Stellar full Logo - Influencer marketing platform

Privacy policy

I. Object

This Statement of Privacy is established by SHOPALLY SA (hereafter “Stellar”). Stellar has
its registered office at 7 rue de Livourne, 1060 Brussels, with the company number
0534.940.746.

The aim of this Privacy Policy is to explain how Stellar, as Data Controller, insures the
processing of those Personal Data.

This Privacy Policy is available on our website http://www.stellar.io.

This Privacy Policy was written in compliance with the law of 8 December 1992 on the
protection of privacy with regard to the processing of Personal Data (hereinafter referred to
as the “Law on the Protection of Privacy”) and Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of Personal Data and on the free movement of such data, and
repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection
Regulation”).

We pay particular attention to the protection of Data Subjects privacy and therefore
undertake all reasonable precautions required to protect Personal Data collected against the
loss, theft, disclosure or breach of privacy or any unauthorized use.

If you wish to react to one of the practices described below, you can always contact us.

II. On which basis do we collect your Personal Data? (Lawfulness of the processing)

We process your Personal Data for various purposes. For each processing operation, only data relevant for the purpose in question are processed.

Generally speaking, and as an example, we use your Personal Data either:

  • when we have obtained your consent;
  • within the framework of the execution of the contract or to take pre-­contractual measures at your request;
  • to comply with all legal, regulatory and administrative obligations to which we are subject, in particular:

    • prevention of money laundering;
    • combating tax fraud;
  • for reasons that are in our legitimate interest, in which case we ensure that we maintain a proportionate balance between our legitimate interest and respect for your privacy. These are the situations in which we process your Personal Data in order to be able to function and offer you the best service. For example, we process your data for the following purposes:
    • detection and prevention of abuse and fraud;
    • control of the regularity of transactions;
    • monitoring and control;
    • recognition, exercise, defence and preservation of our rights or of the persons we may represent, for example in litigation;
    • constitution of evidence;
    • global vision of the customers (for example, by establishing statistics of our customers in order to know who our customers are and to know them better);
    • follow-­up of our activities and administrative knowledge of the various persons in contact with the company, which may allow the identification of the files, the intermediary and other parties involved;
    • testing, evaluation, simplification, optimisation and/or automation of Stellar’s purely internal processes in order to make them more efficient;

III. How do we collect Personal Data?

We collect Personal Data through our website (including our contact page), one or more cookies present on our websites, all communications between you and Stellar, etc.

IV. Which Personal Data do we collect?

A. Personal Data

Stellar collects Personal Data relating to visitors and registered users who voluntarily decided to enter such data.

Personal Data that Stellar collects include:

  • Identification data regarding the company : company name, address, phone number, etc.
  • Personal identification data regarding the main contact person: first name, last name, etc.
  • Contact data: address, email, etc.
  • Data related to logs and users web session
  • Information about your computer hardware and software: IP address, browser type, domain names, access times and referring website addresses, etc.

B. Non-­Personal Data

Stellar may also collect non-­personal data (these data are qualified as non-­personal data because they do not identify you directly or indirectly). These data may therefore be used for any purpose.

C. Our Partners Data

Stellar also collects Personal Data from trusted Partners.

In this case, we ensure the validity of the legal basis used by our partners in order to legally process Personal Data.

V. Why do we collect Personal Data?

We only collect Personal Data for specific purposes. These purposes are explained hereunder so you can understand the reason why we collect your Personal Data.

Note that it is possible that we might need to process Personal Data for another purpose which has not been yet identified by this Privacy Policy. In this case, we will directly inform the Data Subjects we are using their Personal Data for this new purpose.

We listed hereunder the purposes why we ask you these data in the context of the execution of a contract:

  • Answering your questions;;
  • Managing the contract;;
  • Delivering the contract;;
  • Managing all the billings matters;;
  • Providing you information on our new products and or services;;
  • Transfer your Data to third parties (our partners).

We might also process your data for our legitimate interest, more specifically:

  • Communication about our services;;
  • Fight against fraud and infringement;;
  • Improving our website (access, uses,…);;
  • Improving our services;;
  • Ensuring technical management.

We process your personal data on the basis of your consent for statistical purposes.

Finally, we must fulfill some legal obligation. In that perspective, we might be under the obligation to process your Personal Data.

VI. How do we protect your Personal Data?

Access to your Personal Data is only granted to persons for whom it is necessary for the performance of their tasks. They are bound by strict professional discretion and must comply with all the technical and organisational requirements laid down to ensure the confidentiality of Personal Data.

We have put in place technical resources and specialized teams that deal primarily with the protection of your Personal Data. We want to prevent unauthorized persons from accessing, processing, modifying or destroying them.

Our websites may sometimes contain links to third party sites (social media, event organisers that we sponsor, etc.) whose terms of use do not fall within the scope of this Notice or under our responsibility. We therefore recommend that you read their Personal Data protection notice carefully to find out how they respect your privacy.

VII. Who has access to your data and to whom is it transferred?

A. General information

In order to protect your privacy, the persons authorized to access your Personal Data are precisely determined according to their tasks.

If necessary, this data may be communicated to our subcontractors.

As far as they are concerned, they are specialized partners in Belgium or abroad to whom we call for certain services in order to offer you the best service. For example:

  • IT service providers;;
  • Specialised consultants;;
  • Etc.

These subcontractors are contractually bound to us and must therefore follow our instructions and comply with the principles set out in our Notice. In particular, we ensure that its subcontractors: have only such data as are necessary for the performance of their tasks;; and undertake to treat these data securely and confidentially and to use them only for the performance of their duties.

