Personal data
Last updated on November 17 2022
Jooxter works every day to make our customers' workspaces smarter. Thanks to our services and applications, our customers' employees can visualize, search and use their workspaces more effectively on a daily basis. Our services require the use and processing of your employees' personal data, carried out by Jooxter as a subcontractor of the client company.
Our commitments regarding your employees' personal data
We understand the importance of protecting your employees' personal data. This issue is all the more important to us because of our position as a subcontractor to our customers. That's why we have made three confidentiality commitments to protect your employees' data.
- We'll always be transparent about the personal data we use: you'll know how and why we need it.
- We will only use this personal data if we really need it.
- We will protect personal data using the best possible combination of technology, people and processes.
Every time you use our service, whether on our website or our application, we will protect your employees' personal data in the manner set out in this document.
As the data controller and Jooxter customer, you are solely responsible for complying with applicable legislation and obtaining any necessary prior authorizations.
Personal data and processing
The personal data present and processed in Jooxter come from three distinct sources:
- To ensure the smooth running of Jooxter, you will be required to provide us with personal data concerning your employees: list of users with their personal and professional information.
- By using Jooxter, your employees will generate usage data, which can be assimilated to personal data.
- Your employees may be asked to provide personal data from people outside the company, in particular the names of external guests at meetings. When they provide personal data, it is their responsibility to ensure that they are authorized to do so.
| Type of personal data | Why do we use them? | Legal basis |
| Identity (Name, professional e-mail address, language, telephone, profile photo) | Allow personal, authenticated access. Only employees authorized by the client company can use Jooxter. The use of name and e-mail address guarantees personal, authenticated access for each employee. | We need this information to offer you these services. This is part of our contract with you. |
| Identify the person reserving a space. The user's identity is linked to all his or her reservations to prevent any misuse of the space. | We need this information to offer you these services. This is part of our contract with you. | |
| Enable users to be invited to events. When making a reservation, users can invite other colleagues to an event. To do so, he/she performs a person search using the name or email address of the user to be invited. | We need this information to offer you these services. This is part of our contract with you. | |
| User notification. We need to be able to notify the end user by various means of communication when using Jooxter: account creation, invitation/creation/modification/deletion of a reservation, for example. | Legitimate interests. In practical terms, this means using your data in a way that is necessary (and balanced with your rights) for us to provide you with services. | |
| Employee profile data (company, building, user group, department, profile, rights) | Filter accessible areas and environments. Employees may have different access and visibility authorizations, depending on their profile, department or user group. This information is essential for segmentation. | We need this information to offer you these services. This is part of our contract with you. |
| Assign management rights to areas. Certain collaborators will benefit from advanced user rights, to supervise the use of one or more spaces or collaborators. | We need this information to offer you these services. This is part of our contract with you. | |
| Reservation data (Reservation holder, beneficiary, guests) | Determining space availability. Jooxter uses all reservations made by employees to determine space availability. | We need this information to offer you these services. This is part of our contract with you. |
| Make it easy to modify reservations. Each reservation is assigned to one or more users, who can then view, confirm, modify or cancel it if necessary. | We need this information to offer you these services. This is part of our contract with you. | |
| Enable space management. Space managers need to identify the people who have reserved spaces in order to monitor and arbitrate space use. | We need this information to offer you these services. This is part of our contract with you. | |
| Approximate location information (reservation information, iBeacon detection) | Search for a colleague using reservation data. Users belonging to the same collaborator group can search for colleagues using the location of their current reservation. | We need this information to offer you these services. This is part of our contract with you. |
| Search for a colleague by status. Users attached to the same collaborator group can search for their colleagues using the status they have freely declared. | We need this information to offer you these services. This is part of our contract with you. | |
