Privacy Policy

Version 1.0

Date 15/03/2022

1. General information

AdSomeNoise BV (hereinafter "AdSomeNoise", "we", "us") is an advertising agency specialising in digital display and online advertising. In practice this means that our customers request us to develop advertising campaigns in a variety of ways.

In order to set up useful advertising campaigns, we obviously need to collect and process certain information, which may include the personal data of clients, the personal data of website visitors and even data we receive from third parties (third-party data).

AdSomeNoise respects your privacy and strives to always treat your personal data with the necessary care and confidentiality. We hereby undertake to always comply with the General Data Protection Regulation ("GDPR") and other applicable regulations.

You will find all our relevant details below and can also contact us at any time using the contact details provided for further questions or comments regarding how we handle your personal data.

Name: AdSomeNoise BV
Company number: 0845.005.996
Address seat: Schipvaartstraat 26
3000 Leuven
Belgium
E-mail address: info@adsomenoise.com

We have also appointed a Data Protection Officer that helps us manage privacy and data protection issues within the organisation and can be contacted via privacy@adsomenoise.com.

2. What is the scope of application of this Privacy Policy?

This Privacy Policy is only applicable when AdSomeNoise is in charge of the processing of your personal data. This means that AdSomeNoise acts as data controller and determines why and how your data is being processed. For reasons of transparency we also explain which data we can process of (potential) customers of our clients or website visitors of our clients and why we do so. However, when we do, we do this in our capacity as data processor of our clients who remains data controller.

‘Processing’ means any kind of data processing that could identify you as a natural person. Which specific data this may concern, will be explained in detail below. The concept of ‘processing’ is broad and includes for example the collection, storage, disclosure and distribution of your data.

This Privacy Policy is applicable on the processing of personal data by AdSomeNoise from the categories of persons mentioned hereunder. For reasons of transparency and clarity, we will keep distinguishing between these categories of persons throughout the Privacy Policy, where relevant. Which data we process from you, the purposes for which we process your data, and other relevant elements are after all dependent on your relationship with AdSomeNoise. The categories include persons who belonged to these categories in the past (e.g. former clients), and persons who may belong to these categories in the future (e.g. potential clients).

  • visitors of our public website https://www.adsomenoise.com/;
  • our clients;
  • (potential) customers of our clients (visitors of our client’s public website);
  • our business partners, that assist us in operating our activities;
  • staff candidates.

If one of the persons referred to above is a legal person, we still process data from our contact persons at these entities and the GDPR applies.

Our website use cookies. For more detailed information about the processing of your data by the use of cookies on website, please refer to our Cookie Policy, which forms an integral part of this Privacy Policy.

3. What personal data do we process?

Below we clarify what personal data we may process from you. Depending on the specific situation, your preferences and the way in which you contact us, we may not process all of the data below. For the sake of clarity, we will first explain below what personal data we generally process about all our contacts. Then we will explain which personal data we additionally process for specific categories of contacts, namely our clients, (potential) customers of our clients, business partners and our staff candidates.

General

From all our contacts we may process the data below:

Type of data Examples (non-exhaustive)
Electronic identification and usage data (related to our own website) IP address, browser type, location data, by which route you arrived at our website, the type of device you use to visit our website, the web pages visited, the way you navigate on the web pages visited. This data is processed mainly through the use of cookies. For more details on this, please refer to our separate Cookie Policy.
Identification data
Contact details and history Name, first name, address, email address, phone number, communications sent and received (e.g., email messages, messages sent via the contact form on our website, letters, etc.).

(Potential) customers of our clients

From (potential) customers of our clients we generally process the following data*:

Type of data Examples (non-exhaustive)
Registration data Data with which a registration is completed
Usage and behavioural data Behavioural characteristics , like reading and viewing interests, lifestyle; location derived from IP address, like city, country, postal code, country, region, time zone.
Electronic identification data Unique identifiers, like IP address; browser characteristics, like browser type, browser language, browser version, etc.; device characteristics, like device type, mobile brand, operating system, screen resolution, etc.; browsing behaviour, like URL etc.

*! Please note that this type of data is processed in our capacity as data processor, not data controller.

Clients and business partners

From (contact persons of) our clients and business partners we may additionally process the following data:

Type of data Examples (non-exhaustive)
Contact details and history See above.
Payment and billing information Payment card details, bank account number, if you make payments to us or receive payments from us.
Feedback Any feedback you may have, as a business partner, on our co-operation.

