process it on behalf of INTESO GROUP, unless a legal provision requires otherwise.

9. Reporting of Breaches

9.1. INTESO GROUP is legally required to report a personal data breach without undue delay and, where feasible, no later than 72 hours after becoming aware of it, to the supervisory authority:
Data Protection Authority Drukpersstraat 35, 1000 Brussels 📞 +32 (0)2 274 48 00 📠 +32 (0)2 274 48 35 📧 contact@apd-gba.be
9.2. Where the breach is likely to result in a high risk to your rights and freedoms, INTESO GROUP commits to also notifying you of the breach, unless:
  • INTESO GROUP has implemented appropriate technical and organisational protection measures (encryption, pseudonymisation, …) that render your data unintelligible to unauthorised persons; or
  • Notification would require disproportionate effort — in which case INTESO GROUP will make a public communication or take a similar measure.

10. Processing by Third Parties

10.1. Where INTESO GROUP relies on third parties for its services, it guarantees that a Data Processing Agreement has been concluded with its direct subcontractors, or that it has at least obtained written assurance that these third parties act in full compliance with applicable privacy legislation (Privacy Act and GDPR) at all times. 10.2. INTESO GROUP may engage external service providers (such as payment gateways) who maintain their own privacy policy. We recommend that you read the privacy policies of these service providers.
⚠️ Please be aware that certain providers may be located in a jurisdiction other than Belgium or the European Union. For example, if you are in Canada and your transaction is processed by a payment gateway in the United States, your data may be subject to US legislation, including the Patriot Act.

11. Amendments

INTESO GROUP reserves the right to amend this Privacy Policy without prior individual notice. We therefore recommend that you regularly review this policy at chathive.co.

12. Complaints and Remarks

12.1. If you have a complaint or remark regarding this Privacy Policy or the processing of your personal data, please contact INTESO GROUP in the first instance:
  • 📧 Email: info@chathive.co
  • 📮 Post: INTESO GROUP, Rooigemlaan 532 (bus 1.6), 9000 Ghent, Belgium
INTESO GROUP commits to handling your complaint promptly, but retains sole discretion over its merits. 12.2. You may also direct your complaint to the supervisory authority:
Data Protection Authority Drukpersstraat 35, 1000 Brussels 📞 +32 (0)2 274 48 00 📠 +32 (0)2 274 48 35 📧 contact@apd-gba.be
  • Offices are accessible on weekdays by appointment.
  • Reachable by phone every day between 8:30 AM and 12:00 PM.

13. Governing Law and Jurisdiction

13.1. Governing Law

This Privacy Policy is governed by Belgian law, to the exclusion of private international law rules.

13.2. Jurisdiction

The courts of the judicial district of Ghent, Ghent division have exclusive jurisdiction over any dispute arising between INTESO GROUP and the data subject whose personal data is processed by or on behalf of INTESO GROUP.
¹ Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).