StingMapper Privacy Policy

Purpose

We process your data in order to enable the use of the Application’s features, enabling the reporting of traps or nests.

This processing also includes the sharing of certain data with relevant stakeholders (such as professionals or public authorities) in order to enable the handling and eradication of reported nests and to allow them to contact the reporting User where necessary.

Data sharing does not include data that would enable other stakeholders to identify you.

Legal basis

The processing of this data is necessary for the performance of the contract binding us (Article 6(1)(b) GDPR). Without this data, we cannot provide you with the Services.

The processing also relies on our legitimate interest (Article 6(1)(f) GDPR) in ensuring the proper functioning of our Services.

Categories of data

This includes your e-mail address, the location of the reported nest or trap (which may correspond to a private property), photographs submitted as part of the report, and any personal data contained in comments or observations.

Your email address will not be visible to the other Users.

Retention period

The data will be deleted 10 years after the closure of your Account.

Recipients

Your data may be communicated to our technical service providers and subcontractors (IT service providers, hosting providers).

Purpose

We process the data of professional Users offering eradication services in order to enable their identification and to facilitate their contact by Users or public authorities in connection with reported nests.

Legal basis

The processing of this data is necessary for the performance of the contract binding us (Article 6(1)(b) GDPR). Without this data, we cannot provide you with the Services.

Categories of data

This includes professional data such as name, company name, business registration number (where applicable), VAT number, postal address, e-mail address, phone number and website.

Retention period

The data will be deleted 10 years after the closure of the Account, except in case of legal obligation to keep the data for a longer period.

The data may also be deleted at the request of the data subject by sending a request to the following address: contact@stingmapper.com.

Recipients

Your data are collected for the purpose of informing the Users of your services. Your data may therefore be available for other Users.

Your data may also be communicated to our technical service providers and subcontractors (IT service providers, hosting providers).

Purpose

We process certain data relating to beekeeper Users in order to send them alerts when a hornet nest is reported within a predefined geographical perimeter around their beehives.

Legal basis

This processing is necessary for the performance of the contract (Article 6(1)(b) GDPR), as it enables a key feature of the Services.

Categories of data

This includes identification data (name, surname, e-mail address) and the location of the beehives.

Retention period

The data will be deleted 10 years after the closure of your Account.

Recipients

Your data may be communicated to our technical service providers and subcontractors (IT service providers, hosting providers).

Purpose

If you have created an Account to access our Services, we may process your data in order to inform you about our Services and their updates.

Legal basis

These data are processed on the basis of our legitimate interest in promoting our services to Users (Article 6(1)(f) GDPR).

Categories of data

Your name, surname and e-mail address (or postal address where applicable).

Retention period

The data are processed as long as your Account remains alive and 3 years after its closure, until you request that we stop sending you information communications.

Recipients

Your data may be communicated to our service providers and subcontractors (IT providers, email marketing or mailing providers).

Purpose

We may process certain data in order to analyse the use of our Services, improve the features of the Application/Portal and develop statistical insights relating to the monitoring of invasive species.

Legal basis

These data are processed on the basis of our legitimate interest in promoting our services to users of our services (Article 6(1)(f) GDPR).

Categories of data

This may include anonymised or aggregated data relating to the use of the application, reports submitted, geographic distribution of observations and other usage statistics.

Retention period

The data are processed as long as your Account remains alive and 3 years after its closure, until you request that we stop sending you information communications.

Recipients

Your data may be communicated to our service providers and subcontractors (IT providers, analytics providers, statistical service providers, or mailing providers).

Purpose

We may process your data in order to defend our interests in court in the context of potential disputes.

Legal basis

These data are processed on the basis of our legitimate interest in defending our interests (Article 6(1)(f) GDPR).

Processing of sensitive data may also be necessary for the establishment, exercise or defence against legal claims (Article 9(2)(f) GDPR).

Categories of data

This may include your name, surname, profession, domicile or residence, phone, email address, date and place of birth, bank account number, credentials, passwords, log data, emails, etc.

Retention period

The data are processed for 10 years after the closure of your Account.

Recipients

Your data may be communicated to our lawyer, the other parties or their lawyers, courts, experts, technical advisers, notaries, mediators, arbitrators or bailiffs, banking or insurance institutions, or legal aid offices.

They may also be communicated to our service providers (IT providers, accountants).

Purpose

We process your data to ensure efficient management of our customer relationship and to respond to all your questions, complaints or requests.

This includes receiving, recording, processing and monitoring complaints (for example regarding subscriptions).

It also includes the management of support services and customer assistance.

Finally, this processing allows us to respond to your requests, including when you exercise your rights under the GDPR.

Legal basis

The processing relies on several legal bases.

It may first derive from the performance of the contract binding us (Article 6(1)(b) GDPR), particularly when your request relates directly to one of our Services.

It also relies on our legitimate interest (Article 6(1)(f) GDPR) in maintaining a quality business relationship, improving our services and defending our interests where necessary.

Finally, the processing may be based on compliance with legal obligations (Article 6(1)(c) GDPR), in particular when responding to requests concerning the exercise of your rights under the GDPR.

