Back
Updated as of 11 March 2024
This Privacy Statement is applicable to the processing of personal data in the context of:
For interactions or engagements with Prosus, please refer to the Prosus Privacy Statement available at www.prosus.com/privacy
Use of the Toqan is also subject, as applicable, to the Toqan Services Agreement or other terms governing the use of Toqan in your organization, as well as the Toqan Fair Use Policy.
MIH AI BV, a company of the Prosus Group, is the controller responsible for processing of personal data collected as a part of the engagements described in Section 1 above. This Privacy Statement provides you with the information on what personal data we may collect, for which purposes and under which legal grounds, as well as whom may have access to your personal data.
We collect your personal data:
3.1. For the technical and functional management of the Toqan Website.
I. What does this purpose entail?
When you visit the Toqan Website, our website administrators process technical data linked to the use of the Toqan Website to enable us to deliver its functionalities. This enables our Website’s administrators to better manage the website; for instance by resolving technical difficulties or by improving the accessibility of certain parts of the Website. This way, we ensure that you can (continue to) find the information on the Toqan Website in a quick and simple manner. We also use cookies to support these technical aspects of our Website (for more information please consult our Cookie Notice).
Please note that we do not sell or otherwise monetize your personal data collected as part of your visit to the Toqan Website.
You have the option to reject all cookies except for those which are necessary to run the Toqan Website.
II. On what legal ground do we process this personal data?
We process your personal data on the basis of our legitimate interest to provide you information on Toqan through our website in the most efficient and seamless manner.
III. Which personal data do we process for this purpose?
We process technical data like the IP-address of the device you use to access this website, the webpages you visit, the internet browser you use, previous/next visited Websites, the duration of a session and your country when landing on the Toqan Website.
IV. For what period do we retain your personal data for this purpose?
We retain technical data for different periods of time depending on which cookie is used. Please refer to our Cookie Notice for information on the different cookies and their corresponding retention periods.
3.2. To operate, maintain and improve Toqan.
I. What does this purpose entail?
When you use the Toqan, we process your personal data for the following purposes:
We shall not be processing your personal data in the context of Toqan for any personalized advertising.
II. On what legal ground do we process personal data for this purpose?
We process your personal data whilst using Toqan either (i) for the performance of the Toqan Services Agreement (performance of a contract) to the extent the processing is indispensable to enable your access and use of Toqan; (ii) based on our legitimate interest to monitor, evaluate and improve Toqan; (iii) to comply with applicable legal obligations and/or enforceable governmental requests.
III. Which personal data do we process for this purpose?
We process the following categories of personal data in the context of your use of Toqan:
3.3 To protect Toqan Website from fraud and to enforce Toqan Website Terms of Use
I. What does this purpose entail?
We process your personal data to monitor whether your visits to the Toqan Website comply with the Terms of Use.
II. On what legal ground do we process this personal data?
We process your personal data based on our legitimate interest to protect the Toqan Website.
III. Which personal data do we process for this purpose?
We process technical data such as the IP-address of the device you use to access the websites, the webpages you visit, the internet browser you use, previous/next visited websites, the duration of a session and the country when landing on the Toqan Website.
IV. For what period do we retain your personal data for this purpose?
We retain technical data for different time periods depending on which cookie is used. Please see our Cookie Notice for the different cookies and corresponding retention periods.
3.4 To manage our relationship with the Toqan customers
I. What does this purpose entail?
We process personal data to manage our relationship with Toqan customers and to complete due diligence processes when required. This purpose only relates to designated representatives of Toqan customers only.
II. On what legal ground do we process this personal data?
We process personal data to comply with applicable legal obligations with regard to the due diligence process. If you are a representative of a Toqan customer, your personal data is required for the performance of a contract with us.
III. Which personal data do we process for this purpose?
We may process your contact details, such as your (business) e-mail address, department, company/home address and your (business) phone number. We may also process Information from trade registers and other public/private sources regarding your business activity.
IV. For what period do we retain your personal data for this purpose?
For Personal Data that we collect and process for these purposes, we will typically retain such Personal Data for as long as it is necessary to comply with our obligations with regard to customer due diligence and tax and accounting requirements.
3.5 To organise events and other engagements with you
I. What does this purpose entail?
We process your personal data to enable your attendance in events that we organise or co-organise with regard to Toqan or other tools/projects such as hackathons and conferences.
II. On what legal ground do we process this personal data?
We process your personal data based on our legitimate interest to organise or co-organise events related to our activities. For events that may involve the collection of special categories of data (for instance regarding your dietary restrictions), we shall collect such information only with your consent.
