Version 1.0
Date 15/03/2022
AdSomeNoise BV (hereinafter "AdSomeNoise", "we", "us") is an advertising agency specialising in digital display and online advertising. In practice this means that our customers request us to develop advertising campaigns in a variety of ways.
In order to set up useful advertising campaigns, we obviously need to collect and process certain information, which may include the personal data of clients, the personal data of website visitors and even data we receive from third parties (third-party data).
AdSomeNoise respects your privacy and strives to always treat your personal data with the necessary care and confidentiality. We hereby undertake to always comply with the General Data Protection Regulation ("GDPR") and other applicable regulations.
You will find all our relevant details below and can also contact us at any time using the contact details provided for further questions or comments regarding how we handle your personal data.
| Name: | AdSomeNoise BV |
| Company number: | 0845.005.996 |
| Address seat: | Schipvaartstraat 26 3000 Leuven Belgium |
| E-mail address: | info@adsomenoise.com |
We have also appointed a Data Protection Officer that helps us manage privacy and data protection issues within the organisation and can be contacted via privacy@adsomenoise.com.
This Privacy Policy is only applicable when AdSomeNoise is in charge of the processing of your personal data. This means that AdSomeNoise acts as data controller and determines why and how your data is being processed. For reasons of transparency we also explain which data we can process of (potential) customers of our clients or website visitors of our clients and why we do so. However, when we do, we do this in our capacity as data processor of our clients who remains data controller.
‘Processing’ means any kind of data processing that could identify you as a natural person. Which specific data this may concern, will be explained in detail below. The concept of ‘processing’ is broad and includes for example the collection, storage, disclosure and distribution of your data.
This Privacy Policy is applicable on the processing of personal data by AdSomeNoise from the categories of persons mentioned hereunder. For reasons of transparency and clarity, we will keep distinguishing between these categories of persons throughout the Privacy Policy, where relevant. Which data we process from you, the purposes for which we process your data, and other relevant elements are after all dependent on your relationship with AdSomeNoise. The categories include persons who belonged to these categories in the past (e.g. former clients), and persons who may belong to these categories in the future (e.g. potential clients).
If one of the persons referred to above is a legal person, we still process data from our contact persons at these entities and the GDPR applies.
Our website use cookies. For more detailed information about the processing of your data by the use of cookies on website, please refer to our Cookie Policy, which forms an integral part of this Privacy Policy.
Below we clarify what personal data we may process from you. Depending on the specific situation, your preferences and the way in which you contact us, we may not process all of the data below. For the sake of clarity, we will first explain below what personal data we generally process about all our contacts. Then we will explain which personal data we additionally process for specific categories of contacts, namely our clients, (potential) customers of our clients, business partners and our staff candidates.
From all our contacts we may process the data below:
| Type of data | Examples (non-exhaustive) |
| Electronic identification and usage data (related to our own website) | IP address, browser type, location data, by which route you arrived at our website, the type of device you use to visit our website, the web pages visited, the way you navigate on the web pages visited. This data is processed mainly through the use of cookies. For more details on this, please refer to our separate Cookie Policy. |
| Identification data | |
| Contact details and history | Name, first name, address, email address, phone number, communications sent and received (e.g., email messages, messages sent via the contact form on our website, letters, etc.). |
(Potential) customers of our clients
From (potential) customers of our clients we generally process the following data*:
| Type of data | Examples (non-exhaustive) |
| Registration data | Data with which a registration is completed |
| Usage and behavioural data | Behavioural characteristics , like reading and viewing interests, lifestyle; location derived from IP address, like city, country, postal code, country, region, time zone. |
| Electronic identification data | Unique identifiers, like IP address; browser characteristics, like browser type, browser language, browser version, etc.; device characteristics, like device type, mobile brand, operating system, screen resolution, etc.; browsing behaviour, like URL etc. |
*! Please note that this type of data is processed in our capacity as data processor, not data controller.
