Save met Swave
Save met Swave
Swave – Privacy Policy
Digiteal and Promcom (hereafter “We” act as the data controllers for processing personal data in the context of offering the Services of Swave.
We are committed to protecting your privacy and personal data. With this Privacy Policy, we wish to give the User detailed information about the processing of his / her personal data and related rights in the use of Swave. Swave includes the App license and website. We encourage every User to thoroughly read this Privacy Policy.
This Privacy Policy applies to all the current, future and former users of Digiteal’s Swave service. By accessing and using the Services, you irrevocably accept these Terms of Use, together with the Privacy Policy. In addition, you certify that you have read, understand and agree to be bound by the Terms of Use and the Privacy Policy, and that the Terms of Use and the Privacy Policy will form a binding agreement between you and us.
By using Swave, We will receive your personal data which will be processed with respect for the privacy of the User and with due observance of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such Data and repealing Directive 95/46 / EC (General Data Protection Regulation or GDPR). For more information, please refer to:
https://eur-lex.europa.eu/legal-content/NL/TXT/PDF/?uri=CELEX:32016R0679&from=NL
1.1. This is a legal document that describes the Privacy Policy (hereinafter “Privacy Policy”) and forms between two parties:
1.1.1. “you” or the “User”: A User is any natural person who has downloaded the App Swave, has completed a full registration as instructed in the App, and whose account has not been removed from the App.;
1.1.2. ‘we’, ‘us’: means the following companies which are also the data controllers when processing your personal data:
1.1.3. Promcom BV and Digiteal SA and / or their respective staff and freelancers.
c / o Creative Spark – Digiteal SA
Rue Emile Francqui 6/9, 1435 Mont-Saint-Guibert Belgium
Company number: BE 0630675588 E-mail address: hello@digiteal.eu Website: https://www.digiteal.eu/
c / o Regus – Promcom bv Dumolinlaan 1/13, 8500 Kortrijk Belgium
Company number: BE 0727.437.543 E-mail address: support@swave.be Website: https://swave.be/
1.2. Furthermore, the following terms have meanings as follows:
1.2.1. “App”: the Swave application owned by Digiteal.
1.2.2. ‘Data’: all personal data about you that is visible in the App, all personal data you have given to us and any personal data that we link to it.
1.2.3. ‘Bank account’ a bank account with a bank or credit institution.
1.2.4. ‘Services’, Services that Digiteal offers including and in relation to the App and the Portal.
1.2.5. ‘Clients’ businesses such as merchants, cities and shopping malls, that have a valid contract with Digiteal to use any Services. Clients have entered into this contract separately, by approving the ‘General Terms & Conditions’.
1.2.6. “Cashback”: monetary value in EUR that you can get as a reward through Digiteal if you properly use eligible Services, such as, but not limited to, the Service ‘Parking-as-a-Service’ as detailed on page 8 of the Terms of Use. Users can deposit this monetary value into their Bank Account by indicating in the App on which Bank Account they wish to receive it. “Points”: loyalty points that you can get as a reward from a Client if you properly use eligible Services, such as, but not limited to, ‘Automated Loyalty’, as detailed on page 10 of the Terms of Use.
1.2.7. “Rewards”: Cashbacks and Points.
1.2.8. “Reward Programs”: different ways you can earn Rewards through Digiteal if you properly use eligible Services, such as, but not limited to, the Service “Parking-as- a-Service’ for which you can earn Cashback Rewards, and the Service ‘Automated Loyalty’ for which you can earn Points Rewards.
1.2.9. “Account Information”: All information about your account and all the operations which we store in our database and you can see in the App.
1.2.10. The English version of this Privacy Policy applies, and translations are available but may contain small inaccuracies due to translation.
1.2.11. If you have any questions about this Privacy Policy, you can always contact us via support@swave.be.
Digiteal is the processor of the personal Data shared by the User. The sub- processors are Promcom, Microsoft Azure, Ibanity, Github and DBeaver.
3.1.1. We only collect and use the personal Data of our Users to the extent necessary to provide a functional Application and website and to provide our content and Services. The collection and use of personal Data of our Users is done on a regular basis with the consent of the User.