III. Which personal data do we process for this purpose?
Depending on the nature of the event we may collect your name, gender, (business) e-mail, business contact details, affiliation and position. If the organisation of the event requires such data, we may collect information about your dietary preferences and/or restrictions as well as information regarding your disability only if this required to enable your attendance in the event.
IV. For what period do we retain your personal data for this purpose?
If your participation in the event is part of your continuous engagement with us, we shall retain your contact information and the details of your participation in the event. Otherwise, we will remove the information upon completion of the event.
4.1 Access to your personal data within Prosus Group
As a global company, data we collect may be transferred internationally (also outside the European Economic Area) across our organisation. Your personal data may be exchanged within the group of companies to which Prosus belongs, including its affiliates, subsidiaries and parent companies, which you can view here. Such international transfers shall take place in accordance with applicable data privacy requirements, particularly in conformity with the European Commission Standard Contractual Clauses (SCCs) (for more information on SCCs please read here), when data is transferred to a jurisdiction which does not have an adequate level of data protection as mandated under the GDPR. You may request access to our SCCs, by contacting us at privacy@prosus.com
Employees in the group are authorized to access your personal data only to the extent necessary to serve the applicable purposes we describe above and to perform their jobs.
4.2 Access to your personal data by our suppliers
If the nature of services provided by our suppliers requires access to your personal data, we will take the appropriate contractual, technical and organisational measures to ensure that your personal data is only processed to the extent that such processing is necessary for the provision of such services.
If such third parties act under our instructions (as data processors), we enter into an agreement with such a data processor and include obligations to ensure that your personal data is processed by the data processor solely to provide products or services to us.
In particular, the following categories of third parties may have access to your personal data:
In the context of use of Toqan:
In the context of Toqan Website:
If your personal data needs to be transferred internationally to a recipient in a country that does not provide an adequate level of protection for personal data under the terms of the European Union General Data Protection Regulation (GDPR), we will take appropriate measures to ensure that your personal data remains adequately protected, in particular through entering into the European Commission Standard Contractual Clauses (SCCs) (for more information on SCCs please read here). You may request access to our SCCs, by contacting us at privacy@prosus.com
4.3. Access to your personal data by other third parties
We may share your personal data if it is required by applicable law or agreement, legal process or a binding governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
We have taken adequate safeguards to ensure the confidentiality and security of your personal data. We have implemented appropriate technical, physical and organisational measures to protect personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access as well as all other forms of unlawful processing (including, but not limited to, unnecessary collection) or further processing. For further information on our technical and organizational measures, please contact privacy@prosus.com
The Toqan Website uses cookies. A cookie is a small text file that we send to your internet browser which enables us to recognise your browser when you return. Cookies can collect data on the use of the website such as which pages are visited and the duration of a user session. When you use the website, the cookie sends data to Prosus. You have the option to reject all cookies except for those necessary to run the Toqan Website. Our Cookie Notice can be found here.
Under applicable data protection and privacy laws, you may have rights to:
Access your personal data
You may ask us whether we process any personal data that relates to you. If this is the case, you may ask us to provide you with a copy of the personal data we process of you insofar as required by applicable data protection laws.
Correct and erase your personal data
You may request us to correct any inaccurate personal data we process about you. Also, you may ask us to erase the personal data that relates to you if it is no longer necessary for the purposes for which we processed them, if you have withdrawn your consent and we do not have another legal ground for processing your personal data, if your personal data have been unlawfully processed, or if your personal data must be erased following applicable EU or EU member state laws.
Object to processing your personal data
You may object to our processing of your personal data based on our legitimate interest. We will then no longer process your personal data for this purpose, unless we have an overriding legitimate interest to do so. You may also ask us to erase your personal data, unless there is an overriding legitimate interest for the processing.
Data portability
Where applicable, you may request the receipt or transmission to another organization in a machine-readable form, of the personal information that you have provided to us.
Lodge a complaint with the appropriate Data Protection authority
If you feel that we do not comply with the applicable data protection and privacy laws, you have the right to lodge a complaint with your local supervisory authority. In the Netherlands this would be the Autoriteit Persoonsgegevens.
How to exercise your data protection rights
If you would like to exercise any of your data protection rights, please contact us at privacy@prosus.com. Your request should contain a description of the personal data you want to access to and/or other right you want to exercise. You may be asked to provide a copy of an identification document as a means to authenticate your identity.
Should you have any questions regarding the processing of your personal data, or if you want to exercise any of your individual rights, please send us an email at privacy@prosus.com
This Privacy Statement may be changed over time. The most up-to-date Privacy Statement is published on our website, so we invite you to visit our Privacy Portal to read about how your personal data is processed. This Privacy Statement was last changed 24th July 2023.