Clients and business partners
From (contact persons of) our clients and business partners we may additionally process the following data:
| Type of data | Examples (non-exhaustive) |
| Contact details and history | See above. |
| Payment and billing information | Payment card details, bank account number, if you make payments to us or receive payments from us. |
| Feedback | Any feedback you may have, as a business partner, on our co-operation. |
Staff Candidates
Of staff candidates we may additionally process the following data. Of course, this will largely depend on what data you wish to provide us with in connection with your job application.
| Type of data | Examples (non-exhaustive) |
| Contact details and history | See above. |
| Personal details | |
| Work related data | Curriculum vitae, education, certificates and credit lists, language skills, professional career, publications, portfolio. |
| Personality Profile | Motivation letter, hobbies, social activities, personality, interview notes. |
| Audiovisual data | Pictures and video recordings that you would provide to us in the context of your application. |
Special categories of personal data
Special categories of personal data are personal data relating to health, racial or ethnic origin, political opinion, religious beliefs, trade union membership, genetic or biometric data, sexual orientation/life, criminal conviction. In principle, we will not process special categories of data unless you provide it to us with your explicit consent.
We only process your personal data for legitimate purposes that are part of our organisation’s activities. The processing is always based on the legal grounds listed in the GDPR.
For the sake of clarity, we first provide below an overview of the purposes and legal bases of the general processing operations within our organisation. Then we list the processing operations that are relevant to specific categories of contacts, specifically our clients, (potential) customers of our clients, business partners and our staff candidates.
General
The processing steps below are potentially relevant to all of our contacts.
| Processing purpose | Legal basis |
| Answering your question when you contact us, should this not be (or no longer be) part of an existing, former or potential future relationship with you as our client, (potential) customer of our client , business partner, or staff candidate, including when this is done through one of the forms on our website. | Legitimate interest |
| Promoting the activities of AdSomeNoise, by using your contact information to send newsletters or other marketing materials (to you, if you give your express consent to do so, via email or via the registration form on our website, or if it is possible based on our legitimate interests. You have the right to withdraw your consent at any time by using the unsubscribe link at the bottom of any such message you receive from us. You also have an absolute right to object to such processing, after which we must cease such processing. | Consent |
| Legitimate interest, if possible, after consideration. | |
| To provide a website that functions properly on a technical level by using strictly necessary cookies, so that we can provide you with a safe and well-functioning website. | Legitimate interest |
| The use of analytical cookies on our website to understand how you use our website, for the purpose of, among other things, detecting navigation problems, and making the website more user-friendly and attractive. | Consent |
| The use of marketing cookies on our website, for the purpose of implementing features on our website provided by social media. | Consent |
| Fulfilling our legal obligations as an organisation, such as data protection and tax/accounting obligations. | Legal obligation |
| To ensure the possibility of exercising or defending the interests of AdSomeNoise in court, and to actually do so, if we believe that our interests are being harmed and legal proceedings are imminent (e.g., judicial collection of an unpaid invoice), or if legal action should be taken against us by a person who feels aggrieved by us (e.g., for defense if you would like to hold us liable for defects in the delivery of our merchandise or in our services). | Legitimate interest |
(Potential) customers of our clients
From the (potential) customers of our clients we process the personal data additionally for the following purposes*:
| Processing purpose | Legal basis |
| We mainly use personal data in the context of the advertising campaigns we set up for clients. Advertising is a necessity, and we want to make sure that instead of receiving useless advertising messages, people get advertising messages that really matter (relevant messages). That is why we use data obtained from our clients and third parties to reach certain target groups and software that allows us to analyse the use of our (client’s) website and send interested users relevant advertising after their visit. When client or third-party data is used, we obviously assume that the party that provides the data is responsible for the protection of these data and for obtaining the necessary consent. Like us, they often obtain users’ consent by using cookies. | Consent (via our client or a third-party) |
*! Please note that this type of data is processed in our capacity as data processor, not data controller.
