fbpx
early access
early access

Accountable Privacy Policy

Privacy Policy

This privacy policy governs the collection, storage and use of personal data collected by us, Accountable, through Accountable’s mobile app (“Accountable App“) and the accounting and tax advisory services offered by Accountable Services (“the Tax and Accounting Services”).

It provides you as a User, aged 18 or over (“You” or the “User”) with details about the personal data we collect from you, how and why we use your personal data and your rights to control personal data we hold about you. Please read this privacy policy carefully. If you do not agree to this privacy policy in its entirety, you must refrain from using the Accountable App.

This privacy policy was last updated on [9-10-2018]. Please check back regularly to keep informed of updates to this privacy policy.

1. Who we are

Accountable S.A. is a company registered under Belgian law with registration number 0682.763.303, having its registered seat at 22, Drève des Weigelias, 1170 Brussels, Belgium. Accountable Services S.P.R.L. SC is a company registered under Belgian law with registration number 0692.636.616, having its registered seat at 22, Drève des Weigelias, 1170 Brussels, Belgium (hereafter referred to as Accountable Services) and is performing civil activities of chartered accountants and tax advisors in accordance with the law of 22 April 1999 on the professions of accounting and tax advisory. Both companies are hereafter denominated as “Accountable” or “We”.

We respect your right to privacy and will only process personal information you provide to us in accordance with applicable data protection laws, which include (i) the Belgian Act of 8 December 1992 on the protection of privacy in relation to the processing of personal data (BDPA), and as will be replaced by the General Data Protection Regulation (Regulation 2016/679) on 25 May 2018 (“GDPR”); and (ii) other applicable privacy laws (together the ‘Data Protection laws’).

Accountable acts as a data ‘controller’ under the Data Protection laws and as such Accountable is responsible for the collection, storage and use of your personal data.

If You have any questions about how we collect, store and use your personal data, or if You have any other privacy-related questions, please contact us by any of the following means:

e-mail: compliance@getaccountable.eu

We do not and will not knowingly collect information from any unsupervised child under the age of 18. If you are under the age of 18, you may not use the Accountable Application.

2. The personal data we collect about You

When You register, access, log-into, browse and use the Accountable App, we may collect the following information from You:

Identity data Applicable to
Full name (first and last name) All users
E-mail Address All users
(facultative) Telephone number Users willing to share their phone numbers on their sales invoice
(facultative) National Registry Number Users that register as new self-employed workers to the Belgian authorities through Accountable
Date of birth Users that register as new self-employed workers to the Belgian authorities through Accountable
Home address Users that register as new self-employed workers to the Belgian authorities through Accountable
Work address Users that register as new self-employed workers to the Belgian authorities through Accountable or create sales invoices in app

The above personal data is directly obtained from You when registering on the Accountable Application or on the Site.

Professional and financial data Applicable to
Legal status (SPRL/BVBA, a natural person subject to VAT, etc.) All users
VAT or company registration number Users that are a client of the service, or submit their VAT statement through the app, or create sales invoices in app
Professional bank details Users that register as new self-employed workers to the Belgian authorities through Accountable or create sales invoices in app
Activity type Users that register as new self-employed workers to the Belgian authorities through Accountable

The above personal data is directly obtained from You by entering it into the Accountable Application.

Security data and mandates Applicable to
A picture of Your identity card in order to create the accounting mandate Users that register as new self-employed workers to the Belgian authorities through Accountable or opt for using the “fully managed” service offering Tax and Accounting Services
Tax-on-web mandate to the accountant in order to allow Accountable to submit tax and VATstate returns Users that opt for using the “fully managed” service offering Tax and Accounting Services
Payment data Applicable to
(facultative) Bank balances All users that connect their bank accounts
(facultative) Current account transactions All users that connect their bank accounts
(facultative) Credit card transactions (where possible) All users that connect their bank accounts

3. How and why we may store and use your information

Accountable (or third party data processors acting on our behalf) may collect, store and use your personal information listed above for the following purposes, listed below.

3.1 Legal obligation

Accountable is bound by a number of legal and regulatory obligations that require the processing of your personal data. These obligations may imply that Accountable collaborates with the relevant authorities and/or with third parties and, where appropriate, provides them with some of your data in light of:

  • the obligation to respond to the official requests of the various competent authorities (for example in the field of data protection, consumer protection, etc.), whether Belgian or foreign; and
  • the obligation to respond to requests from Belgian or foreign judicial authorities;

Accountable collects certain personal data that it obtains from You in order to comply with legal taxing obligations as mandated by you for providing you with the Tax and Accounting services.