3.1.2. Registration information, including:
1. Email address
2. Password, however inaccessible to us due to encryption
3.2. Identification information:
1. First name
2. Last name
3. Date of birth
4. Country
3.3. When you link your bank card and / or bank account with the App, we collect the following Data:
1. Banking institution or payment institution
2. Internal identifiers (Client access token, API token)
3. Third-party identifiers (authorization token)
4. Account number
5. Iban number
6. Account type
7. Account description
8. Currency
3.4. At the same time, we also collect the transaction data for 90 calendar days:
1. Account number
2. Transaction description
3. Value date
4. Transaction date
5. Notification of transaction
6. Currency
7. Amount
8. Reference
9. Counterparty
3.5. Technical information, information about your device, and information about your navigation history and patterns when interacting with our website, App or other Services. Among the information we keep belongs, but is not limited to, the type of browser, the device operation system, App version, visited pages, clicks, average time spent on our site, App or other Services, unique identification, cookies, User data and information about crashes.
3.6. Location data: if you choose to use a part of our Services which include Services based on location, we may collect and store location data from and notify you about the collection of that information. You can grant or deny us access to your location data via the settings.
3.7. Feedback: We may also ask for feedback about our Services. You will always be able to decide whether to share this information or not. We may collect this information to optimize our Services.
3.8. Communication and extensive data: all communication goes through our company and you as a User and all types of information we obtain from you by asking you questions.
3.9. Enriching data: data that we add to other data, such as, but not limited to, categorization of businesses, labels, retail outlets, comparisons with similar Users and non-similar Users, Rewards, shopping preferences, average purchase amounts across all categories and by category, purchase frequency, etc.
4.1. We store your data from the moment you first download our App and have registered successfully.
4.2. Then, we store your data during the following events:
1. When your bank account and / or bank card is connected to our App.
2. When you use our App.
3. When you send us a copy of your identity card or passport, in case we need to prove your identity when a complaint is filed.
4. Our App connects to your bank (or any Account Information Service Provider) through Technical Service Providers such as Ibanity. These are secure intermediate parties between banks and Swave. This way, Swave can accurately assign the right Rewards to the right User at the right time thanks to the data gathered from the bank.
5. Each time you contact us or ask a question.
6. Each time you earn Rewards in the form of Cashback, Points or other.
5.1. We process and use the data so that we can offer you all kinds of Services. These are already extensively described in the Terms of Use, but below we also give you a summary. We can expand these Services. In those cases, we will update our Terms of Use and Privacy Policy and inform you thereof.
5.2. Parking-as-a-Service: If you spend money at a retailer that visibly offers this Service through the Swave App, paid for parking the same day and paid for both with a bank card, you will automatically receive a reward. In most cases, that reward is 2% of what you spent at the business, although this may be less depending on some exceptions to the rules described in the Terms of Use. We will transfer the monetary value of that reward to your bank account if you have saved at least €0,01 Cashback through the App. This all happens only if your bank account(s) had been linked once during the 90 calendar days prior to tracking your transaction at the Client, and if you have an active account within our Swave App, so we can link transactions to the payment terminals of our B2B Clients.
5.3. Automated Loyalty: If you do a purchase at a participating retailer following the instructions in our App, you have earned Points. We show the date when you earned these Points at the specific participating retailer anonymously in the B2B Portal, only to that specific retailer, which is one of our clients. We will also show the date and time of when you have exchanged your Points for a Reward at a participating retailer, anonymously in the B2B Portal, only to that specific retailer. We do this to prove to our Clients our Users are using and benefiting from the App, and to give them proof of when material Rewards have been granted to Users to help them give administrative proof for their accounting. This all happens only if your bank account(s) had been linked once during the 90 calendar days prior to tracking your transaction at the Client, and if you have an active account within our Swave App, so we can link transactions to the payment terminals of our B2B Clients.
5.4. We may anonymize all of our Users’ data and make it statistics so that we can provide our Clients with useful insights and send them promotions to you.
We process your personal data based on the following legal bases as provided by the GDPR:
6.1. Your consent for the processing of your location data (Article 6, paragraph 1, a) GDPR). For individuals under the age of 16, we will only process personal data if parental consent is obtained. If we become aware that personal data has been collected from persons under the age of 16, we will take the necessary steps to obtain parental consent. We will delete the account without parental permission.
6.2. When the personal data processing operations are required to perform pre- contract operations and the processing of personal data is necessary for performing a contract in which the person is a party, for example when you decide to use our App, you agree with the Terms and Conditions and where we are required to process your personal data in order to be able to provide the Services (registration and identification data; bank account information and transaction history (Article 6, paragraph 1, b) GDPR).
