Gorillini Privacy Statement

Last modified on December 18, 2022.

First of all, we are excited that you are interested in the product of Gorillini (i.e. Gorilla). 

In this privacy statement, we document the way Personal Data is processed by us.

It is possible that we will ask you to share certain Personal Data with us, including but not limited to your first name, last name, e-mail address. For certain specific obligations you may be required to provide us with additional data, such as billing or payment data. 

We only collect Personal Data that is necessary to inform you about our products and services, to execute agreements with you, to contact you, to comply with a legal obligation to which we are subject and to continue to improve the quality of our products and services.

The legal grounds for the processing of your Personal Data are the execution of an agreement, a legal obligation, our legitimate interest and, in some cases, your consent (see also article 2).

The processing of your Personal Data is subject to this privacy statement. In case you have questions or remarks, please contact privacy@gorilla.co. 

 

Article 1 – DEFINITIONS

Affiliated Company” means a company to which Gorilla is affiliated, provided that such company meets the conditions for an “affiliated company” as set out in Article 1:20 of the Belgian Code on Companies and Associations. 

Controller” has the meaning as defined in the General Data Protection Regulation 2016/679. Gorilla will be qualified as the Controller, which determines the purposes and means of the processing of Personal Data.

Gorilla” is the tradename/company name of Gorillini NV, a company with registered office situated at 2000 Antwerp (Belgium), Scheldestraat 11 and registered in the Belgian Crossroads Bank for Enterprises with number 0717.600.654.

Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any information relating to an identified or identifiable natural person (also called the “data subject”). 

Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which processes Personal Data on behalf of the Controller.

Website” means the website of Gorilla: www.gorilla.co. 

Article 2 – PURPOSES AND LEGAL GROUNDS

In this article 2 we have set out:

  • the general categories of Personal Data that we may process;
  • the purposes for which we may process Personal Data;
  • and the legal grounds of the processing.

Client data
In relation to providing our products and services we collect and process the identity and contact data of our clients, their personnel and associates. The data may be processed for the purposes of execution of the agreement with our clients, customer care, bookkeeping and direct marketing purposes such as the sending of promotional or commercial information. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation), our legitimate interest and, in some cases, your consent. 


Supplier and subcontractor data
We collect and process identity and contact data of our suppliers and subcontractors, their subcontractors, personnel and associates. The data may be processed for the purposes of execution of the agreement, supplier/subcontractor care and bookkeeping. The legal grounds for this processing are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.
 
Personnel data
We process Personal Data of our employees in relation to our personnel and our staffing services and our salary administration services. The legal grounds are the execution of an agreement, the fulfilment of legal and regulatory obligations (e.g. the accounting legislation) and/or our legitimate interest.

Data of applicants 
We process the identity and contact data, as well as the work history and other data that is usually indicated on a curriculum vitae of applicants when they provide us with this information. The Personal Data is processed to determine whether you qualify for a job with us on the ground of our legitimate interest. 
 
If we wish to retain your Personal Data for a longer period of time after the relevant vacancy has been filled, we will inform you and request your consent to do so.

Other data
In addition to the data of clients, suppliers/subcontractors, employees and applicants, we also process Personal Data of others, such as possible new clients/prospects, useful contacts within our sector, network contacts, etc. This is done via our Website or other channels. The purposes of this processing are in the interest of our activities, direct marketing and public relations. The legal grounds for this processing are our legitimate interest, the execution of an agreement and, in some cases, your explicit consent. 

Specifically, we may use the Personal Data we collect for the following purposes:

  • to provide you with information about our products and services;
  • to provide you with our services and execute any agreements with you;
  • to process and respond to any complaints or requests;  
  • to help us in evaluating, correcting and improving the Website and any related products or services of us;
  • for direct marketing purposes;
  • for internal reasons, such as corporate administration and archiving purposes.

Article 3 – THE CONFIDENTIALITY OF YOUR PERSONAL DATA

Every time you submit Personal Data, we shall handle this information in accordance with the stipulations of this privacy statement and any legal obligations applicable to the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679. 

We shall establish appropriate measures and procedures to secure and protect the Personal Data we collect.  In this way, we undertake to prevent, as far as can be reasonably expected, illegal processing of Personal Data and unintentional loss or liquidation of your Personal Data. 

We optimize the security of your Personal Data by limiting access to your Personal Data to persons on a “need-to-know” basis (for example: only the employees, associates or subcontractors of Gorilla who need your Personal Data for the purposes as described in article 2 will have access to the data).


