Version date: 18/02/2021
Appical offers pre-boarding, onboarding and offboarding services (“Services”).
2) Personal information Appical collects
Appical collects personal information from a variety of sources.
a) Account Information
If you decide to create an account, we require certain information from you in order to give you, as a user, access to the Services, consisting of first name, surname and email address. Additional data can be added voluntarily by your employer or by you. For example: Skype ID, LinkedIn ID, Job title & department, phone number, profile picture, IP Address, or any information asked through HR Forms by your employer. Please don’t provide Appical voluntarily with sensitive personal information such as racial or ethnic origin, sexual orientation, health information or religious or philosophical beliefs. If Appical needs to collect sensitive personal information for a specific purpose, we will ask for your explicit consent.
b) Information from your employer
c) HR Forms
Appical features HR Forms which allows your employer to directly collect certain information from you for human resource purposes. When you respond to HR Forms hosted by Appical, we collect, on behalf and upon instructions of your employer, information relating to you.
d) Information Appical collects from your use of our Service
When you download our mobile application to your mobile device, we may also collect information that you provide for example when you request information. We also automatically collect information through our Services. This type of information may include information about your mobile operating system and the way you use the Services. Furthermore, our Services may collect information about your actual location from your device if you consent to the collection of this information.
e) Information we obtain through cookies and similar tools
3) How do we use your personal information?
We will only use your personal information when privacy laws and regulations allow us to. Most commonly, we will use your personal information in the following circumstances:
a) Where we need to perform the contract and provide you with the required Service or information.
b) With your consent to fill out the information in your account in order for you to use the Services.
c) Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
d) Where we need to comply with a legal obligation.
The following purposes are examples of how Appical may use the personal information we collect:
e) to create an account and to provide the Services requested from us;
to provide support and to handle complaints;
g) to improve and customize user experience and develop new Service features;
h) to send information related to the Services and fees and invite you to participate in surveys, where necessary subject to your consent;
to carry out other legitimate business purposes;
k) to comply with any applicable laws and regulations.
4) Sharing personal information with other parties
We may share your personal information to facilitate the running of our business or to provide specific services you have requested. Commonly, we will disclose information to Digital Ocean, Intercom Mailchimp (Mandrill), Amazon (Amazon Web Services), Validata and DocuSign (when applicable).
We may also disclose your personal information:
a) to our affiliates or subsidiaries.
b) if we are legally entitled or required to do so (for example, if required to do so by legal proceedings or for the purposes of detection and prevention of fraud and other crime or as part of a security audit).
c) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others.
e) to any other third party with your prior permission to do so.
5) How does Appical protect your personal information?
Appical values the protection of your Personal Information. Therefore, we apply the highest possible security standards, technical and organizational measures to protect your Personal Information against abuse.
Appical has an ISO27001:2013 certification for Information Security Management. ISO 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system. It ensures organisations can apply a framework to business processes to help identify, manage and reduce risks to information security, and considers not only IT but all business operations.
We will not retain your personal information for a period longer than necessary to fulfil the purposes for which it was collected for, unless we have to keep it for legitimate business, tax or legal purposes. When we have no ongoing legitimate business, tax or legal needs to process your personal information, we will either delete or anonymize it or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.
6) Your privacy rights
You are entitled to know whether we hold personal information about you and, if we do, to have a copy of that information. Furthermore, you can request us to correct, update or delete your personal information in our records and/or inform us about any misuse of your personal information. You also have the right to data portability.
If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
In any event we will always provide you with a method to opt out of receiving further emails and/or surveys from us.
7) Links to other websites
9) Law and Jurisdiction
10) How can you contact us?
Amsterdam, The Netherlands
Attn: Privacy Officer
Any complaints about the processing of personal information can be submitted to the Dutch Data Protection Authority. You can find more information about filing a complaint on the website of the Dutch Data Protection Authority (https://autoriteitpersoonsgegevens.nl/nl).