Personal data
Last updated on November 17 2022
Jooxter works every day to make our customers' workspaces smarter. Through our service and applications, our customers' employees view, search and use their workspaces more efficiently on a daily basis. Our services require the use and processing of your employees' personal data, performed by Jooxter as a subcontractor of the customer company.
Our commitments regarding your employees' personal data
We are aware of the importance of protecting the personal data of your employees. This issue is all the more important to us because of our position as a subcontractor towards our customers. This is why we make three commitments in terms of confidentiality in order to protect your employees' data.
- We will always be transparent about the personal data we use: you will know how and why we need it.
- We will only use this personal data if we really need it.
- We will protect this personal data using the best possible combination of technology, people and processes.
Whenever you use our service, whether on our website or our application, we will protect your personal data in the manner set out in this document.
As the person responsible for processing this data and as a client company of the Jooxter service, it is your sole responsibility to comply with the applicable legal provisions and to obtain any prior authorizations.
Personal data and their processing
The personal data present and processed in Jooxter comes from three distinct sources:
- In order to ensure the smooth operation of Jooxter, you will be required to provide us with personal data about your employees: a list of users with their personal and business information.
- By using Jooxter, your employees will generate usage data, which can be assimilated to personal data.
- Your employees may be required to communicate personal data from outside the company, including the names of external guests at meetings. When they provide the personal data of others, it is their responsibility to first ensure that they had their permission to do so.
| Type of personal data | Why do we use them? | Legal basis |
| Identity (Name, business e-mail address, language, phone, profile picture) | Allow personal and authenticated access. Only employees authorized by the client company can use Jooxter. The use of the name and e-mail address guarantees personal and authenticated access for each employee. | We need this information to provide you with these services. This is part of our contract with you. |
| Identify the space reserve. The identity of the user is attached to all of his reservations to avoid any abusive use of the spaces. | We need this information to provide you with these services. This is part of our contract with you. | |
| Allow users to be invited to events. When making a reservation, the user has the possibility to invite other employees to an event. To do so, he performs a person search based on the name or email address of the user to be invited. | We need this information to provide you with these services. This is part of our contract with you. | |
| Notify the user. We need to be able to notify the end user by various means of communication when using Jooxter: account creation, invitation/creation/modification/deletion of a reservation for example. | Legitimate interests. In concrete terms, this is a necessary use of your data (balanced with your rights) so that we can provide you with services. | |
| Employee profile data (Company code, assignment building, user group, department, profile, rights) | Filter accessible spaces and environments. Employees can have different access and visibility authorizations according to their profile, department or user group. This information is therefore necessary to carry out this segmentation. | We need this information to provide you with these services. This is part of our contract with you. |
| Assign management rights to the spaces. Some collaborators will benefit from advanced user rights, to supervise the use of one or more spaces or collaborators. | We need this information to provide you with these services. This is part of our contract with you. | |
| Booking data (Reservation, reservation beneficiary, guests) | Determine the availability of space. All reservations made by employees are used by Jooxter to determine space availability. | We need this information to provide you with these services. This is part of our contract with you. |
| Facilitate the modification of reservations. Each reservation is attached to one or more users so that they can view, confirm, modify or cancel it if necessary. | We need this information to provide you with these services. This is part of our contract with you. | |
| Allow space management. Space managers need to identify the people who have reserved space to carry out their work of monitoring and arbitrating the use of space. | We need this information to provide you with these services. This is part of our contract with you. | |
| Approximate location information (reservation information, iBeacon detection) | Search for a colleague via the reservation data. Users belonging to the same collaborator group can search for their colleagues using the location of their current reservation. | We need this information to provide you with these services. This is part of our contract with you. |
| Search for a colleague via the provided status. Users belonging to the same collaborator group can search for their colleagues using the status they have freely declared. | We need this information to provide you with these services. This is part of our contract with you. | |
