Privacy Policy

Last updated March 08, 2024

Welcome to Apptree! Thank you for choosing to use our services. Please read this Privacy Policy carefully.

This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information, in conjunction with your access to and use of the Apptree Services.

Apptree is alternatively a data processor or a data controller when it processes data directly or indirectly based on the order of its Users. Apptree is headquartered at Rue d’Arenberg, 44 – 1000 Brussels (BELGIUM, EUROPE).

Apptree is registered at the Belgian Registre du Commerce under the number: BE0538.711.472.

Please read carefully and understand this Privacy Policy.

This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information and personal data, in conjunction with your access to and use of the Apptree Services.

  1. Definitions https://www.autoriteprotectiondonnees.be/citoyen/agir/demander-une-mediation

The following terms shall have the following meaning:

“Access codes”: username and password any credentials (including but not limited to passwords, usernames, 2FA and OTP) used by the User or the Customer together or separately to identify oneself and access the Services. The access codes are part of the User Account.

“Adequacy Decision”: means, according to the European Data Protection Supervisor (https://edps.europa.eu/data-protection/data-protection/glossary/a_en):‘An “adequacy decision” is a decision adopted by the European Commission on the basis of Article 45 of the GDPR, which establishes that a third country (i.e. a country not bound by the GDPR) or international organisation ensures an adequate level of protection of personal data. Such a decision takes into account the country's domestic law, its supervisory authorities, and international commitments it has entered into”.

“App stores”: means any type of digital shop provided by Platforms or Third Party on mobile devices, computers or any other digital devices to download any kind of applications made available to the public by developers.

“Application(s)” or “Service(s)”: alternatively means any type of interface allowing the User to deliver to its End-Users any type of contents through the use of Apptree’s “BackOffice”“Application”: mobile or desktop application created by the User through Apptree infrastructure and made available to the public to for download or to access from a third-party platform or accessible from a web browser through PWA or on any mobile device.\

"BackOffice": the embedded web app allowing the User to create, review, personalise, modify, delete and send to Apptree and finally send to Platforms its finalised Application.

“Binding Corporate Rules” ("BCR"): mean according to the European Data Protection Supervisor (https://edps.europa.eu/data-protection/data-protection/glossary/b_en#bindingrules): Binding corporate rules (BCRs) are a legal tool that can be used by multinational companies to ensure an adequate level of protection for the intra-group transfers of personal data from a country in the EU or the European Economic Area (EEA) to a third country.

“Cookie”: means a small piece of text file that is implemented on your computer or mobile device to allow that website to remember your choices, personalisation requests and to keep this information in memory for a certain limited time in accordance with law and regulation.

"Customer Service": the service that assists the Customer or the User regarding but not limited to any technical issues or assistance that must be dealt with, invoice issues, payment/fees regarding the subscription or any kind of assistance made through email or chat regarding how the “BackOffice” works or can be used by the User.

"Data Protection Law": means all data protection and privacy laws applicable to the processing of personal data.

"Data Controller": means any entity that determines the purposes and means of the processing of personal data.\

"Data Protection Officer (“DPO”)": means the physical person or entity or within any Sub-processors in charge of compliance regarding both European Union Regulation (GDPR “Section 4, articles 37, 38 and 39”) and National Regulation regarding the treatment and processing of personal data or personal information.

“Data importer”: means the processor who agrees to receive form the data exporter personal data intended for processing on his behalf.

“Data exporter”: means the controller who transfers the personal data.

“End User”: Any person or entity who actually uses our Service(s). It can be users, visitors and customers of our User's Application.

"European Union Data Protection Law": means since the 25 May 2018 Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (“GDPR”) and Directive 2002/58/EC modified by directive 2009/136/CE (November 25th 2009) concerning the processing of Personal Data and the protection of privacy in the electronic communications sector and applicable to national implementation of it.

“Guest”: any person being invited by a User of the Service to provide or drop comments or publish as an Author, under the Client’s responsibility.