Clients and business partners
From our business partners (hosting organisations or suppliers) we process the personal data additionally for the following purposes:
| Processing purpose | Legal basis |
| Entering into, performing or terminating the specific agreement with you as our client or business partner, fulfilling our pre-contractual obligations, managing our client relationship or relationship as business partners, communicating with you, paying the amounts we owe you as your business partner, or invoicing and collecting the amounts you owe us as a result of the cooperation. | Necessity for the formation or performance of a contract. |
| Legitimate interest (for contacts at our business partner who are not a party to the contract) |
Staff Candidates
From our prospective staff, we process the data additionally for the following purposes:
| Processing purpose | Legal basis |
| Assessing whether AdSomeNoise wishes to enter into an employment or partnership agreement with you. | Necessary for the formation of a contract. |
| Keeping for a maximum of 2 years the data you provided us with in the context of a job application, if you have an interesting profile, but we could not make you an initial proposal because a suitable position was not available. If a suitable position should become available, we will use your data to contact you again and gauge your interest in further discussions. | Consent |
General
We will not transfer your data to third parties, unless this is necessary for achieving one of the aforementioned purposes, you give your consent for such transfer, or we are required to do so by law.
Where necessary we engage external service providers, so called “data processors”, to support our operational purposes such as providing our services, managing our IT systems or performing any other (internal) business processes such as the digital storage of our client files. These external service providers may perform certain processing activities on your data on our behalf. We will only share your data with these external service providers to the extent necessary for the relevant purpose. The data may not be used for any other purposes by these third parties. In addition, these service providers are contractually bound to ensure the confidentiality of your data by means of a so-called “data processing agreement” concluded with these parties.
Identification of categories of recipients
Specifically, this means that we share your data, to the extent relevant in your situation, with the following third parties for the following purposes, with these third parties in certain cases acting as processors on our behalf:
| Potential category of recipients of your data | Legal basis |
|
Necessity for the conclusion or performance of a contract, if you are our client, business partner or prospective employee. Legitimate interest if no (direct) contract between us applies or is contemplated, e.g. if you are merely our contact at our client or business partner. Your consent where relevant, e.g. when subscribing to the newsletter. |
| Governmental bodies, judicial authorities and practitioners of regulated professions such as auditors, accountants and lawyers, for the purpose of fulfilling our legal obligations as a company, and the efficient defense of our interests in the context of any legal dispute, for the data strictly necessary for this purpose. | Legal obligation if the transfer is in line with a legal obligation or government order. |
| Legitimate interest for any other transfer |
We do not store your data for longer than is necessary in order to achieve the purpose for which the data has been collected or processed, as specified above.
Since the period for which the data can be stored depends on the purposes for which the data has been collected, the storage period will vary according to the individual situation. Sometimes specific legislation will require that we store certain data for a certain period. Our retention periods for personal data are based on legal requirements and balancing your rights and expectations against what is useful and necessary to provide our services, or allow you to provide your services to us.
When it is no longer necessary to process your data, we will delete or anonymize your data. If this is not (technically) possible, for example because your data is stored in backup archives, then we will retain your data, but we will not further process it and will remove it when this becomes possible.
Data we process in our capacity as data processor – in the context of advertising campaigns for clients for example – shall only be kept for as long as is necessary to run the campaigns. They shall be returned to the client or destroyed immediately afterwards, unless we are legally obliged to retain the data for a longer period of time.
As a client, business partner or staff candidate, we mainly obtain your personal data directly from you, as a result of the contact we have with each other with a view to the (possible) provision of services or support or possible collaboration. However, we cannot rule out obtaining certain of your personal data indirectly in specific circumstances, from public sources or from third parties.
We may also obtain personal data indirectly from our clients, (potential) customers of our clients or business partners.
For example we may obtain personal data of our clients or business partners indirectly from public sources. This mainly concerns limited data about your organisation that is publicly available, such as on the website of your organisation, or in the company register of your country. We do so to verify your application or your proposal to collaborate on behalf of an organisation.
For example we may obtain data of (potential) customers of our clients via our clients, when you visit a website or app of our clients or because we derive it from these sources (e.g. behavioural characteristics, location, etc.). However, in this particular case we act as processor of our clients and not as a controller.
Finally, we may consult the profile of staff candidates on professional social media platforms, or receive your details from a recruitment agency should you apply with us this way.
In the event we obtain your data indirectly, we will inform you about the processing of your data no later than at the time of our first contact with you.