| Provide local services. If activated by the user, indoor location via iBeacon allows the user to position himself on the floor plan of the building, and to visualize nearby spaces. | End-user consent via activation of the "Location" function from the Jooxter mobile application. | |
| Search for a colleague via internal location. Users belonging to the same collaborator group can search for their colleagues using their last internal location, if the searched user has activated it. The location calculated with iBeacons is only stored for 30 minutes, after this time it is impossible to access the past location of the collaborators. | End-user consent via activation of the "Location" function from the Jooxter mobile application. | |
| Usage information (search, booking, usage, IP address,) | Analyze the use of workspaces. In order to provide the site manager with a complete analysis of the use of his spaces, which is essential for the optimization of his environment, we process all the data related to the occupation in order to create a dynamic dashboard. | We need this information to provide you with these services. This is part of our contract with you. |
| Personalize the user experience. We collect information related to the use of our services to provide the end user with a better user experience: to maintain his authentication, search filters, preferences. | Legitimate interests. In concrete terms, this is a necessary use of your data (balanced with your rights) so that we can provide you with services. | |
| Ensure the quality and evolution of the solution. We analyze the usage data of our services to ensure the smooth running of the service and prepare future evolutions of the solution. | Legitimate interests. In concrete terms, this is a necessary use of your data (balanced with your rights) so that we can provide you with services. | |
To carry out the activities listed above, we work with service providers who meet the same high standards of data protection:
- Data hosting: we work with AWS, the market leader in the cloud, a platform known for its stability and security (detailed below).
- Data analysis: to analyse usage data and provide occupancy dashboards to our clients, we use the Power BI service provided by Microsoft, hosted in the European Union.
- Synchronization with the client's calendar: to guarantee the stability and quality of the synchronization between Jooxter and the client's calendar (Exchange / Google Calendar), we use the Cronofy solution that interfaces the calendar databases of both parties, guaranteeing end-to-end security.
- For more specific purposes, we may rely on third-party services, ensuring that they comply with EU regulations and Jooxter requirements. These service providers may not use your personal data for any purpose other than the specific service in question. In addition, we only provide them with the elements of your personal data that they actually need.
The authorities
- We may, for legal reasons, need to share some of your personal data with police, customs authorities, regulatory authorities or government and law enforcement agencies. If we are required to share such data, we will notify you as soon as possible. In such a case, it is the responsibility of the authorities to protect your information.
Data Retention
- Personal data in use is retained by default until the end of the contract between you and Jooxter, or until the end of a period defined by the customer, or at the request of the person concerned.
- Archived data will be deleted automatically 12 months after termination of the contract or at your request.
Security
The security of all data held by Jooxter is at the heart of our product development policy. Your employees' personal data is protected at the same level:
- We use the hosting solution from AWS, the world leader in the cloud, recognized for its security. The services we use provide us with the level of security required by law to process sensitive data, particularly banking and medical data (ISO 27001 / 27017 / 27018).
- Our databases are encrypted at rest in AES-256 and all data flows are encrypted in TLS 1.2.
- Our servers are automatically updated weekly to incorporate the latest security patches published.
By relying on the secure services of the world's leading hosting provider and using data encryption methods, we guarantee our customers a level of security that exceeds the requirements imposed by the criticality of the personal data processed by Jooxter.
Data stored within the European Union
- All data, whether personal or not, processed by Jooxter is hosted and replicated within the European Economic Area (EEA) in Ireland.
- This data, whether personal or not, never leaves the EEA, even when a third party (Jooxter's sub-contractor) has access to it.
The rights of your employees
Your employees have various rights in relation to the use of their personal data. We are at your disposal to facilitate the processing of any requests they may have concerning Jooxter: requests for information on the processing and viewing, modification or deletion of their personal data. In accordance with legal requirements, we will respond to these requests within 30 days.
Changes to our privacy policy
Future developments in our solution or its technical structure may lead us to change the way we use personal information. If so, we will update our Privacy Policy, which is described in this document. You can see the date of our last update at the top. If there are any significant changes, you will be notified in advance.