Staff Candidates

Of staff candidates we may additionally process the following data. Of course, this will largely depend on what data you wish to provide us with in connection with your job application.

Type of data Examples (non-exhaustive)
Contact details and history See above.
Personal details
Work related data Curriculum vitae, education, certificates and credit lists, language skills, professional career, publications, portfolio.
Personality Profile Motivation letter, hobbies, social activities, personality, interview notes.
Audiovisual data Pictures and video recordings that you would provide to us in the context of your application.

Special categories of personal data

Special categories of personal data are personal data relating to health, racial or ethnic origin, political opinion, religious beliefs, trade union membership, genetic or biometric data, sexual orientation/life, criminal conviction. In principle, we will not process special categories of data unless you provide it to us with your explicit consent.

4. For what purposes and on what legal grounds do we process personal data?

We only process your personal data for legitimate purposes that are part of our organisation’s activities. The processing is always based on the legal grounds listed in the GDPR.

For the sake of clarity, we first provide below an overview of the purposes and legal bases of the general processing operations within our organisation. Then we list the processing operations that are relevant to specific categories of contacts, specifically our clients, (potential) customers of our clients, business partners and our staff candidates.

General

The processing steps below are potentially relevant to all of our contacts.

Processing purpose Legal basis
Answering your question when you contact us, should this not be (or no longer be) part of an existing, former or potential future relationship with you as our client, (potential) customer of our client , business partner, or staff candidate, including when this is done through one of the forms on our website. Legitimate interest
Promoting the activities of AdSomeNoise, by using your contact information to send newsletters or other marketing materials (to you, if you give your express consent to do so, via email or via the registration form on our website, or if it is possible based on our legitimate interests. You have the right to withdraw your consent at any time by using the unsubscribe link at the bottom of any such message you receive from us. You also have an absolute right to object to such processing, after which we must cease such processing. Consent
Legitimate interest, if possible, after consideration.
To provide a website that functions properly on a technical level by using strictly necessary cookies, so that we can provide you with a safe and well-functioning website. Legitimate interest
The use of analytical cookies on our website to understand how you use our website, for the purpose of, among other things, detecting navigation problems, and making the website more user-friendly and attractive. Consent
The use of marketing cookies on our website, for the purpose of implementing features on our website provided by social media. Consent
Fulfilling our legal obligations as an organisation, such as data protection and tax/accounting obligations. Legal obligation
To ensure the possibility of exercising or defending the interests of AdSomeNoise in court, and to actually do so, if we believe that our interests are being harmed and legal proceedings are imminent (e.g., judicial collection of an unpaid invoice), or if legal action should be taken against us by a person who feels aggrieved by us (e.g., for defense if you would like to hold us liable for defects in the delivery of our merchandise or in our services). Legitimate interest

(Potential) customers of our clients

From the (potential) customers of our clients we process the personal data additionally for the following purposes*:

Processing purpose Legal basis
We mainly use personal data in the context of the advertising campaigns we set up for clients. Advertising is a necessity, and we want to make sure that instead of receiving useless advertising messages, people get advertising messages that really matter (relevant messages). That is why we use data obtained from our clients and third parties to reach certain target groups and software that allows us to analyse the use of our (client’s) website and send interested users relevant advertising after their visit. When client or third-party data is used, we obviously assume that the party that provides the data is responsible for the protection of these data and for obtaining the necessary consent. Like us, they often obtain users’ consent by using cookies. Consent (via our client or a third-party)

*! Please note that this type of data is processed in our capacity as data processor, not data controller.

Clients and business partners

From our business partners (hosting organisations or suppliers) we process the personal data additionally for the following purposes:

Processing purpose Legal basis
Entering into, performing or terminating the specific agreement with you as our client or business partner, fulfilling our pre-contractual obligations, managing our client relationship or relationship as business partners, communicating with you, paying the amounts we owe you as your business partner, or invoicing and collecting the amounts you owe us as a result of the cooperation. Necessity for the formation or performance of a contract.
Legitimate interest (for contacts at our business partner who are not a party to the contract)

Staff Candidates

From our prospective staff, we process the data additionally for the following purposes:

Processing purpose Legal basis
Assessing whether AdSomeNoise wishes to enter into an employment or partnership agreement with you. Necessary for the formation of a contract.
Keeping for a maximum of 2 years the data you provided us with in the context of a job application, if you have an interesting profile, but we could not make you an initial proposal because a suitable position was not available. If a suitable position should become available, we will use your data to contact you again and gauge your interest in further discussions. Consent

5. With whom do we share your personal data?

General

We will not transfer your data to third parties, unless this is necessary for achieving one of the aforementioned purposes, you give your consent for such transfer, or we are required to do so by law.