"iBeacon" or “beacon”: iBeacon or beacon is a miniaturised network device that uses Bluetooth Low Energy (BLE) also known as Bluetooth 4.0 and acts as a relay to detect or track any smartphone or mobile device appearing within a set range. The iBeacon or beacon can hence send push notifications to the device.

“Order”: online subscription of our Service(s).

"Personal Data" or “Personal Information”: means any information relating to an identified or identifiable natural person in accordance with article 4.1 GDPR.

"Platform'': any third-party entity including but not limited to Apple Inc. and Google LLC. A “Platform” means a provider of a hosting service which at the request of a recipient of the service, stores and disseminates to the public information, applications or services (Digital Services Act DSA 15/12/2020).

“Progressive Web App (PWA)”: means a web app that behaves and acts as if it was a mobile app on a mobile device.

“Push notification”: a notification send to any mobile device to communicate any kind of information to the User regarding the use of a service.

"Service" or "Services": access to our sites, including but not limited to www.Apptree.so, it.Apptree.so, es.Apptree.so, pt.Apptree.so, de.Apptree.so, nl.Apptree.so and fr.Apptree.so as well as your subscription to and any Order of our services, products, goods, applications, tools, offline components and features (individually the "Service" or collectively, the "Services") provided by our company Apptree, together with its affiliates, officers, directors, employees, agents and subsidiaries (hereinafter " Apptree", "we", "our" or "us").

“Standard Contractual Clauses” ("SCC"): means according to the European Data Protection Supervisor (https://edps.europa.eu/data-protection/data-protection/glossary/s_en#standard_contractual_clauses): Standard contractual clauses are legal tools to provide adequate safeguards for data transfers from the EU or the European Economic Area to third countries. In principle no authorisation is required from data protection authorities to be allowed to use these clauses. A formal notification to the authority might nevertheless be necessary.

“Stripe”: means a third party digital solution allowing digital payments and transactions to be made via credit cards or any other digital payment method. Apptree has no link at all with Stripe or with any of its affiliates and hence has no liability or responsibility regarding Stripe’s operations or business.

"Subscription": any paid access proposed by Apptree allowing, upon due payment, the User to access features, add-on or options proposed within the BackOffice.

“Sub-processor”: means any processor engaged by the data importer or by any other sub-processor of the data importer who agrees to receive from the data importer or from any other sub-processor of the data importer personal data exclusively intended for processing activities.

“User Content”: any content uploaded by you (the User), including but not limited to any designs, images, animations, videos, audio files, fonts, logos, illustrations, compositions, artworks, interfaces, text, drawings, literary works and any other materials.

“User”: any person or entity having an account allowing access to our Services.

"Website User": Any person visiting one of our websites.

Any other capitalised terms not defined in this Privacy Policy have the meanings in our Terms and Conditions of Services.

At Apptree we are convinced that data Privacy is a fundamental right that must be respected at any time when you use our Services or Application. This is why Apptree treats all data that are related to an identified or identifiable individual as personal data without consideration to the area of residency of this individual.

  1. Information and data we collect at Apptree

Data collected by Apptree regarding its User in accordance to GDPR and other applicable laws and regulations.

The Data collected by Apptree depends on how you use and interact regarding our website, Services and Application. When you create an account or when you register on any of our previously mentioned websites we can collect any of the following data:

  • Account information including unique Account ID
  • Device, mobile device or computer information and details
  • Contact information
  • Name, Surname
  • Phone number
  • Localisation data
  • Email address
  • Physical address
  • Company name, address and contact details
  • Consent to receive newsletters and other promotional or marketing messages
  • Payment method (for instance, credit card hash, PayPal account information)
  • Age
  • Gender
  • Social media profile and third party accounts details, if provided, (including but not limited to Google, Apple, Facebook, Twitter, Instagram, YouTube, Linkedin…)
  • Data use and usage
  • IP address including connection logs and data, navigator type, computer related information
  • UDIDs for Android and iPhone, IDFA, IMEIs…
  • Navigator information including metadata
  • Connection Logs and data or information or crash logs
  • Diagnostic data or performance data
  • Advertising data
  • Any kind of other data voluntarily given by the User to Apptree or any other Third Party or entity
  • Login credentials (hashed)
  • Subscriber name and contact information
  • Financial or other transaction information and details other than banking details (hashed)
  • Other Personal Data relating to the individual data subject as set by the User