Categories of data

The data processed vary depending on the request or complaint but generally include information necessary to identify you, contact you and process your request.

This may include your identification data (name and surname), contact details (email address, phone number), and the information contained in your correspondence or complaints.

Retention period

These data are retained for the time necessary to process the request and generally for 10 years following the closure of your Account, notably for administrative obligations and potential disputes. In case of dispute, the data shall be processed until the final resolution of the dispute and 10 years after a settlement.

Recipients

Your data may be communicated to our service providers and subcontractors (such as IT providers or hosting providers).

Where necessary for the defence of our interests, they may also be communicated to our lawyer, courts or other parties involved in a dispute and/or in the claim management process (bailiff, experts, debt collectors…).

Purpose

We process certain data relating to your connections to the Services in order to ensure the security and integrity of our Services.

This processing aims to ensure secure access management and analyse security logs in order to investigate potential IT incidents or abuse.

It also allows us to protect the operated IT infrastructure and identify devices connecting to it.

Legal basis

This processing is based on our legitimate interest (Article 6(1)(f) GDPR) in ensuring the security of our networks, IT systems and Services.

Categories of data

The processed data may include:

-        security logs and VPN connection data;

-        identifiers, passwords and IP address;

-        incoming and outgoing network traffic and timestamps (firewall logs).

Retention period

The data relating to the security of the digital infrastructure are not directly stored by the Provider on its own servers.

These data are retained for the duration necessary to achieve the security purposes pursued, in accordance with Cloudflare’s data retention policies.

Cloudflare determines the applicable retention periods based on several criteria, including the nature of the data, the purpose of processing, legal obligations and security requirements.

For more information on Cloudflare’s data processing and retention practices, Users may consult: Cloudflare's Privacy Policy | Cloudflare.

Recipients

Connection data and logs may be communicated to our service providers and subcontractors (such as IT providers or hosting providers).

More specifically, the data are processed by our technical service provider Cloudflare, which acts as a processor for the purpose of ensuring the security, performance and integrity of the Services (including protection against malicious traffic and cyberattacks).

Purpose

We process your data in order to create, manage and administer your User account and to allow you to access the Services.

This includes in particular: account creation, allocation of credentials and management of your access rights; activation, deactivation or modification of your user rights; updating your profile information; etc.

Legal basis

The processing of this data is necessary for the performance of the contract binding us (Article 6(1)(b) GDPR). Without this data, we cannot provide you with our Services.

The processing also relies on our legitimate interest (Article 6(1)(f) GDPR) in ensuring proper and secure management of user accounts.

Categories of data

This includes identification data of registered Users such as account credentials and login information (in partic. email address, first name and surname; the password is encrypted) and any data relating to your access rights to the Services. This also includes contact details such as name, date of birth, and phone number.

Retention period

The data will be deleted 10 years after the closure of your Account.

Recipients

Your data may be communicated to our technical service providers and subcontractors (IT service providers, hosting providers), in order to ensure the proper delivery of the Services.

Purpose

The data you provide are processed in order to ensure administrative management as well as the accounting and tax management of your Subscription and related Services (including potential refund requests).

Legal basis

The processing of these data is necessary for the performance of the contract binding us (Article 6(1)(b) GDPR), in particular for billing our fees and notifying you of changes to our terms and conditions or to this Privacy Policy (including new processing purposes).

The processing is also necessary to comply with our legal obligations, particularly under the Belgian Code of Economic Law and VAT legislation relating to tax and accounting obligations (Article 6(1)(c) GDPR).

Categories of data

This includes identification data of subscribed professional Users (name, surname, e-mail address, postal address, phone number, VAT number), invoices issued and payments, and financial data (bank details, account number).

Retention period

The data are processed for until the expiry of a 10 years period from the closure of your Account, except if legal obligations impose to keep data for a longer period.

Recipients

These data may be communicated to the public authorities in charge of tax collection.

They may also be communicated to our service providers and subcontractors (IT service providers, specialised professionals involved, accountants, auditors).

Purpose

We use cookies on www.stingmapper.com.

For more information about the purposes of the cookies used, please consult our Cookie Policy.

Legal basis

Technically necessary and functional cookies: necessary for the performance of the service (Article 6(1)(b) GDPR).

Other cookies: the use of third-party cookies, for which the Provider acts as joint controller, is subject to your prior consent (Article 6(1)(a) GDPR).

You may refuse the installation of these cookies on your device. Access to our website will not be denied, but certain functionalities may not be available.

Categories of data

Cookies placed on your device (see our Cookie Policy available here: Cookie Policy | StingMapper) and proof of your consent to the use of third-party cookies.

Retention period

Cookies generally have an expiration date. Some cookies are automatically deleted when you close your browser (session cookies), while others remain on your device until you delete them manually (persistent cookies).

For more information about their retention period, please consult our Cookie Policy.

Recipients

-           Google Analytics

Your data may also be communicated to our service providers and subcontractors (IT providers, hosting providers).