If any aspect of this Privacy Policy is unclear, you can always request additional information via the following email address: [email protected].

1. WHAT IS QUIVR?

Quivr allows students to receive all information relevant to students in one App. The App contains your personal timetable, an excerpt of your friends’ timetables (if permitted), information about events and the possibility to buy tickets, information about purchased tickets, information about student restaurants, data on library occupancy, data on “fakbar” occupancy, information about internships and job vacancies, news provided by Veto and more. This service is offered by Student Innovations vzw through both a mobile app and a web app.

More information about our organization:

• Name: Student Innovations vzw (non-profit organization)
• Registered office: Celestijnenlaan 200A, box 4048, 3001 Leuven, Belgium
• Company number (KBO): 0561.923.869
• Email: [email protected]
• Website: https://studentinnovations.org/ and https://quivr.be/

2. OUR VISION ON PRIVACY

Your privacy is very important to Us. In line with this principle, We have designed this Privacy Policy to help you understand how We collect, transmit, share and use your data and how We protect your privacy when you use Our App and website, as described in Our Terms and Conditions.

3. AGREEMENT

Before continuing to read this Privacy Policy, We would like to draw your attention to the following:

• We recommend that you first carefully read Our Terms and Conditions.
• The legal basis for processing your data is the consent (Article 6(1)(a) GDPR) that you give to this Privacy Policy via a banner or a dedicated screen or application, prior to the processing of your data.
• For analytical purposes, however, We process pseudonymised data on the basis of a legitimate interest for the improvement of Our App (Article 6(1)(f) GDPR).
• Providing certain personal data is a necessary condition for entering into an agreement with Us (Article 6(1)(b) GDPR). If you prefer not to provide this data, it will not be possible to use Our Service or certain parts of it.

Our Service is intended for college and university students, who are generally older than 17 years. Under no circumstances do We intend to collect data from individuals under the age of 13. If you suspect that a User is under 13 years old, please contact us as soon as possible via [email protected].

4. DEFINITIONS

The following terms are capitalized in this Privacy Policy and should be understood accordingly:

• App: the mobile and/or web application (app.quivr.be and all subdomains) that provides the Service.
• Data: all information regarding the User We possess and/or use in accordance with section 5 (“What information do We collect about You?”)
• Friends Option: a setting that allows You to share Your timetable with friends.
• GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation”).
• Service (also “Quivr”): the provision of information relevant to students, such as Your personal timetable, an excerpt of Your friends’ timetables (if permitted), information about (relevant) events and the possibility to buy tickets, information about purchased tickets, information about student restaurants, data on library occupancy, data on “fakbar” occupancy, information about internships and job vacancies, and more. This Service is provided by Us through Our App.
• User (also “You” or “Your”): any person who uses the Service.
• We (also “Us” or “Our”): Student Innovations vzw

5. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

We will only collect Your Data to achieve Our purposes, unless We have obtained Your consent or are legally required to do so. Our purpose is to provide the Service to Users. Your data is essential for the normal functioning of the App.

We collect three categories of Data:

Information specifically provided by the User: all personal data specifically provided by the User, including but not limited to: last name, first name, email address, language, place of residence, educational institution, faculty, favourite library, favourite restaurant and Your own calendar entries.

Information automatically provided by the User: all personal data that You automatically provide, including but not limited to: user ID, browser type, IP address, number of login sessions, usage time, date of first use, date of last use, operating system including brand name and the type of computer, smartphone, or tablet, telecom provider, global settings, local region (no GPS coordinates) and information linked to events You clicked on or viewed (including, but not limited to, the event category, the organizer, the date and time of interactions and the number of interactions).

Information provided by the educational institution: all data about the User provided by the educational institution(s), necessary for Student Innovations vzw to allow Our Service to function properly, such as your timetable.

Note that the operating system of your mobile phone or computer may store other information when you use the App. Such storage is not related to Student Innovations vzw, and We therefore accept no responsibility for it.

6. HOW DO WE USE THE INFORMATION WE COLLECT ABOUT YOU?

The above Data allows Us to pursue Our statutory objective, namely making students’ lives more efficient by offering digital applications, making information more accessible, and promoting the use of open data. In addition, Your Data will be used for analytical purposes. We use Your Data solely for these purposes and for purposes that fall within reasonable expectations.

Specifically, Your Data is used to:

• Register Your account;
• Ensure the optimal functioning of Our Service;
• Conduct internal research;
• Display personal information such as announcements and information about activities, internships, and job vacancies;
• Recommend events relevant to You using artificial intelligence; and
• Personalize Your experience.