Your personal data is mainly stored externally with specialised third parties, such as the external service providers we engage for hosting our website. We outsource the majority of our technical processing activities to third parties, who act as data processors on behalf of AdSomeNoise. We try to engage external service providers that are based inside the European Economic Area (EEA).
However, it is possible that your personal data is transferred outside the EEA in connection with the provision of the by you requested service and support of AdSomeNoise. As a result, your personal data may be transferred outside the countries where we and you are located. This includes to third countries outside the EEA and to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully.
Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses or your explicit consent that will be requested before transferring your personal data outside of the EEA.
In any case, we and our processors have taken the necessary technical and organizational measures with a view to protecting your data against loss or any form of unlawful processing. We only grant access to the data to our own employees and third parties if they need access for legitimate, relevant business purposes.
You have several rights concerning the personal data we process about you. If you wish to exercise any of the rights set out below, please contact us using the contact details provided in the first heading of this Privacy Policy.
Right of access and copy
You have the right to access your data and to obtain a copy thereof. This right also includes the possibility of requesting further information on the processing of your data, including on the categories of data processed about you and for what purposes.
Right to rectification
You have the right to have your data amended if you believe we have incorrect data.
Right to erasure (right to be forgotten)
You have the right to request that we delete your data without unreasonable delay. However, we will not always be able to comply with such a request, including when we still need the data in function of a current contractual relationship, or when the retention of certain data for a certain period is required by law.
Right to restriction of processing
You have the right to restrict the processing of your data. In this way, the processing is temporarily stopped until, for example, there is certainty about its accuracy.
Right to withdraw your consent
Where processing is based on your consent, you have the right to withdraw this consent at any time by contacting us. For marketing messages you receive from us via email based on your consent, you can easily withdraw this consent by clicking 'Unsubscribe' at the bottom of each such message.
Right to object
You have the right to object to the processing of your data based on our legitimate interests. This should be based on reasons specific to your situation. In this case, we must stop processing unless we provide compelling legitimate grounds to continue processing.
However, you can always object to the use of your data for direct marketing purposes, after which we are obliged to stop the processing for these purposes.
Right to data portability
You have the right to obtain your data, which you have provided to us yourself, in electronic form. In this way, they can be easily transferred to another organization. You also have the right to request us to transfer your data directly to another organization, if this is technically possible.
Right to complain to your supervisory authority
If you believe that we are improperly processing your data, you always have the right to lodge a complaint with your data protection supervisory authority. You can do this with the supervisory authority of the EEA member state where you usually reside, where you have your place of work or where the alleged infringement has taken place. Since we manage and coordinate the project activities primarily from Belgium, please refer below to the contact details of the Belgian Data Protection Authority.
Belgian Data Protection Authority (GBA)
Drukpersstraat 35
1000 Brussels
+32 (0)2 274 48 00
For further information and the contact details of the supervisory authority of each EEA member state, please refer to this website page of the European Data Protection Board with all relevant contact details. In addition, you may always apply to the competent civil court to make a claim for compensation.
You can exercise the aforementioned rights simply by contacting us using the contact information set forth in the first heading of this Privacy Policy.
When you make a request to exercise your rights, if we have any doubts about your identity, we will ask you to verify it. In this case, we will request the transmission of documents that enable your identification beyond a reasonable doubt, such as a copy of the front of your identity card. We do this to prevent your data from falling into the wrong hands. It is sufficient for such a copy to show your name and date of birth clearly. You preferably delete all the other data.
The exercise of your rights is in principle free of charge. However, where your request is manifestly unfounded or excessive, we may charge you a reasonable fee in light of the administrative costs incurred by us. In the same case, however, we may choose not to act on your request. You will be informed of the reasons if we do so.
In any event, we will always inform you of the action taken on your request at the latest within 1 month of receipt. In the case of complex or frequent requests, this period may be extended to 3 months. In the latter case, you will be informed of the extension of the response period.
We reserve the right to change this Privacy Policy. The most recent version is available on our website at all times. The date on which this Privacy Policy was last amended can be found at the top of this page. In the event of a substantial change in the Privacy Policy, we will inform the data subjects on whom this may have an impact, directly if possible.