We will also pass your data on to other persons if we are obliged to do so by contractual or legal obligation or if a legitimate interest justifies it. In these cases, we ensure that: such persons have only data which we are required to disclose by contractual or legal obligation or which are proportionate to the legitimate interest justifying the transfer;; and that these persons undertake to us, on the one hand, to treat these data securely and confidentially and, on the other hand, to use them only for the purpose for which the data were transferred to them.

B. No transfer for commercial use

We do not pass on your data for commercial use to third parties.

C. Transfers outside the European Economic Area (EEA)

We may transfer your data outside the European Economic Area (EEA) to a country that may not provide an adequate level of protection for Personal Data. But in these cases, we protect your data, on the one hand, by further strengthening IT security and, on the other hand, by contractually requiring a higher level of security from its international counterparts. If you wish, you can obtain a copy of the adapted contractual clauses by sending a dated and signed request by post to SHOPALLY SA, Avenue Louise 54, 1050 Bruxelles.

VIII. How long do we conserve your Personal Data?

We only keep Personal Data for a reasonable and necessary time taking into consideration the purposes of the processing and the legal and regulatory requirements.

In the context of the execution of a contract, we will not retain your Personal Data more than five years after the contract termination.

At the end of this retention period, we will make every effort to ensure Personal Data have been made unavailable or inaccessible.

IX. Your rights regarding your personal data

A. Your right of access and copy

You have the right to obtain a free copy (including in an electronic format) of the Personal
Data we collected about you.

When necessary, you can always ask us to rectify, complete or delete Personal Data that are
inaccurate, incomplete or irrelevant.

In cases where you request additional copies, we may require the payment of reasonable
fees to cover administrative costs.

B. Your right to restriction of processing

As a Data Subject, you have the right to restrict the processing of your Personal Data when
one the situation described below occur:

  • You contest the accuracy of a Personal Data. The restriction will apply for a period enabling us to verify the accuracy of this Personal Data;;
  • If we unlawfully proceed your Personal Data and you prefer to request a restriction instead of the erasure of this Personal Data;;
  • If we don’t need your Personal Data anymore for one of the purposes we defined in this Privacy Policy but you need it for the establishment, exercise or defense of legal claims;;
  • If you object to processing (explanation is just hereunder) pending the verification whether our legitimate grounds override yours.

When the restriction has ended, we shall immediately inform you.

C. Your right to object

There are two specific cases where you can object for your Personal Data to be processed.

Firstly, when we process Personal Data for direct marketing purpose (we shall ask your consent for that), you have the right to object at any time for your Personal Data to be
processed.

Secondly, you can object to the processing of your Personal Data for reasons linked to your specific situation if we based it on our legitimate interests. We shall no longer process your Personal Data in such a case unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or when we need it for the establishment, exercise or defense of legal claims.

D. Right to data portability

When we process your Personal Data on the basis of your consent or for the execution of a contract, you may ask us to send you your Personal Data in a structured and commonly used format.

When technically feasible, you may also ask us to directly transmit your Personal Data to another data controller.

E. Right to erasure (‘right to be forgotten’)

Finally, you have the ultimate right to be forgotten by us.

That means you have the right to obtain the erasure of your Personal Data without undue delay in the following specific situations:

  • If your Personal Data are no longer necessary in regard to the purposes for which we collected them;;
  • If we unlawfully processed your Personal Data;;
  • If you object to the processing and we have no overriding legitimate grounds for the processing;;
  • If we have to erase your Personal Data in order to comply with an European or Belgian legal obligation.

Also, you have the right to ask us to delete any of your Personal Data which, taking into consideration the purpose of the processing, would be incomplete or irrelevant or whose
registration, communication or storage would be prohibited, or, eventually, which has been retained beyond the necessary and authorized retention period.

F. How to exercise your rights?

It’s good to have rights but it’s better to know how you can request to enforce them!

a) Identification

To be able to help you, we’ll need to check that your request concerns your Personal Data.

For that purpose, we’ll ask you to send us a written request with a proof of your identity (ID card copy).

b) When shall we answer?

We’ll get back to you with our answer as soon as possible and within a month at the latest.

That period may be extended by two further months where necessary, taking into consideration the complexity and number of the requests. In such a case, we’ll inform you
about the reasons of the delay (it might be because the case is complex or because we have to process too many requests).

X. Complaints

If you wish to react to one of the practices described in this Privacy Policy, please contact us using the communication channel you prefer.

In case you want to lodge a complaint with the Data Protection Authority, you can also contact them:
Data Protection Authority
Rue de la Presse,
1000 Brussels
Phone : + 32 2 274 48
Fax :+ 32 2 274 48
contact@apd-gba.be

Obviously, if you think it’s necessary, you can also launch a legal action before the Civil Court of Brussels.

For further information on complaints and possible remedies, we advise you to consult all
information available on the Belgian Commission for the Protection of Privacy website:
https://www.dataprotectionauthority.be/

XI. Our contact details

For any question and / or complaint concerning this Privacy Policy, please contact us:

Shopally SA
7 rue de Livourne
1060 Brussels
Belgium

Email: contact@stellar.io

XII. Modification

We may change, modify or adapt the provisions of this Privacy Policy at any time. The changes will be applicable at the time of the publication on our website. As such, We advise you to consult the most recent version of this Privacy Policy.

XIII. Applicable and governing law

This Privacy Policy is governed by Belgian law.

French-­speaking courts of the judicial district of Brussels shall have the exclusive jurisdiction regarding any dispute relating to the interpretation or execution of this Privacy Policy.

Updated on 25/04/2023