Version 12-7-2023 – for latest version check against this link.
- WHO IS RESPONSIBLE FOR THE PROCESSING OF (PERSONAL) DATA?
Civinc is an online discussion platform of Civinc B.V. (hereinafter “Civinc”), located at Tweede van der Helststraat 89h, 1073 AN Amsterdam. Civinc is active in the field of digital innovation.
We attach great importance to your privacy and the protection of personal data. That is why the use if Civinc is entirely voluntary and why we process your data anonymously to the extent possible. Below we will elaborate on this.
On the Civinc platform you can have conversations with people who have a different opinion about certain topics. By responding to statements and questions we match participants based on a different perspective in one-on-one chats. We refer to the application with which we make it possible to conduct these conversations hereinafter “the platform”. We organize a Civinc session together with a participating organization (hereafter “customer”), with which we determine the theme and formulate the statements and questions. The aggregated responses to statements as well as the answers to closed and open questions will be shared with the customer in the form of a report. That also applies to an automated analysis of the content of the chat conversations by way of Artificial Intelligence (AI), based on which we can distill insight into the sentiment regarding the discussed themes amongst participants.
We never ask you for your name and cannot make a connection between the data that we gather and the data that can directly identify you, such as your name or contact details. We will never share any data with customers that can directly identify you, such as your name, contact details or the content of chat conversations. We do not read the chat conversations. In chapter 7 we elaborate on this.
All personal data is collected, processed and secured in accordance with the General Data Protection Regulation (“GDPR”). Civinc is responsible for the processing operations listed below under the GDPR.
2 HOW CAN YOU GET IN TOUCH?
If you have any questions about this privacy statement, you can send an e-mail to hello@civinc.co, or by post to Civinc, attn. privacy contact person, Tweede van der Helststraat 89h, 1073 AN Amsterdam.
3 FROM WHOM DO WE PROCESS (PERSONAL) DATA?
We process the data of persons who use the Civinc platform and persons who contact us via email or social media. We do not save/store personal data but process it to enable the necessary functions of the platform. We only store data that cannot be directly traced back to you and are therefore anonymous, with the exception for when you choose to explicitly share personal details in direct communication or (feedback) forms, such as but not limited to your name and e-mail address.
4 WHAT DATA DO WE PROCESS?
Below is an overview of the categories of data that we process:
| Categories of (personal) data | Examples |
| Data that says something about the use of the platform | That you use the platform The type of equipment you use The operating system you are using The internet browser you use The start time of the conversation and the time of end of the conversation The time of starting individual conversations with partners and the time of ending these individual conversations Information collected by means of cookies (see also article 5 and the Appendix) User ID: This is a number assigned to you as a user of the platformYour answers to statements and questions The number of messages sent between participants The content of the conversation (for a maximum of 48 hours after session ends, solely to run necessary data analysis) The duration of the chats Number of likes distributed and received Number of conversation partners Who proposes to switch position/partner Your answers to the questions before and/or after the conversations Whether you have reported your conversation partner |
| Communication and contact | (E-mail-)correspondence |
| Public messages about Civinc you leave on the internet | Messages on social media |
5 HOW DO WE GET YOUR PERSONAL DATA?
We receive part of the data because you provide it to us when you use the platform. We receive another part of your data because you communicate with us.
If you follow Civinc on social media or interact with or about Civinc on social media, we may gain access to some of your public profile information. If you share information about Civinc via social media, your data may become visible via those social media. Civinc itself also follows social media channels and in this way can access data about you on social media.
Some data is collected using cookies and similar techniques. Cookies are small text files that are stored on your computer, smartphone or other device when you visit our website. Cookies help us to operate and analyze the website. Cookies can remember data from your previous visit to our website so that the site works better and shows more relevant information for you.
A complete overview of the cookies we use can be found in the Appendix. We only use the analytical cookies of Google Analytics. We have set these cookies in a privacy-friendly manner, in accordance with the manual of the Dutch Data Protection Authority (AVG).
6 FOR WHAT PURPOSES DO WE COLLECT YOUR DATA AND ON WHAT BASIS?
| Goal & purpose | Examples |
| To enable (desired) use of the platform Basis: Execute agreement | To match you to a conversation partner To start the chat session. |
| To obtain insight into the sentiment and ideas of participants Basis: Legitimate interest We and our customer have a legitimate interest in being able to interpret the use of the platform and the opinions that are expressed and cannot be retraced to an individual | To give insights into the aggregated responses to statements of users To give insight into the responses of users to survey questions To give automated insights into the aggregated sentiment and dynamics of the conversations by use of natural language processing |
| To improve our services Basis: Legitimate interest We have a legitimate interest to improve our platform | To obtain insight into how the platform is being used (e.g. which elements are being used often/rarely) To obtain insight into how the use of the platform is being experienced |
| To ensure the security and stability of IT systems and secure the platform Basis: Legitimate interest We and the users of the platform have a legitimate interest in securing our IT systems and the platform. | Monitoring IT systems. To conduct internal audits and investigations. To adequately secure the platform and user data. |
| To combat unlawful and/or punishable acts via the platform Basis: Complying with legal obligations resting on us and/or Legitimate interest We and third parties have a legitimate interest in being able to combat unlawful or criminal acts. | To investigate unlawful and/or criminal acts To provide data to third parties if we are obliged to do so. |
7 ANONYMIZATION AND FEEDBACK
What do we know of you?