6.3. When the processing of personal data is required to comply with a legal obligation to which our company is subject (Article 6, paragraph 1, c) GDPR), such as:
6.3.1. We are subject to PSD2 legislation. We never share your personal data with commercial partners, but to get access to your payment account data we need some personal information to share with the PSD2 aggregators. These are companies that make a connection between us and your bank or payment institution. The minimum information we need to share in order to connect to, are described.
6.3.2. We are supervised by the financial supervisory authorities. This means that if we are asked by the authorities and / or if there are serious suspicions, we should check our Users to see if they are on international sanctions lists, PEP lists (Politically Exposed Persons) or other official lists. For this purpose, we use the last name, first name, date of birth and place of birth. Consequently, no one can object to this processing. This also means that if we suspect money laundering or terrorist financing, we are required to provide the Personal Data with additional information (evidence) to the competent authorities.
6.3.3. We are subject to financial legislation. Financial legislation includes the law of September 18, 2017 to prevent money laundering and terrorist financing. This law is also called the anti-money laundering law. Article 60 of that anti-money laundering law states that we are therefore obliged to keep a number of Data for 10 years after the cooperation has ended. In other words, after you stop using our App, we need to keep some Data for another 10 years. These are identification data and registration data of transactions.
6.4. When the processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party and as the interests, fundamental rights and freedoms of the User do not override these interests. We process technical information to understand how the Services and App is being used and to improve the Services and App. In that view, we also ask your feedback. We may also enrich your data in order to better understand the needs of our Clients and Users (Article 6, paragraph 1, f) GDPR).
6.5. Our Clients do not have any access to your personal Data, and they are never involved in the storage of your Data. We take the ultimate responsibility for the processing of your personal Data. We are therefore your point of contact for all your questions and complaints regarding the protection of your personal data. You can contact us to exercise your privacy rights.
7.1. We can share your personal data, based on our legitimate interest, to third party providers who help us with our products and Services. These companies will act as data processors and have access to your personal data only when strictly necessary to perform their functions and they may not use that data for any other purpose. We store all our Data in a highly secure environment. We use Microsoft databases, servers and cloud Services to store the Data. The servers Microsoft uses are located in two different European locations and are extremely well secured. Google’s storage spaces are also extremely secure and located in the EU.
7.2. Of course, we do our best to protect this database, but we cannot guarantee that. Unfortunately, there is no 100% guarantee on the internet. We make every effort to ensure that this does not happen. We use high security standards that are tested regularly, both by ourselves and by our auditors.
7.3. We do not transfer your personal data to third countries located outside the European Economic Area.
8.1. You have the right to ask us to access your personal Data, to obtain rectification or deletion of your personal Data or to restrict the processing of your personal Data. You also have the right to object to the processing of your personal data and the right to data portability. In addition, you have the right to withdraw your consent to the processing of your personal data at any time.
8.2. As mentioned earlier, we are legally obliged to keep your identification data and transaction registration data for 10 years. Most of your GDPR rights do not apply to this storage. Article 65 of the Anti-Money Laundering Act states that “The person whose personal data is processed in accordance with this Act has no right to access and correct his or her data, nor the right to be forgotten, nor the right to transferability of this data, neither the right to object, nor the right not to be profiled, nor the reporting of security flaws”.
8.3. Your privacy rights will continue to apply to the processing of your personal Data for commercial purposes, such as the processing for offering our Rewards ‘Cashback’ and ‘Points’ and possible other Rewards in the future. This means, for example, that you have the right to request that we no longer process your personal data for these purposes or to limit the processing thereof.
8.4. Please note that we can only offer our Services if we store and process your personal data. This is also explained in our Terms of Use. Our App’s Services, such as Parking-as-a-Service and Automated Loyalty, just wouldn’t work if we couldn’t process your data. For this reason, we unfortunately have to end our relationship if you ask us to restrict or stop the processing of your personal data. In this case you can no longer use our App. Your right of access, rectification or portability of your personal data can of course be exercised without any problem.
