Privacy statement version 1 – 04/04/2024

Owner and Data Controller

OnTracx bv

Owner contact email: info@ontracx.com 

Privacy Statement

OnTracx (“we” or “us”) cares about the privacy of (prospective) customers, suppliers, business partners and visitors of our website www.ontracx.com (the “Website”) and the OnTracx smartphone application (the “app”). Therefore, we guarantee that all personal data provided by you or collected through the Website will be processed by us in accordance with this privacy policy (the “Privacy Policy”), the EU General Data Protection Regulation (Regulation EU 2016/679) and all other existing or new applicable laws relating to personal data protection. 

In this privacy policy, we wish to inform you on how we use your personal data and what your rights are in relation to your personal data. 

We reserve the right to update this Privacy Policy at any time to reflect changes in our personal data processing practices. We will inform you of significant changes through a notice on the Website, or via email. 

If you have any questions related to this Privacy Policy, please contact us via the contract details provided below. 

When does this Privacy Policy Apply?

This Privacy Policy is applicable to the processing by us of personal data of our (prospective) customers, suppliers, business partners and visitors of the Website and or the App. By using our Websites, creating a customer account, placing an order or otherwise providing any personal data to us, you agree with the terms of this Privacy Policy. Similarly, by using the App, creating a profile, using the App or otherwise providing any personal data to us, you agree with the terms of this Privacy Policy. 

Who Is The Controller?

“We” refers to OnTracx bv, a company incorporated under Belgian law, registered with the BCE under n° 1000.197.286  and with VAT n° BE1000197286, with registered offices at Franklin Rooseveltlaan 349/80, 9000, Gent, Belgium. We are the controller of all personal data that we process within the scope of this Privacy Policy. 

For What Purpose Do We Use Your Personal Data?

We will process your personal data, i.e. both from the Website and from the App, for the following purposes: 

• to ensure proper communication with you; 
• to manage your registration as a user on the store platform and App; 
• to manage the sales relation, including processing and tracking your order, your delivery, performing your billing, providing any after-sales services and conducting satisfaction surveys; 
• to deliver services requested by you; 
• to accommodate your requests made through the customer support channels; 
• to provide you with marketing information about our products or special offers; 
• to optimise the quality of our services and the functionality of the Websites; 
• to prevent, detect and investigate fraudulent or criminal activities; 
• to operate and manage our business processes and IT infrastructure; 
• to establish, exercise or defend our legal rights; 
• to protect the rights of third parties; 
• to comply with any applicable laws and regulations, court orders or the requests of an authority;
• to expand, improve and roll out algorithms in updated versions of the App; 
• to individualise your experience in as a user when using the App;
• to accommodate you with personal information (e.g. tips & tricks) concerning reducing the risk of overuse injuries; and
• for any other purpose communicated to you prior to (or ultimately at the time of) the collection of your personal data. 

Depending on the relationship we have with you, your personal data can be processed for different purposes. We will not use your personal data for purposes that are incompatible with the purposes of which you have been informed, unless we are required or authorised by law to do so. 

Some personal data, which we will mark as mandatory to provide, is necessary for the use of certain functionalities or services of the Websites and the App. If you decide not to make such data available to us, we might not be able to complete your user registration or to offer you the (full) functionalities or services in question. 

On What Legal Grounds Do We Use Your Personal Data?

We shall only process your personal data when there is a legal ground to do so. In particular, we shall process your personal data on the basis of the following legal grounds: 

• because the use of your personal data is necessary for the conclusion and performance of an agreement with you; 
• because the use of your personal data is necessary to ensure compliance with our legal obligations; 
• because the use of your personal data is necessary for the purposes of our legitimate interests or those of a third party; and/or 
• because you have consented to the use of your personal data (e.g. to improve the current technology inherent to the Website or the App). 

We have a legitimate interest in collecting and processing personal data, for example, (i) to ensure proper communication with you, (ii) to accommodate your requests made through the customer support channels (iii) to optimize the quality of our services and functionality of the Websites, (iv) to manage our sales relations, (v) to operate and manage our business processes and IT systems, (vi) to detect, prevent and investigate fraud, and (vi) to enforce our rights and comply with our legal obligations. 

We will only provide you with direct marketing emails (e.g. digital newsletters) after we have obtained your prior explicit consent to receive such e-marketing communications. You have the right to object at any time to the processing of your personal data for such marketing purposes through the use of the “unsubscribe” link included at the end of a direct marketing email or by contacting us via the contact details included below.