Where necessary we engage external service providers, so called “data processors”, to support our operational purposes such as providing our services, managing our IT systems or performing any other (internal) business processes such as the digital storage of our client files. These external service providers may perform certain processing activities on your data on our behalf. We will only share your data with these external service providers to the extent necessary for the relevant purpose. The data may not be used for any other purposes by these third parties. In addition, these service providers are contractually bound to ensure the confidentiality of your data by means of a so-called “data processing agreement” concluded with these parties.

Identification of categories of recipients

Specifically, this means that we share your data, to the extent relevant in your situation, with the following third parties for the following purposes, with these third parties in certain cases acting as processors on our behalf:

Potential category of recipients of your data Legal basis
  • In the IT field: processors who assist us in operating our housing network, with the aim of efficient digital data management within our organisation, including the digital storage of your data or file, the delivery of transactional emails or information with regard to the provision of the services or support we provide to you or you to us in the context of our relationship as business partners, the delivery of e-mails for the purpose of promoting the activities of AdSomeNoise, the hosting and management of the website and our mailboxes, the support to AdSomeNoise in understanding how you use the website through the services offered by Google Analytics;
  • Other processors in connection with the provision of our services (e.g. payment service providers, other cooperation partners).

Necessity for the conclusion or performance of a contract, if you are our client, business partner or prospective employee.


Legitimate interest if no (direct) contract between us applies or is contemplated, e.g. if you are merely our contact at our client or business partner.


Your consent where relevant, e.g. when subscribing to the newsletter.

Governmental bodies, judicial authorities and practitioners of regulated professions such as auditors, accountants and lawyers, for the purpose of fulfilling our legal obligations as a company, and the efficient defense of our interests in the context of any legal dispute, for the data strictly necessary for this purpose. Legal obligation if the transfer is in line with a legal obligation or government order.
Legitimate interest for any other transfer

6. How long do we store your personal data?

We do not store your data for longer than is necessary in order to achieve the purpose for which the data has been collected or processed, as specified above.

Since the period for which the data can be stored depends on the purposes for which the data has been collected, the storage period will vary according to the individual situation. Sometimes specific legislation will require that we store certain data for a certain period. Our retention periods for personal data are based on legal requirements and balancing your rights and expectations against what is useful and necessary to provide our services, or allow you to provide your services to us.

When it is no longer necessary to process your data, we will delete or anonymize your data. If this is not (technically) possible, for example because your data is stored in backup archives, then we will retain your data, but we will not further process it and will remove it when this becomes possible.

Data we process in our capacity as data processor – in the context of advertising campaigns for clients for example – shall only be kept for as long as is necessary to run the campaigns. They shall be returned to the client or destroyed immediately afterwards, unless we are legally obliged to retain the data for a longer period of time.

7. From whom do we obtain your personal data?

As a client, business partner or staff candidate, we mainly obtain your personal data directly from you, as a result of the contact we have with each other with a view to the (possible) provision of services or support or possible collaboration. However, we cannot rule out obtaining certain of your personal data indirectly in specific circumstances, from public sources or from third parties.

We may also obtain personal data indirectly from our clients, (potential) customers of our clients or business partners.

For example we may obtain personal data of our clients or business partners indirectly from public sources. This mainly concerns limited data about your organisation that is publicly available, such as on the website of your organisation, or in the company register of your country. We do so to verify your application or your proposal to collaborate on behalf of an organisation.

For example we may obtain data of (potential) customers of our clients via our clients, when you visit a website or app of our clients or because we derive it from these sources (e.g. behavioural characteristics, location, etc.). However, in this particular case we act as processor of our clients and not as a controller.

Finally, we may consult the profile of staff candidates on professional social media platforms, or receive your details from a recruitment agency should you apply with us this way.

In the event we obtain your data indirectly, we will inform you about the processing of your data no later than at the time of our first contact with you.