7. MAY WE SHARE YOUR DATA?

Without Your consent, We do not share any of Your Data with third parties. By sending or accepting the Friends Option, You agree to share the Data you designate (including, among other things, your timetable) with other Users when You add someone as a friend.

However, We may be required to disclose Data when We believe action is necessary to:

• Enforce this Privacy Policy;
• Comply with law enforcement;
• Respond to claims that violate the rights of third parties; or
• Protect the rights, property, or safety of Student Innovations vzw, its members, other Users and the public.

Analytical data enables Us to optimize Your user experience and improve Our Service. To achieve this, We share certain personal data with Datadog Inc.

Datadog Inc. receives only Your full name, email address and certain information automatically provided by the User, such as Your user ID, IP address and operating system including brand name and the type of computer, smartphone, or tablet.

Finally, Data may be transferred in the context of a legal transfer.

8. WHAT ARE YOUR RIGHTS?

In accordance with Articles 15 to 21 of the GDPR, You have a number of rights, listed below. You may obtain information from Us regarding:

• Whether or not Data concerning You is being processed;
• The purposes of the processing;
• The categories of Data concerned;
• The recipients or categories of recipients to whom the Data has been or will be disclosed;
• Where possible, the envisaged period for which the Data will be stored, or, if not possible, the criteria used to determine that period;
• The source of the Data, particularly where the Data is not collected from the data subject;
• The existence of the right to request rectification, erasure, restriction of processing, or to object to such processing;
• The right to lodge a complaint with the Data Protection Authority;
• The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR, and, in such cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

In addition, You may request Us to:

• Correct inaccurate Data;
• Delete Data concerning You;
• Restrict processing in one of the following situations:
  • If You contest the accuracy of the Data;
  • If the processing of Your Data is unlawful;
  • If We no longer need Your Data for the purposes of processing but You need it for the establishment, exercise, or defense of legal claims;
  • If You object to processing pursuant to Article 21(1) GDPR, pending the verification whether the legitimate grounds of the controller override Yours;
• Object to the processing of Your Data carried out on the basis of legitimate interest (this applies to data processing for analytical purposes);
• Object to the processing of Your Data for direct marketing purposes.

Furthermore, You may receive the personal data You have provided to Us in a structured, commonly used, and machine-readable format in order to transmit it to another service provider. This right is also known as the right to data portability.

However, this right to data portability applies only to data that You have explicitly provided to Us, including but not limited to: last name, first name, email address, language, place of residence, educational institution, faculty, favourite library, favourite restaurant, and Your own calendar entries. All data about You provided by an educational institution, such as Your timetable, does not fall under this right.

If You wish to exercise any of the rights described above, please send an email with your request to [email protected].

9. WHERE AND FOR HOW LONG DO WE STORE YOUR INFORMATION?

Your Data as a User is stored on servers within the European Union. However, We inform You that in order to provide an optimal Service, We use the services of various processors located in the United States (e.g. a service that logs software errors). For most of these services, however, We use a local database located within the European Union.

In accordance with Article 32 GDPR, We take all appropriate technical and organizational measures to ensure the security of Your Data. These measures include, but are not limited to, encrypting backups and hashing tokens.

If We discover a data breach that is likely to result in a high risk to Your rights and freedoms, We will inform You immediately.

Your Data is automatically deleted after one and a half years of inactivity. To prevent unintended deletion of Your account, You will receive a notification one month before Your Data is deleted. For practical reasons, backups containing your data may still be available after the aforementioned deletion. These backups are sufficiently encrypted. Moreover, backups older than two months are automatically deleted. A system is in place to ensure that, in the event of data recovery, Your Data is not restored to our production systems.

10. WHAT ABOUT THE COOKIES WE USE?

Our Cookie Policy can be consulted via the App or found via the footer of Our Website: https://quivr.be.

11. CHANGES TO THE PRIVACY POLICY

Student Innovations vzw reserves the right to amend this Privacy Policy in accordance with applicable privacy legislation.

If We make changes to the way We handle information, We will notify You via the App or through another form of communication (e.g. by email). Unless otherwise stated, Our current Privacy Policy applies to all information We have about You and Your account.

After any changes to the Privacy Policy have been implemented, Student Innovations vzw will ensure that the User can give clear and unambiguous consent to the changes where legally required, before continuing to use Our Services. If You object to any of the changes and no longer wish to use Our Services, You may delete Your profile and terminate the agreement as provided in Article 5 of the Terms and Conditions.

12. SEVERABILITY CLAUSE

If any part of this Privacy Policy is invalid or unenforceable, this shall not affect the validity or enforceability of the remaining parts of this Privacy Policy, which shall remain in full force and effect.

13. HOW CAN YOU CONTACT US?

If you have any questions or comments, you can always contact Us via [email protected] or [email protected].