Article 4 – HOW DO WE COLLECT YOUR PERSONAL DATA AND FOR HOW LONG IS IT STORED?

Collecting Personal Data

Without being exhaustive, Gorilla collects your Personal Data in the following cases:

  • when you submit Personal Data via the Website through the contact form provided;
  • when you request a demo via the Website through the contact form provided;
  • when you subscribe to our newsletter;
  • when you enter into an agreement with us;
  • when you apply for a position at Gorilla;
  • when you call, mail us or correspond
  • with us in another way than via the Website.

We can combine the Personal Data we collect via the Website with information which you provide us in another way or which third parties deliver to us. 

Retaining and deleting Personal Data

Personal Data will be stored and processed by us for the duration that is required in relation to the purposes of the processing.

Client data and supplier or subcontractor data will be removed from our systems after 7 years after the termination of the agreement involved, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).

Personal Data of our employees will be removed 5 years after the termination of the employment agreement, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).

Personal Data of applicants will be removed after the relevant vacancy has been filled or 2 years after obtaining the permission to inform applicants about future job opportunities. 

Other data will not be stored longer than 2 years after the last useful contact between us and you, except in the case of your explicit to retain this data for a longer period of time. 

 

Article 5 – TRANSFER OF PERSONAL DATA 

We will not transfer Personal Data to third parties outside the European Economic Area, except to subcontractors or associates who retain the Personal Data in accordance with the European Commission’s Standard Contractual Clauses and thereby provide an adequate level of security for the processing of Personal Data.

Furthermore, we will not transfer your Personal Data to third parties inside the European Economic Area without your permission, except:

  1. when such transfer is necessary to permit associates, agents, subcontractors, suppliers or commercial partners to provide a service or accomplish a task in the name of Gorilla which is necessary for the execution of the agreement we have with you pursuant to our legitimate interest (including but not limited to providing marketing support, accomplish market research or providing user services);
  2. if it is required or permitted by applicable laws and regulations.

Any transfer of Personal Data to one of the third parties mentioned in the list above is in accordance with the stipulations of the General Data Protection Regulation (GDPR) 2016/679. 

We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned exhaustively in Article 2, and that these third parties have taken the necessary technical and organizational measures to protect these data. 

We will have data processing agreements in place with the aforementioned third parties in order to ensure the security of the Personal Data.

Finally, we shall take all necessary precautionary measures to assure that our employees and associates who have access to Personal Data will process these Personal Data exclusively in accordance with this privacy statement and the obligations under the applicable privacy regulations.  

 

Article 6 – RIGHTS OF THE DATA SUBJECT 


By virtue of both Belgian and European legislation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send a written request to privacy@gorilla.co. If there is no reasonable certainty as to your identity, we may ask you to provide us with a copy of the front side of your ID card.

Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

We will provide you with information within one (1) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of three (3) months, in which case you will be informed about the reasons for such delay within one (1) month of the original request. 

The right of access to Personal Data
You have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected. 

The right to rectification of Personal Data
We kindly ask you to help to make sure that the Personal Data in our records are as accurate and up-to-date as possible. If you believe that the Personal Data submitted to us are incorrect or incomplete, please notify us as described above. We will correct or adapt your Personal Data as soon as possible. 

The right to erasure of Personal Data  
In some circumstances, you have the right to the erasure of your Personal Data without undue delay. Those circumstances include: 

  1. the unnecessity to hold the Personal Data any longer in relation to the purposes for which they were collected or otherwise processed;
  2. the withdrawing of the consent to consent-based processing;
  3. the processing that is for direct marketing purposes; and
  4. in case the Personal Data have been unlawfully processed. 

However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: 

  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation; or
  3. for the establishment, exercise or defence of legal claims.

The right to restrict the processing of Personal Data
In the following circumstances you have the right to restrict the processing of your Personal Data: 

  1. for contesting the accuracy of the Personal Data;
  2. when the processing is unlawful but you don’t want the Personal Data to be erased; or
  3. when you objected to processing, pending the verification of that objection. 

Where processing has been restricted on this basis, we may continue to store your Personal Data. However, we will only process it with your explicit consent, for the establishment, exercise or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.

The right to object
You have the right to object to our processing of your Personal Data, under the following circumstances:

  1. when we process your Personal Data for direct marketing purposes (including profiling for these purposes) based on our legitimate interest; and
  2. on grounds relating to your particular situation (special personal circumstances). 