| Provide local services. If activated by the user, indoor location via iBeacon enables the user to position himself on the building's floor plan, and visualize nearby spaces. | End-user consent via activation of the "Location" function in the Jooxter mobile application. | |
| Search for a colleague via indoor location. Users belonging to the same collaborator group can search for colleagues using their last indoor location, if the user being searched for has activated it. The location calculated using iBeacons is only stored for 30 minutes, after which it is impossible to access the past location of colleagues. | End-user consent via activation of the "Location" function in the Jooxter mobile application. | |
| Usage information (search, booking, usage, IP address) | Analyze workspace utilization. To provide site managers with a complete analysis of space utilization, essential for optimizing their environment, we process all occupancy-related data to create a dynamic dashboard. | We need this information to offer you these services. This is part of our contract with you. |
| Personalize the user experience. We collect information relating to the use of our services to provide the end-user with a better user experience: storing authentication, search filters and preferences. | Legitimate interests. In practical terms, this means using your data in a way that is necessary (and balanced with your rights) for us to provide you with services. | |
| Ensuring the quality and evolution of the solution. We analyze data on the use of our services to ensure that the service is running smoothly and to prepare for future developments of the solution. | Legitimate interests. In practical terms, this means using your data in a way that is necessary (and balanced with your rights) for us to provide you with services. | |
To carry out the activities listed above, we work with service providers who meet the same high standards with regard to the protection of personal data:
- Data hosting: we work with AWS, the market leader in the cloud, a platform renowned for its stability and security (see details below).
- Data analysis: to analyze usage data and provide our customers with occupancy dashboards, we use the Power BI service provided by Microsoft, hosted in the European Union.
- Synchronization with the customer's calendar: to guarantee the stability and quality of synchronization between Jooxter and the customer's calendar (Exchange / Google Calendar), we use the Cronofy solution, which interfaces the calendar databases of both parties, guaranteeing end-to-end security.
- For more specific needs, we may rely on third-party services, ensuring that they comply with European regulations and Jooxter requirements. These service providers may not use your personal data for any purpose other than the specific service in question. In addition, we only provide them with the elements of your personal data they actually need.
The authorities
- For legal reasons, we may have to share some personal data with the police, customs authorities, regulatory authorities or government and law enforcement agencies. If we are required to pass on such data, we will inform you as soon as possible. In such cases, it is the responsibility of the authorities to protect your information.
Data retention
- By default, personal data in use is kept until the end of the contract binding you to Jooxter, or until the end of a period defined by the customer, or at the request of the person concerned.
- Archived data will be deleted automatically 12 months after termination of the contract or at your request.
Security
The security of all data held by Jooxter is at the heart of our product development policy. The same level of security is applied to your employees' personal data:
- We use the hosting solution of AWS, the world leader in the cloud, renowned for its security. The services we use provide us with the level of security required to process sensitive data, particularly banking and medical data (ISO 27001 / 27017 / 27018).
- Our databases are encrypted at rest using AES-256, and all data flows are encrypted using TLS 1.2.
- Our servers are automatically updated every week with the latest security patches.
By relying on the secure services of the world leader in hosting and using data encryption methods, we guarantee our customers a level of security that exceeds the requirements induced by the criticality of the personal data processed by Jooxter.
Data stored within the European Union
- All data, personal or otherwise, processed by Jooxter is hosted and replicated within the European Economic Area (EEA), in Ireland.
- This data, whether personal or not, never leaves the EEA, even when it is accessed by a third party (Jooxter's subcontractor).
Your employees' rights
Your employees have various rights in relation to the use of their personal data. We are at your disposal to facilitate the processing of any requests they may have concerning Jooxter: requests for information on processing and consultation, modification or deletion of their personal data. In accordance with legal recommendations, we will respond to such requests within thirty days.
Changes to our privacy policy
Future developments in our solution or its technical structure may lead us to change the way we use personal information. If this is the case, we will update our Privacy Policy, which is described in this document. You can see the date of our last update at the top of this page. In the event of a significant change, you will be informed in advance.