We may collect details about your interaction with our Services and Apps, such as timing and manner of usage, and store this data in log files or related file types tied to your account. This collection may encompass data like your IP address, access times, browser type, and your activities within the Services. Gathering this data aids in enhancing the overall quality of our Services for you and all users.

It is not mandatory for Users to provide this information to Apptree. However, should you choose not to share this data, it may limit Apptree's functionality and our ability to provide comprehensive Customer Service or DPO assistance. Additionally, the effectiveness of our Services may be reduced if we do not receive complete or partial user or end-user data.

When you use our mobile apps (for instance Apptree app), we may collect certain information in addition to information described elsewhere in this Policy.

For example, we may collect information about the type of device and operating system you use. We may ask you if you want to receive push notifications about activity in your account. If you have opted in to these notifications and no longer want to receive them, you may turn them off through your operating system.
We may ask for, access or track location-based information from your mobile device so that you can test location-based features offered by the Services or to receive targeted push notifications based on your location. If you have opted in to share those location-based information, and no longer want to share them, you may turn sharing off through your operating system. We may use mobile analytics software to better understand how people use our application. We may collect information about how often you use the application and other performance data.

3. Personal data and information collected by the User from the End-User directly via Apptree’s Services

The User might collect data including Personal Data or personal information about the End-User during the use of the Service created through Apptree’s BackOffice (“The BackOffice”).

As you use our Services, you may import into our system Personal Information you have collected from your End Users or other individuals. We have no direct relationship with your End Users or any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission for us to collect and process information about those individuals. Consistent with the uses of Personal Information covered in this document, we may transfer Personal Information of you or your End Users to companies that help us promote, provide, or support our Services or the services of our Users (“Service Providers”). All Service Providers enter into a contract with us that protects Personal Information and restricts their use of any Personal Information consistent with this policy. As part of our Services, we may use and incorporate into features information you have provided, we have collected from you, or we have collected about End users. We may share this information with third parties in line with the approved uses in this document.

Our Customers who have created an Application using Apptree are responsible for what they do with the personal information and personal data they collect, directly or through Apptree, about their End Users.

Hence the User while collecting data from the End-User will be entitled as Data Controller and will be legally liable to meet any legal obligation as required by law or regulation. Apptree is the Data Processor.

When your End Users use the Services or browse your Application, we may collect information about their visit to your Application and their usage of the Services. That information may include IP address, operating system, browser ID, browsing activity, and other information about how they interacted with your Application. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. We may use this information in line with the approved uses mentioned in this document.

If you are an End User and no longer want to be contacted by one of our Users, please contact the User directly to update, modify, transfer or delete your data and personal data. If you contact us, we may remove or update your information within a reasonable time but no longer than one (1) month but never exceeding three (3) months in case of further investigations or difficulties and after providing notice to the User of your request.

We will retain Personal Information we process on behalf of our Users for as long as needed to provide our Services or to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

You're solely and entirely responsible for complying with any laws and regulations that apply to your collection and use of your End Users’ information, including personal information you collect about them using the Services or cookies or similar technologies. You must publish your own privacy policy, DPA, Terms and Conditions and cookie policy and comply with them.

We’re not liable nor responsible for your relationship with your End Users or how you collect and use personal information about them (even if you collect it from us or using Apptree functionality or cookies or similar technologies) and we won’t provide you with any legal advice regarding such matters.