The right to data portability
If you wish to exercise your right to data portability, we will send the Personal Data in a structured, commonly used and machine-readable format to a controller of your choice.

The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing before the withdrawal.

The right to complain to a supervisory authority
You can file a complaint with the Data Protection Authority (“Gegevensbeschermingsautoriteit”) by sending an e-mail to contact@apd-gba.be or by sending a written request to the Data Protection Authority with registered address located at 1000 Brussels, Drukpersstraat 35.

 

Article 7 – THIRD PARTY LINKS 

The Website may contain links to websites of third parties which are not controlled by us. Although we will do our utmost to make sure that the links on the Website lead exclusively to websites that have corresponding security and confidentiality standards, we are not responsible for the protection and confidentiality of data, among Personal Data which you submit on other websites after you have left the Website. 

Before submitting Personal Data we recommend that you proceed carefully and consult the privacy statement which applies to the website concerned.

 

Article 8 – AMENDMENTS

We may update this privacy statement from time to time by publishing a new version on our Website.
You should check this page occasionally to ensure your agreement to any changes to this privacy statement.

We may notify you of changes to this privacy statement by email to the extent that your e-mail address is available to us.

 

Article 9 – COOKIES
We use “cookies” each time you visit the Website. 

A “cookie” is a piece of information sent to your device via the server and stored on the device’s hard drive. Cookies help us to recognize your device when you visit the Website. This allows us to make processing more user-friendly and to provide you with a personalized service. 

For more information, we refer to our cookie statement which can be found below.

GORILLINI COOKIE STATEMENT

Last modified on December 18, 2022.

GORILLINI NV
Company number: 0717.600.654
Website: www.gorilla.co
Email adress: privacy@gorilla.co 
 

1 – INTRODUCTION

Gorillini uses “cookies” whenever you use the Website. 

In this cookie statement, we would like to inform you about our use of cookies. 

We emphasize that certain functionalities of the Website will not be available when you do not accept the cookies involved. 

Our use of cookies is subject to this cookie statement. Given that cookies may contain personal data, their processing is also governed by our privacy statement. 

For questions and/or comments, please contact privacy@gorilla.co.

 

2 – ABOUT COOKIES

A “cookie” is a piece of information sent to your device via the server of the Website and stored on the device’s hard drive when you visit the Website. Cookies help us to recognize your device when you use the Website. The Website’s server can only read the cookies it has placed itself and has no access to other files stored on your device. 

This enables us to make processing user-friendly and to provide you with a personalized service.

Cookies also include so-called “scripts”. A script is a programming code used in order to make the Website function optimally and interactively. 

Finally, cookies also include ‘webbeacons’, ‘pixeltags’ or ‘social media cookies’. These cookies are used for the integration of social media websites in the Website. 

 

3 – TYPES OF COOKIES

There are different types of cookies:

Origin 

  • First-party cookies are cookies that are placed directly on the Website by us.
  • Third-party cookies are cookies placed on the Website by third parties. This means that elements originating from other websites are incorporated in the Website.
Lifetime

  • Persistent cookies remain on your device for the lifetime of the cookie. They are activated each time you visit the Website. 
  • Session cookies simplify and link the user’s actions during the browser session. Each time you open the browser, these cookies are placed temporarily. Session cookies are deleted as soon as the browser is closed.

Function/purpose

  • Necessary cookies ensure that all components of the Website function optimally, without which you will not be able to use the Website as intended. These cookies can be installed without your consent. 
    For example, the cookies allow you to navigate between different parts of the Website or to block access to secure areas of our Website. These cookies do not allow us to identify you as an individual.
  • Functional cookies are cookies that enable the Website to offer additional functionalities and personal settings, such as cookies that make it possible to remember and reproduce the choice of language or the content of a form or a shopping basket. 
    If you do not accept these cookies, certain parts of the Website may not function or may not function optimally.  
  • Non-functional cookies are cookies that display the way you use the Website. Based on this collected information a statistical analysis is made in order to make the structure, navigation and content of the Website user-friendly and to improve it. Your explicit consent is required to install these cookies.

  • Marketing cookies are used to personalize online marketing offers. Based on a profile, drawn up on the basis of your surfing behaviour on the Websites, both we and third parties gain insight into campaign performance. 
If social media websites install social media cookies through the Website to collect (your) data, we have no influence on the use of and the way in which the social media websites handle this data. More information in this respect can be found in the privacy statements of the social media website, which are each indicated in the list of active cookies in article 5 hereunder. Please note that these privacy statements may be modified at any time by the social media websites involved.

