LEGAL

Privacy Policy

1. Who are we?

1.1. We are Contento NV (commercial name “Willow”), a company incorporated under Belgian law, having its registered office at Coupure 88, B-9000 Gent, Belgium (“Willow”, “we”) and registered with the Crossroads Bank for Enterprises (Kruispuntbank van Ondernemingen or KBO) under enterprise number 0693.699.260.

1.2. We at Willow provide social media marketing automation subscription services, as described on our Site (https://www.willow.co).

1.3. We value your right to privacy and make every effort to protect your personal data in accordance with applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and national implementing legislation. In this Privacy Policy, we explain what personal data we collect from you, for what purposes we will process this data, on what legal basis we base this processing, to whom your personal data may be transferred, how long we keep your data, how we protect your data and what rights you have in relation to the processing of your personal data. 

1.4. All concepts not explicitly defined in this Privacy Policy, have the same meaning as in our Terms of Services.

2. From whom do we collect data?

2.1. In the course of our business, we may collect personal data from customers, users of the Services, prospects, visitors to our website ((https://www.willow.co)) , persons who provide their business card or otherwise their contact details to us, and persons who contact us by e-mail or otherwise.

3. Which personal data do we process

3.1. By using our Site or our Services, we collect and process your data. Some aspects of these data can be qualified as personal data.  We process the following categories of personal data: 

  • Personal data that you enter yourself on the Site
  • Personal data entered by customers and users of Willow
  • Personal data collected by Willow when the website: for example, through the use of cookies. 

3.2. Willow may process the following personal data in accordance with the provisions of this Privacy Policy. 

  • Contact information such as name, e-mail address, …
  • Technical information such as IP-address

3.3. If you create an account or log into the Services using third-party services, such as Google, we will receive your name and email address as permitted by your profile settings on the third-party service in order to authenticate you. The information we receive when you authenticate through a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in the relevant third-party services to understand what data may be disclosed to us or shared with our Services.

3.4. If you connect your third party social media account to your Willow account, we may collect certain information stored in your social media account such as:

Facebook
Willow may allow you to connect a Facebook page or profile to your Willow account, in which case we will access certain information from Facebook regarding your account. In particular, we may collect profile image, display name, username / page ID or profile ID, access tokens, sent posts. This includes the content of your post and engagement data (such as click rates, likes, re-shares, impressions, as well as general engagement counts), to the extent permitted by applicable law. This data will only be used by Willow to provide you with the Service you expect and will not be shared with any third parties.

Twitter
Willow may allow you to connect a Twitter profile to your Willow account, in which case we will access certain information from Twitter regarding your account. In particular, we may collect profile image, display name, username / profile ID, access tokens, and sent posts. This includes the content of your post and engagement data (such as click rates, likes, retweets, re-shares, impressions, as well as general engagement counts), to the extent permitted by applicable law. This data will only be used by Willow to provide you with the Service you expect and will not be shared with any third parties.

Instagram
Willow may allow you to connect an Instagram profile to your Willow account, in which case we will access certain information from Instagram regarding your account. In particular, we may collect profile image, display name, username / profile ID, access tokens, and sent posts. This includes the content of your post and engagement data (such as click rates, likes, re-shares, impressions, as well as general engagement counts), to the extent permitted by applicable law. This data will only be used by Willow to provide you with the Service you expect and will not be shared with any third parties.

LinkedIn
Willow may allow you to connect a LinkedIn profile to your Willow account, in which case we will access certain information from LinkedIn regarding your account. In particular,
we may collect profile image, display name, username / profile ID, access tokens, and sent posts. This includes the content of your post and engagement data (such as click rates, likes, re-shares, impressions, as well as general engagement counts), to the extent permitted by applicable law. This data will only be used by Willow to provide you with the Service you expect and will not be shared with any third parties.

4. For which purposes do we process your personal data

We may use the aforementioned personal data for the following purposes: 

  • Allow Willow to provide its Services;
  • Access to third-party accounts;
  • Interaction with live chat platforms and platform services and hosting

5. With whom do we share your personal data?

5.1. We may disclose your personal data to the following parties:

  • Third parties who provide services to us or who provide services in our name on our behalf such as IT service providers, PR service providers, consultants,…;
  • Governmental bodies such as police and judicial authorities;
  • Employees, representatives, shareholders, (sub)contractors, affiliated companies, external advisors or consultants of Willow.