8. Where do we store your personal data and how do we protect it?

Your personal data is mainly stored externally with specialised third parties, such as the external service providers we engage for hosting our website. We outsource the majority of our technical processing activities to third parties, who act as data processors on behalf of AdSomeNoise. We try to engage external service providers that are based inside the European Economic Area (EEA).

However, it is possible that your personal data is transferred outside the EEA in connection with the provision of the by you requested service and support of AdSomeNoise. As a result, your personal data may be transferred outside the countries where we and you are located. This includes to third countries outside the EEA and to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully.

Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses or your explicit consent that will be requested before transferring your personal data outside of the EEA.

In any case, we and our processors have taken the necessary technical and organizational measures with a view to protecting your data against loss or any form of unlawful processing. We only grant access to the data to our own employees and third parties if they need access for legitimate, relevant business purposes.

9. What are your rights?

You have several rights concerning the personal data we process about you. If you wish to exercise any of the rights set out below, please contact us using the contact details provided in the first heading of this Privacy Policy.

Right of access and copy

You have the right to access your data and to obtain a copy thereof. This right also includes the possibility of requesting further information on the processing of your data, including on the categories of data processed about you and for what purposes.

Right to rectification

You have the right to have your data amended if you believe we have incorrect data.

Right to erasure (right to be forgotten)

You have the right to request that we delete your data without unreasonable delay. However, we will not always be able to comply with such a request, including when we still need the data in function of a current contractual relationship, or when the retention of certain data for a certain period is required by law.

Right to restriction of processing

You have the right to restrict the processing of your data. In this way, the processing is temporarily stopped until, for example, there is certainty about its accuracy.

Right to withdraw your consent

Where processing is based on your consent, you have the right to withdraw this consent at any time by contacting us. For marketing messages you receive from us via email based on your consent, you can easily withdraw this consent by clicking 'Unsubscribe' at the bottom of each such message.

Right to object

You have the right to object to the processing of your data based on our legitimate interests. This should be based on reasons specific to your situation. In this case, we must stop processing unless we provide compelling legitimate grounds to continue processing.

However, you can always object to the use of your data for direct marketing purposes, after which we are obliged to stop the processing for these purposes.

Right to data portability

You have the right to obtain your data, which you have provided to us yourself, in electronic form. In this way, they can be easily transferred to another organization. You also have the right to request us to transfer your data directly to another organization, if this is technically possible.

Right to complain to your supervisory authority

If you believe that we are improperly processing your data, you always have the right to lodge a complaint with your data protection supervisory authority. You can do this with the supervisory authority of the EEA member state where you usually reside, where you have your place of work or where the alleged infringement has taken place. Since we manage and coordinate the project activities primarily from Belgium, please refer below to the contact details of the Belgian Data Protection Authority.

Belgian Data Protection Authority (GBA)

Drukpersstraat 35

1000 Brussels

+32 (0)2 274 48 00

contact@apd-gba.be

For further information and the contact details of the supervisory authority of each EEA member state, please refer to this website page of the European Data Protection Board with all relevant contact details. In addition, you may always apply to the competent civil court to make a claim for compensation.

10. How can you exercise your rights?

You can exercise the aforementioned rights simply by contacting us using the contact information set forth in the first heading of this Privacy Policy.

When you make a request to exercise your rights, if we have any doubts about your identity, we will ask you to verify it. In this case, we will request the transmission of documents that enable your identification beyond a reasonable doubt, such as a copy of the front of your identity card. We do this to prevent your data from falling into the wrong hands. It is sufficient for such a copy to show your name and date of birth clearly. You preferably delete all the other data.

The exercise of your rights is in principle free of charge. However, where your request is manifestly unfounded or excessive, we may charge you a reasonable fee in light of the administrative costs incurred by us. In the same case, however, we may choose not to act on your request. You will be informed of the reasons if we do so.

In any event, we will always inform you of the action taken on your request at the latest within 1 month of receipt. In the case of complex or frequent requests, this period may be extended to 3 months. In the latter case, you will be informed of the extension of the response period.

11. Changes

We reserve the right to change this Privacy Policy. The most recent version is available on our website at all times. The date on which this Privacy Policy was last amended can be found at the top of this page. In the event of a substantial change in the Privacy Policy, we will inform the data subjects on whom this may have an impact, directly if possible.