8.5. In that case you will receive your data in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this Data to another data controller without hindrance by the existing data controller, the said Data being to be provided to the former, provided that:
1. The processing is based on consent pursuant to Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR, or on a contract pursuant to Article 6 (1) (b) GDPR; and
2. The processing is carried out using automated procedures. In exercising this right, you also have the right to ensure that the personal Data relating to you is transferred directly from one data controller to another, to the extent technically feasible. However, the freedoms and rights of other persons should not be affected by this. The right to data portability does not apply to the right to complain to a supervisory authority.
8.6. In short, we keep your personal Data for as long as necessary to perform our obligations under the agreement and to respect the applicable legal provisions. In addition, we may keep your personal Data for longer if you have given us permission to do so, or if we need that Data for legal proceedings.
9.1. In general
9.1.1. Some features of this website are designed to give you a better online experience on our website and will only work if we use cookies. We also use cookies to collect information about your online preferences. Cookies are text files which contain small pieces of information, sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. They will be stored on your computer, tablet or phone when you visit a website.
9.1.2. Cookies may contain identifying information. Cookies enable us to gain information about the use of its websites. This information may be analyzed by third parties on our behalf.
9.2. We use the following categories of cookies on our website:
9.2.1. Strictly Necessary Cookies: these cookies are essential in order to enable you to move around the website and use its features. Without these cookies, Services you have asked for such as remembering your login details or shopping basket items cannot be provided.
9.2.2. Performance Cookies: these cookies collect anonymous information on how people use our Website. For example, we use [example Google Analytics] cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, shopping experience and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established.
9.2.3. Functionality Cookies: these cookies remember choices you make such as the country you visit our website from, language and search parameters such as size, color or product line. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.
9.2.4. Targeting cookies or advertising cookies: these cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit, and that information is shared with other parties such as advertisers. For example, we might use third party companies such as Tradetracker to provide you with more personalized adverts when visiting other websites.
9.2.5. Social Media Cookies: these cookies allow you to share what you’ve been doing on the website on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies for how their cookies work.
9.2.6. Google Analytics: we also use third party Services such as Google Analytics to collect information about visitors to our websites. This information is aggregated to determine number of visits, average time spent, pages viewed, etc. We use this information to measure site usage, as well as to improve the content and value of our site. More information about the way Google processes your information is here – [Insert Link]. If you wish to disable Google Analytics on your browser, please follow [these steps].
Therefore, to facilitate identification, the PSD2 aggregators and your bank may place cookies when establishing a connection between your bank and our App.
9.2.7. Deletion of cookies: some cookies are deleted when you close down your browser (session cookies). Others remain on your device until they expire, or you delete them from your cache (persistent cookies or tracking code) and enable us to remember things about you as a returning visitor. If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. The help option on the toolbar of most browsers will also tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Please bear in mind that some personalized Services may not be available if you choose to disable cookies. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
To find out more about cookies please visit: www.allaboutcookies.org or see www.youronlinechoices.eu which contains further information about behavioral advertising and online privacy.
10.1. We use a number of operational plugins that we need to make our App work properly. For example, a plug-in to enable communication between us, a plug-in to create images, a plug-in to get out of AML controls to perform. We ensure that these plugins do not store any personal data; we only use these plugins to improve the operation of the App.
10.2. Some plug-ins to access your personal information, but there are strict rules about using your personal information. This concerns FireBase, for analyses about the App performances and crash reports, and Microsoft to secure access and host all data. You can find a complete list of our plugins on our website.
Some of our Web pages may contain electronic images known as Web beacons (sometimes known as clear gifs) that allow us to count Users who have visited these pages. Web beacons collect only limited information which includes a cookie number, time and date of a page view, and a description of the page on which the Web beacon resides. We may also carry web beacons placed by third party advertisers. These beacons do not carry any personally identifiable information and are only used to track the effectiveness of a particular campaign.
12.1. There are times when we need to change the content of this Privacy Policy. We can correct typos, sometimes we add information or change some conditions. Our App is constantly evolving and regularly updated, which means that sometimes we also need to change the Privacy Policy. Legislation also changes from time to time and we sometimes need to adjust our terms and conditions accordingly.
12.2. Once we have adjusted this Privacy Policy, you will be notified via the App and / or Website. If applicable, the User will be asked to accept the most recent version of the Privacy Policy in order to continue using the Swave Services.
12.3. Do you not agree with our new Privacy Policy? That would be a shame, but there is nothing we can do but keep our Privacy Policy as current as possible. All you can do is uninstall the App and stop using it.
12.4. This document and its terms were last updated on September 18th, 2020.