5.2. When transferring personal data to third parties, we always ensure that we implement appropriate technical and organisational protection measures. Where necessary, we will, for example, conclude a transfer agreement or a processor agreement, which sets out restrictions on the use of your personal data and obligations in respect of the security of your personal data.

5.3. Your personal data will not be lent or sold to third parties for marketing purposes without your prior express consent.

5.4. To the extent that your data is transferred in the context of this article to countries outside the European Union which do not provide an adequate level of protection for your data, Willow will ensure that the companies to which your data is transferred do provide an adequate level of protection. In particular, we have concluded Standard Contractual Clauses (SCC) with them. Willow guarantees to always verify, on a case-by-case basis, whether an adequate level of protection is in place for transfers to third countries.

6. How long do we store your personal data?

6.1. We do not keep your personal data longer than necessary for the purposes for which it is collected and processed (as described above).

6.2. For the purposes of providing services to our customers, we will retain it for as long as necessary to fulfil the purposes set out above, unless a longer retention period is (i) necessary to cover our liability or (ii) required or permitted by law.

6.3. All personal data purely for the purpose of scientific research or statistical purposes may be stored for longer periods.

6.4. Regarding the data of visitors to our website, we refer to our Cookie Policy

7. How do we secure your personal data?

7.1. We take appropriate technical and organisational measures to ensure a level of security appropriate to the specific risks we have identified.

7.2. We thus protect your personal data as best as we can against the destruction, loss, alteration or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. More information on our security measures is available upon request. 

8. Which rights do you have as a data subject?

8.1. Withdraw your consent at any time: you have the right to withdraw consent where they have previously given their consent to the processing of your personal data.

8.2. Object to processing of your personal data: you have the right to object to the processing of your personal data if the processing is carried out on the legal basis of a legitimate interest, including profiling. You also have the right to object to the processing of your personal data for direct marketing purposes. This right is absolute - we will always comply with it.

8.3. Right to access: You have the right to obtain confirmation from us as to whether or not we are processing your personal data, to obtain access to that personal data and how and why it is being processed, as well as to receive a copy of that data.

8.4. Right to rectification: You have the right to obtain a correction of your personal data or to request that we complete your personal data if you notice that we are processing incorrect or incomplete data about you.

8.5. Right to erasure: You have the right to obtain data erasure in certain specific cases.

8.6. Right to restriction: You have the right to have the processing of your personal data restricted in certain specific cases.

8.7. Right to data portability: You have the right to obtain the personal data you have provided us with in a structured, commonly used and machine-readable form, and to transfer that personal data (or have it transferred) to another controller.

8.8. You may exercise the above rights by sending an e-mail to hello@willow.co, or in the case of the right to object to direct marketing also via the opt-out link included in our marketing e-mails. The exercise of these rights is in principle free of charge. Only in case of unreasonable or repeated requests may we charge a reasonable administrative fee. We always try to answer your requests or questions as quickly as possible. It is possible that we will first ask you for proof of identity in order to verify your identity. For further information and advice on the above rights, please visit the website of the Data Protection Authority: www.gegevensbeschermingsautoriteit.be. In addition to the above rights, you also have the right at any time to lodge a complaint with the Data Protection Authority in connection with the processing of your personal data by us. You can contact the authority at contact@apd-gba.be or by mail at the following address:

Gegevensbeschermingsautoriteit
Drukpersstraat 35
1000 Brussel

9. Changes to the privacy policy

9.1. From time to time it may be necessary to amend this Privacy Policy. When we post changes to the policy, we will change the "last updated" date at the bottom of the document. The most recent version of this Privacy Policy will be available on our Site at all times. 

10. Contact

10.1. From time to time it may be necessary to amend this Privacy Policy. When we post changes to the policy, we will change the "last updated" date at the bottom of the document. The most recent version of this Privacy Policy will be available on our Site at all times.