When the End-User is using the Services made by one of our User, they will need to reach out directly to that User, the Data Controller, to discuss managing, deleting, accessing, transferring or restricting access to or otherwise withdrawing consent for use (if applicable) of, the information which you provided to them while using their Application and/or Service. Apptree, as the Data Processor, is not in a position to handle these requests. If you are having difficulties finding this User you can contact our DPO at dpo@Apptree.so and we will try our best to help you.

Please note that, for technical reasons, there may be a delay in deleting your personal Information or personal data from our systems when you ask us to delete it but it can take no longer than thirty (30) days or one (1) month in accordance with law and regulation. In case of difficulties or in case we need more information regarding this request, this delay can reach up to three (3) months as allowed by the law. Apptree will also retain personal Information or personal data in order to comply with applicable law and regulation, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law or regulation. If you are not satisfied with the Data Collector or Apptree’s (Data Processor) answer regarding how your Personal Data and personal information is managed or treated you can send your complaint directly to the APD via this link (https://www.autoriteprotectiondonnees.be/citoyen/agir/demander-une-mediation) or the CNIL (Commission Nationale Informatique et Libertés) by sending a message via the CNIL website [https://www.cnil.fr/fr/plaintes], or by sending a postal letter at CNIL - Service des Plaintes - 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.

Apptree will retain Personal Information or personal data, we process on behalf of our Users for as long as needed to provide our Services or to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

4. Your Privacy Rights at Apptree

At Apptree we comply and strongly respect, as required by the GDPR and other regulations, your right to access, consult, correct, erase, transfer and your right to data processing limitation, if any applicable.

If you are a User: You can access, update, change or delete personal information (or that of your End Users) either directly in your Account or by contacting us at dpo@Apptree.so to request the required changes. You can exercise your other rights (including deleting your Account) by contacting us at the same email address.

If you are a End User: When you are using an Application made by one of our Users, you will need to reach out directly to that User, the Data Controller, to discuss managing, deleting, accessing, restricting access to or otherwise withdrawing consent for use of the information which you provided to them while using their Application. Apptree, as the Data Processor, is not in a position to directly handle these requests. If you are having difficulties finding this User you can contact us at dpo@apptree.so and we will try our best to help you. You can consult, read and understand Apptree’s privacy policy at https://www.apptree.so/privacy/.

According to relevant law and regulation you have a right to access, modification, opposition, erasure (right to be forgotten), treatment limitation, consent withdrawal (if applicable) or data portability (if applicable or relevant). To exercise these rights you can write to our DPO by email at dpo@apptree.so. You can also communicate to our DPO your instructions concerning the fate of your data after your death. If you are not satisfied with Apptree’s answer regarding how your Personal Data or personal information is managed or treated you can send your complaint directly to the APD (https://www.autoriteprotectiondonnees.be/citoyen/agir/demander-une-mediation).

Apptree, in some cases, might not be legally able to meet the User or End-User requests regarding their data privacy or personal data request. This can be justified by the fact that Apptree might be legally required to keep some data or information to meet legal obligations or requirements, this can include, but is not limited to, financial data, transaction records, anti fraud regulation, anti money laundering regulation or any kind of data or information that must be legally kept.

5. Apptree’s use of personal data

At Apptree we use personal data and information to enable our Services to technically work. We also use this information and data to enable commercial, marketing, financial transactions and payment to be handled directly by Apptree and by our Third Party or entities including but not limited to Stripe, Paypal, Apple Pay, Google Pay and Mercado Pago.

Apptree can use personal data for different purposes such as:

  • Billing: To bill and collect money owed to us by our Users. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments.

  • Advertising: To promote use of our Services to you and others. For example, if we collect your Personal Information when you visit our Website and do not sign up for any of the Services, we may send you an email inviting you to sign up. If you use any of our Services and we think you might benefit from using another Service we offer, we may send you an email about that. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send. In addition, we may use information we collect in order to advertise our Services to you or suggest additional features of our Services that you might consider using.