We process your data in order to be able to analyze the prevailing sentiment within the organization of the customer – how participant feel about certain topics. As mentioned before we primarily process 1) the responses of users to statements and the responses to closed and open questions, and 2) the content of the chat conversations. This data is only connected to a random thread of numbers and letters (such as SDFJ8234SEDh2489). We never connect this data to a name, emailadress, telephone number or other data point that is directly linked to you. In effect we are unable to make such a connection in the first place.
It is possible to share information in the open text fields and/or the conversations that could identify you. We discourage to share such information. But even if you do decide to share this: we do not read the chat conversations and we do not share them with our customer. We do share the responses to statements from users and the responses to closed and open questions. The extent to which this data says something about the user is very limited, and this data is grouped per statement or question.
How do we analyze your data?
The content of the chat conversations can be shared with OpenAI, a company that provides Artificial Intelligence (AI) software in the field of natural language processing. With use of OpenAI we are able to analyze the sentiment of the chats, without having to read them. The relevant parts of conversations are uncoupled from the broader context in which the session takes place. OpenAI as such does not receive the complete context of these conversations.
If we make use of this technology then we communicate this at the start of your session. The content of the conversations will never be used to train the language models of OpenAI and/or be used for other purposes than those outlined in this document.
The responses to statements of users and the reactions to closed and open statements we analyze ourselves. We do this i.a. to develop a better sense of the prevailing sentiment around certain themes and to be able to verify this.
Which data do we share with the customer?
Your data will only be used at an aggregated level to compile a generic report that allows the customer to obtain a better understanding of the sentiment within the organization regarding a certain theme. We also visualize this in the form of a dashboard. In the report we share with the customer the responses to statements and closed and open questions. This data only to a very limited extent tells something about the user and is grouped per statement or question. The customer will never see or obtain the content of the chat conversations. The customer also does not know which people within their organization have made use of the platform.
Which data do we store?
The content of the chat session is only read by the relevant conversation partners, and we delete these chats permanently within 48 hours after the end of the conversation. OpenAI maintains their own retention periods, which we cannot control or influence.
We store the responses to statements and the responses to closed and open questions for a longer period of time. This data helps us to verify our analyses and improve our service.
More information on the retention periods is found below.
8 TO WHOM DO WE PROVIDE PERSONAL DATA?
We will share your answer(s) to the statement(s) and any other information you have provided at onboarding (such as group) with your conversation partner before the chat session starts.
In addition, we may use the services of third parties to process your data in accordance with this privacy and cookie statement. We have concluded a processing agreement with third parties that act as processor for us, which includes, among other things, that they will only process data on our behalf.
9 DO WE TRANSFER PERSONAL DATA TO OTHER COUNTRIES?
We may use third party services to process your data in accordance with this privacy and cookie statement. These parties can be located outside the European Economic Area (EEA). Your personal data will only be processed or stored by us or relevant third parties when this is compliant with existing regulations pertaining to the transfer of personal data to countries outside of the EEA. This means that we will only share your personal data to countries outside of the EEA if and when the European Commission has decided that the third country in question maintains an adequate level of protection, or that other relevant adequate measures are in place. Further information and/or a copy of the agreement concluded in this context can be obtained by sending an email to hello@civinc.co.
10 HoW LONG DO WE STORE YOUR DATA?
Your data will not be kept longer than we need it for the purposes for which it is collected or processed. Civinc uses the following retention periods, depending on the purpose and category of data:
– We do store the content of the chat sessions temporarily with an identifier. The chat in which you are active is temporarily encrypted on the server. This way we can restore your chat if, for example, you (accidentally) refresh the page. All chat content will be deleted within 48 hours after each session. Chat meta-data will be stored as outlined in paragraph 2 and 6.
– We store the general session statistics, responses to statements and (closed and open) questions for a period of three years, in order to be able to verify and substantiate analyses from relevant reporting to customers, and to conduct these again if necessary.
– We do not store your IP address.
11 WHAT HAPPENS IN THE EVENT OF THE TRANSFER OF THE COMPANY?
In the future, one or more parts or assets of Civinc may be transferred to a third party or Civinc may merge with a third party. In that case, your personal data may be transferred to this third party.
12 WHAT ARE YOUR RIGHTS?
You have a number of rights with regard to the processing of your data (see below). If you want more information about this or if you want to exercise one of these rights, please contact us via the contact details mentioned under article 2. We will respond to your request as soon as possible.
● Right to withdraw your consent;
● Right of access;
● Right to rectification;
● Right to erasure;
● Right to restriction of processing;
● Right to data portability;
● Right to object to processing;
● Right to object to direct marketing;
● Right to object and human intervention in automatic decisions;
● Right to make a complaint. This can be done at Civinc via hello@civinc.co or at the Dutch Data Protection Authority.
13 AMENDMENTS
We may change our privacy and cookie statement from time to time. This is possible, for example, if there are new data processing operations or in connection with developments in technology or regulations. If necessary, we will inform you of this when you use the platform. If necessary, we will ask for your permission for a changed or new processing.
ATTACHMENT: COOKIES OVERVIEW
The table below shows an overview of the cookies we use, including the purposes for which they are used and the third parties involved:
1. Statistics
Statistical cookies help website owners understand how visitors use their website by collecting and reporting data. Where possible, the data is anonymized or pseudonymised.
| Name | Provider | Purpose | Expiration date | Type |
| Google analytics | Analytics (improving website, analysis) | 2 years | Third party |