 

4 – LEGAL GROUNDS 

The processing of necessary cookies is based on our legitimate interest as necessary cookies are required for the proper functioning and security of the Website.

The processing of other cookies is based on your prior consent to do so. 

 

5 – WHAT COOKIES ARE USED ON THE WEBSITE?

Below you will find a detailed list and description of the cookies used by us on the Website:

COOKIE NAME PROVIDER Category TYPE EXPIRY Purpose
__cf_bm Hubspot Necessary HTTP 1 day
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
li_gc Linkedin Necessary HTTP 180 days
Stores the user's cookie consent state for the current domain
test_cookie Google Necessary HTTP 1 day
Used to check if the user's browser supports cookies.
li_gc Linkedin Necessary HTTP 180 days
Used to store consent of guests regarding the use of cookies for non-essential purposes
li_mc Linkedin Necessary HTTP 180 days
Used as a temporary cache to avoid database lookups for a member's consent for use of non-essential cookies and used for having consent information on the client side to enforce consent on the client side
CONSENT Google Necessary HTTP 2 years
Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website.
__hssrc Hubspot Functional HTTP Session
Used to recognise the visitor's browser upon reentry on the website.
_gat Google Functional HTTP 1 day
Used to monitor the number of Google Analytics server requests when using Google Tag Manager
bcookie Linkedin Functional HTTP 1 year
Used by the social networking service, LinkedIn, for tracking the use of embedded services.
hubspotutk Hubspot Functional HTTP 180 days
This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
lang Gorilla Functional HTTP session
Used to remember a user's language
lidc Linkedin Functional HTTP 1 day
Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience.
__hssc Hubspot Analytical HTTP 1 day
This cookie keeps track of sessions & Identifies if the cookie data needs to be updated in the visitor's browser.
__hstc Hubspot Analytical HTTP 180 days
Sets a unique ID for the session. This allows the website to obtain data on visitors behaviour for statistical purposes.
_ga Google Analytical HTTP 2 years
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_ga_# Google Analytical HTTP 2 years
Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit.
_gid Google Analytical HTTP 1 day
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
AnalyticsSyncHistory Linkedin Analytical HTTP 30 days
Used in connection with data-synchronization with the third-party analysis service.
Collect Google Analytical Pixel Session
Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.
ln_or Gorilla Analytical HTTP 1 day
Registers statistical data on u sers' behaviour on the website. Used for internal analytics by the website operator.
__ptq.gif Hubspot Marketing Pixel Session
Sends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.
_fbp Facebook Marketing HTTP 90 days
Used by Facebook to identify browsers for the purposes of providing advertising and site analytics services.
_gcl_au Gorilla Marketing HTTP 3 months
Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.
ads/ga-audiences Google Marketing Pixel Session
Used to detect whether the user in tends to leave the page via cursor movements. This allows the website to trigger certain pop-ups to keep the user on the website or convert them to customer.
bscookie Linkedin Marketing HTTP 1 year
Used for remembering that a logged in user is verified by two factor authentication
fr Facebook Marketing HTTP 90 days
the "fr" cookie is used to deliver, measure and improve the relevancy of ads
IDE Google Marketing HTTP 1 year
Used by Google to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
lissc Linkedin Marketing HTTP 1 year
Used to ensure there is correct SameSite attribute for all cookies in that browser
UserMatchHistory Linkedin Marketing HTTP 30 days
This cookie is used by LinkedIn Ads to help Gorilla measure advertising performance. More information can be found in their cookie policy.

 


6 – AUTHORIZATION 

It is only permitted to store cookies on your device without your permission if it is impossible to visit the Website without using the cookie or if the cookie is necessary for the service provided by the Website. If these conditions are not met, we will only place the cookies in question after we have obtained your permission.

Consent is given by clicking on the button “Accept” when you visit the Website for the first time. Furthermore, you have the possibility to set your preferences by clicking on the button “Setting”, where you can choose to use only certain cookies. 

You can withdraw your consent at any time by clicking on the toggle button “Enabled” in the “Setting” section.

 

7 – TURN ON/OFF

Through your web browser you can also delete cookies automatically or manually and you can specify whether or not certain cookies may be placed. Also, you can set your web browser to notify you when a cookie is placed. More information about these settings can be found in the instructions in the Help-function of your browser. 

If all cookies are disabled, the Website may not function or not function optimally.