  • Newsletters and notices: To send you messages related to your use of the Services. For example, we may inform you of temporary or permanent changes to our Services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy.

  • Customer Support: To communicate with our Users about their account and provide customer support.

  • Compliance: To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations.

  • Third Party protection: To protect the rights and safety of our Users and third parties, as well as our own.

  • Legal requirements: To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms. To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.

  • User and End-User support: To provide, support, and improve the Services we offer. This includes our use of the data that our Users provide us in order to enable our Users to use the Services to communicate with their End Users. This also includes, for example, aggregating information from your use of the Services or visit to our Websites or Applications created with our Service and sharing this information with third parties to improve our Services. This might also include sharing your information or the information you provide us about your End Users with third parties in order to provide and support our Services or to make certain features of the Services available to you. When we do have to share Personal Information with third parties, we take steps to protect your information by requiring these third parties to enter into a contract with us that requires them to use the Personal Information we transfer to them in a manner that is consistent with this policy.
    Apptree uses personal data or information in full compliance with law and regulations or only when Apptree has a valid legal basis to do so as required by law and regulation. These legal basis can include and are limited, in accordance with law and regulation, to:

  • Consent

  • Contractual obligation

  • Legal requirement

  • Safeguard of person’s vital interest

  • Public interest

  • Legitimate interest

Apptree’s legal basis for data collection are, consent (when applicable), contractual obligation, legal requirement and its legitimate interest in accordance with article 6 (a), (b), (c) and (f) GDPR.

Apptree will keep personal data or information to meet the purposes for which it was collected as described in our Data and Privacy Policy or as required by law or any other applicable regulations.
If our User or your End-User has any question, demand or request regarding these legal basis they can contact our DPO at dpo@apptree.so or through the form available online at https://www.Apptree.so/contact/][https://www.apptree.so/contact/

If you are not satisfied with Apptree’s answer regarding how your Personal Data or information is managed or treated you can send your complaint directly to APD (https://www.autoriteprotectiondonnees.be/citoyen/agir/demander-une-mediation)

6. Apptree’s sharing of personal data

Apptree may share personal data or information with Sub-Processors, Third-Party or with any other company or entity that is affiliated or that works with Apptree in relation to our activities, business or operations.

Entity NameCorporate Location
Amazon Inc. (AWS)Washington, USA, London UNITED KINGDOM, Ireland, Stockholm, Frankfurt, Paris, Milan, EUROPE
Apple Inc.California, USA
Google LLC.California, USA
Google Ireland LimitedIreland, EUROPE
Slack TechnologiesCalifornia, USA
OVHFrance, EUROPE
TwilioCalifornia, USA
Stripe Inc.California, USA
Hubspot inc.California, USA

7. Protection of data at Apptree

Apptree is and will implement and put in action all, state of the art, technologies including, but not limited to, administrative, technical and physical measures to fully meet and respect the legislation and regulation that are in force; this include, but is not limited to the GDPR. This includes the formation of its own employees, staff and personnel regarding data privacy, compliance and data protection.

Apptree will also ensure that its Sub-Processor and Third Party or entities will also ensure continuous formation of their employees and that they will implement all, state of the art, technologies including, but not limited to, administrative, technical and physical measures to fully meet and respect the legislation and regulation that is in force; this include, but is not limited to the GDPR.

While no service is completely secure, we have a security team dedicated to keeping personal information safe. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of the personal information in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities.

More information can be found on the https://www.Apptree.so/dpa/

8. Transfer of Personal Data between Countries within the European Union and outside of the European Union

Apptree is delivering and making it possible to access its Services, Applications and websites within the European Union as well as all around the World. Hence, your personal data and information might be transferred or accessed by Third Parties or entities located all around the World or in any country inside or outside of the European Economic Area (EEA).