What personal information is collected? 

During the onboarding process of the App, and the information that you might provide us via the Website, the following personal information will be gathered and stored:

• e-mail address;
• Name and last name;
• Date of birth;
• Gender;
• Length and weight;
• Running experience;
• Injury proneness;
• GPS location; and
• 3D (i.e. three-axial) accelerometer data;

If any changes to the gathered information should be made, these changes will be communicated to you prior to (or ultimately at the time of) the collection of your personal data. 

How Do We Secure Your Personal Data?

OnTracx is committing to take reasonable, physical, technological and organizational precautions in order to prevent (i) unauthorised access to your personal data, as well as (ii) loss, misuse or alteration of your personal data. HYLYGHT will store all personal data it has collected in the cloud (Amazon Web Services) which also employs robust security measures. We restrict access to personal data to authorised persons only.

Despite our rigorous security policy and controls, we must acknowledge that no method of transfer or retransmission via the Internet nor any method of electronic storage is 100% secure. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security. If you have reasons to believe that your interaction with us is no longer secure, please immediately contact us via the contact details provided below. 

The Websites and the App may, from time to time, contain links to or from websites of third parties, including social media channels. If you follow a link to any of these websites, kindly note that these websites have their own privacy policies and that we do not accept any responsibility or liability for the use of your personal data through these websites. We recommend that you review the privacy policies of these third parties to learn how they process your data.

Who Do We Share Your Personal Data With?

We may transfer your personal data to the following categories of recipients: 

• service providers and subcontractors (including logistic, transport and delivery partners, advertising and marketing partners, IT support providers and cloud computing providers, payment processors, etc.); 
• governmental or administrative authorities; 
• financial institutions; 
• professional advisors (including lawyers and accountants); and 
• insurance companies. 

Cross-border processing of personal data

Any transfer of personal data outside the European Economic Area (EEA) to a recipient who is domiciled or established in a country that is not covered by an adequacy decision, issued by the European Commission, will be governed by provisions of a data transfer agreement, which includes (i) the standard contractual clauses, as stipulated in the 'Decision of the European Commission of 5 February 2010 (Decision 2010/87 / EC)' and the Annex to the COMMISSION IMPLEMENTING DECISION on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679, or (ii) any other mechanism under the privacy legislation or any other regulation concerning the processing of personal data.

How Long Will We Retain Your Personal Data?

We will retain your personal data for as long as needed or permitted for the purposes included in this Privacy Policy. The criteria used to determine our retention periods include: (i) if you have an agreement or an ongoing relationship with us, your personal data shall be retained for as long as needed to provide services to you, (ii) if you are a registered user of the Websites or the App, your personal data shall be retained for as long as you remain a registered user, (iii) we shall retain your personal data as needed to ensure compliance with our legal and contractual obligations and (iv) if the personal data is deemed valuable to improve the current working of the App, the personal data will be retained as long as you are an active user, or for a maximum of ten years after you have unsubscribed from the app.

Cookies

The Websites use cookies and similar devices to facilitate your browsing, to understand how you interact with us and, in certain cases, to be able to show you advertisements in accordance with your browsing habit, provided that you expressly give us your consent thereto. 

You can change your cookie preferences at all times to delete and block cookies. You find help to adjust these settings on the website of the browser that you use. Remember that disabling cookies when visiting the Websites may cause some or all of the functions of the Websites not to work properly.

What Are Your Rights?

You have the right to request access to and rectification or erasure of your personal data or restriction of the processing of your personal data or to object to the processing of your personal data, as well as the right to data portability. However, rectification and or erasure of your personal data might cause some or all of the functions of the Website or the App not to work properly. 

In case we process your personal data on the basis of your consent, you have the right to withdraw your consent at any time. Such withdrawal will not affect the lawfulness of the processing based on consent before its withdrawal. 

If you believe that your rights have been violated and/or if you believe that we do not comply with applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. The contact details of the Belgian Data Protection Authority can be found on the website https://www.privacycommission.be/burger. 

Contact Us

Should you have any questions regarding the processing of your personal data, including the exercise of your rights, please contact us by email or regular mail using the contact details provided below. If you have any questions or complaints about the Agreement or its Terms and Conditions or otherwise, please contact us: 

By email: info@ontracx.com 

By regular mail: Franklin Rooseveltlaan 349/80, 9000, Gent, Belgium.