3.2 Use of the Application App

Accountable collects some personal data from You to make the Accountable Application available to You and to provide you with content which is tailored to your individual situation. Specifically to:

  • assist you in the online registration process, in providing information about our services and terms of use;
  • the management of your user account;
  • provide you with the services relating to the Accountable Application that you request, in particular, to capture and assess transactions in order to manage your accounting and tax obligations as requested;
  • answer your questions and requests;

3.3 Legitimate interests

Accountable also processes your data for the realization of its legitimate interests. To that end, Accountable strives to maintain a balance between the need to process data and respect for your rights and freedoms, including the protection of privacy.

Your data is processed for:

  • the retaining of evidence (archiving);
  • the operation, evaluation and improvement of the quality of services rendered to users;
  • the management of our communications with you;
  • facilitate the functionality of the Application and the Site;
  • the preparation of studies, models (risk, marketing and others) and statistics, using techniques of anonymisation and/or pseudonymisation of the persons concerned;
  • the use of cookies to improve the Application and the Site (see Cookie policy);
  • the recognition, exercise, defense and preservation of Accountable’s rights;

3.4 Direct Marketing

  • [where you have given us your consent, to contact You (including by SMS and e-mail) with products and services which we think may interest You; and
  • [where you have given us your consent, to disclose your personal information to carefully chosen third parties so that they may contact You (including by SMS and e-mail) with products and services which they think may interest You.]

Accountable perfectly understands that sharing access to professional bank transactions and, in some cases, bank credentials, while necessary for the performance of the services, needs to be handled with care.

Apart from a legal basis, in a true effort of transparency, we set up a strong and explicit consent management workflow, built directly in the application: during the sign-up, the user is presented with a screen that explicit what is required from him, for which purpose and what are the policies in place to protect his data.

Here are a few examples of how We deliver such screens:

 

Consent Management

We will not disclose, sell or rent your personal information to any third party unless you have consented to this. If you do consent but later change your mind, you may contact us and we will cease any such activity.

4. Data Subjects rights

As a user of the Accountable Application and processing of your data, you have the following rights:

  • the right to ask us to provide you with copies of personal information that we hold about you at any time;
  • the right to ask us to update and correct any out-of-date or incorrect personal information that we hold about you free of charge;
  • where the processing is based on your consent, the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • the right to erasure where the conditions of article 17 of the GDPR have been met;
  • the right to a restriction of processing where the conditions of article 18 of the GDPR have been met;
  • the right to data portability insofar the conditions of article 20 GDPR apply to You;
  • the right to object to the processing of personal data concerning you where the conditions of article 21 GDPR have been met;
  • the right to lodge a complaint with a supervisory authority; and
  • the right to opt out, at first request and free of charge, of any direct marketing communications that we (or any third party to whom we have disclosed your personal information with your consent) may send you.

If You wish to exercise any of the above rights, please write to us (either by post or by e-mail) at the address specified above including a supporting identity document to allows us to validate and treat your request.

Finally, You also have the right to lodge a complaint with the competent supervisory authority, the Data Protection Authority, either by mail at the Rue de la Presse 35, 1000 Brussels or by e-mail at commission @ privacycommission.be or by phone at +32 2 274 48 00).

5. How long does Accountable retain your personal data?

In accordance with the principles set out below, we will delete personal data once it is no longer required to fulfil the purposes outlined in this Privacy Policy, unless their retention would remain required for other fundamental purposes, including but not limited to complying with our legal obligations, handling claims and resolving disputes.

For the retention period of any cookies used on this Website we refer to our Cookie Policy, which can be accessed through the following link: [please include hyperlink];

Cookies

For further information on the cookies used in connection with the Website, we refer to our Cookie Policy, accessible via this link: [insert hyperlink].

Security

Accountable has taken appropriate technical and organisational measures to safeguard the personal information that you provide us with, against unauthorized or unlawful processing and against accidental destruction, loss or damage.

Measures currently in place include:

  • Sensitive payment data is stored on protected servers located in France and backups are encrypted with GPG. Access to this data is limited to 2 trusted system administrators and their access to this data is continuously monitored. Trusted system administrators access the production system by authenticating via SSH, using a private key protected by a passphrase.
  • Customers access their information via the Accountable mobile application. The application allows customers to consult their bank statements and connects to the backend application over HTTPS.

Data breaches are detected by an array of potential triggers:

  • Customer complaint, as described in the previous chapter.
  • Abnormal activity, identified by log monitoring solutions

In case of breach, all credentials are revoked and renewed, including:

  • mobile application authentication tokens
  • database authentication credentials
  • system administrator authentication credentials
  • backup encryption keys if required