Therefore, Apptree will comply with any law or regulation regarding Data Transfer and Data Processing within the European Union or outside the European Union. In order to comply with regulation about Data Transfer and Data Processing outside the European Union, Apptree will meet all the legal requirements by complying with any Adequacy Decision emitted by the European Commission on the basis of article 45 of the GDPR.\

Also, Apptree will put in force "BCR" (“Binding Corporate Rules”) and "SCC" (“Standard Contractual Clauses”) with its Third Party companies or entities located outside of the European Economic Area (“EEA”) or when an Adequacy Decision does not exist.

9. Public information and Third parties

9.1 Blog: We have public blogs on our Websites. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information or personal data appears on our blogs and you want it removed, contact our DPO us at dpo@apptree.so. If we are unable to remove your information, we will tell you why.

9.2 Social media platforms and widgets:   Our Websites include social media features. These features may collect information and data about your IP address and which page you are visiting on our Website, and they may set cookies or tracking features to make sure the website feature functions properly. Social media features and widgets are either hosted by a third party or entity or hosted directly on our Website. We also maintain presences on social media platforms including, but not limited to, Facebook, Linkedin, YouTube, Twitter, and Instagram. Any information, data, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy or data protection. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies, data protection policy and cookies policy of the companies that provide them.

9.3 Links to third-party websites: Our Websites include links to other websites, whose privacy practices, data protection and cookie policy may be different from ours. If you submit Personal Information or personal data to any of those sites, your information is governed by their privacy policies, data protection policy and cookie policy. We encourage you to carefully read the privacy policy, data protection policy and cookie policy of any Website you visit or use.

9.4 Service Providers Sometimes:We share your information with our third party Service Providers, who help us provide and support our Services. For example, if it is necessary to provide you something you have requested (like enable a feature such as Social Profiles), then we may share your and/or your End-Users' Personal Information with a Service Provider for that purpose. Just like with the other third parties we work with, these third party Service Providers enter into a contract that requires them to use your Personal Information and personal data only for the provision of services to us and in a manner that is consistent with this policy and with law or regulations.

9.5 Advertising partners: We may partner with third party advertising networks or platforms and exchanges to display advertising on our Websites or to manage and serve our advertising on other sites and may share Personal Information or personal data with them for this purpose. All third parties with which we share this information are required to use your Personal Information and in a manner that is consistent with this policy. We and our third party partners may use cookies and other tracking technologies, such as pixels and web beacons, to gather information about your activities on our Websites and other sites in order to provide you with targeted advertising based on your browsing activities and interests.

10. Changes to this privacy policy

Apptree has the discretion to update this privacy policy at any time. When we do, revise the updated date at the top of this page. We encourage Users and End-Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information and personal data we collect. You acknowledge and agree that it is your responsibility and liability to review this privacy policy periodically and become aware of any modifications or changes.

11. Your acceptance of these terms

By using our Services or accessing any of our websites, you signify your acceptance of this policy and Terms of Service, data protection policy, privacy policy and cookie policy. If you do not agree to these policies, please do not use our Services or access our websites but notify us directly by email at dpo@Apptree.so. Your continued use of the Services or of any of our websites following the posting of changes to this policy will be deemed your acceptance of those changes or modifications.

12. Contacting us - Data Protection Officer (DPO)

Apptree designated its Data Protection Officer, as required by GDPR. Apptree's DPO located at Rue d’Arenbert, 44 – 1000 Brussels, BELGIUM.

If you have any questions about this Privacy Policy, data protection policy or cookie policy, the practices of this site, or your dealings with this site, please contact our DPO at: dpo@Apptree.so. If you are not satisfied with Apptree’s answer regarding how your Personal Data or personal information is managed or treated you can send your complaint directly to APD https://www.autoriteprotectiondonnees.be/citoyen/agir/demander-une-mediation.

All Legal notices to Apptree shall be sent to: Apptree, rue d’arenberg 44, 1000 Brussels, BELGIUM (for updated contact go to www.apptree.so