Last update: 05-10-2021 - 12:59:51
Privacy Notice for all our customers
We believe in making complex things simple. In that spirit, please find rea summary of our privacy notice and policy and what we do with the data we collect. To emphasize, everyone at Yucopia BV wholeheartedly respects the privacy of your and our own personal information.
Yucopia BV is a 100% Belgian company with headquarters in Duffel, Belgium. Yucopia’s team exist of very experienced industry expert in different expertises areas such as general management, software, processes, procurement and marketing. Yucopia is advised by a very experienced board of advisors (5 member) and supported bij VLAIO, StartIT KBC, Netwerk Ondernemen, VOKA, FIT and PMV.
In summary, we
1. Wholeheartedly believe in the maximum protection of personal information and the fundamental concept of privacy.
2. Will only collect the bare minimum of your data for us to survive as a business.
3. Strive to be fully transparent with you, the customer, and the regulators when it comes to cyber-attacks and or intrusion attempts on our business.
4. Take all possible and sensible measures to protect the confidentiality and integrity of your personal information
5. Do rely on third parties for things like managing customer interaction and are striving to ensure that they share the same beliefs and principles around privacy and protection of data.
6. Do not directly sell or trade in your personal information. FULL Stop. We will, as part of a transaction, share your information with our partners/preferred suppliers (these partners/preferred suppliers may/can contact you for commercial purposes).
What information we collect
As a minimum we ask that you share with us your:
• First name, last name and or middle name
• Corporate email (to set up your account).
• Personal email (to set you up to use Yucopia as a private user)
• Your mobile and or contact number.
So that we may get in touch and discuss, because sometimes a personal touch makes the difference.
• The number of employees your company has so we can guide you in the procurement process in a more personal way.
• Your company adress.
In addition, to help us target and better meet your requirements, it helps if you provide us with your:
• Delivery address
Exceptional, in case of fuel card applications for natural persons (NP), we request a
• Copy of your ID Card
• Copy of a utility invoice
to check if domicile and provided locations details are correct. This is requested by our supplier Esso and is standard procedure for every NP request in every country. Once the request is approved or declined, these documents are deleted according to the GDPR 3.0 regulations (the right to be forgotten).
We do NOT collect and DO NOT require the following from you:
• Sexual orientation or Gender
• Health or fitness
• Political views
• Family data
Why do we need your information?
Background: As a service-oriented business we do not manufacture any product. We are constantly striving to enlarge your buying power by searching for innovative ways to facilitate your buying process.
However, to be able to survive as a business we need to get our platform and suppliers products in front of you. As a small business we cannot afford the exorbitant costs of constant advertising on Google Ads for example. Hence, we must collect and retain data from you so we may keep you informed and updated about our next great promotions, group purchases or buying opportunities.
We need some data from you so that we can:
• Inform you and keep you updated on
o Preferred suppliers’ products
o Attractive promotional campaigns
o User and/or Yucopia triggered Group purchase campaigns
• Share with you
o Information on partners/ preferred suppliers.
o Information on promotions only available for Yucopia members
o Best prices for all your purchases.
What else we DO with your information
Background: Product vendors often develop cutting edge technology and, in many instances, also employ seasoned experts in their respective fields.
• So, when we introduce these experts and technology to you, we are often only empowered to do so by using all available data provided by yourself.
• We share the following data: Name, last name, email, company, country.
What we DO NOT Do with your information
1. We do not directly SELL or trade in your personal information with any person or persons or commercial organization with exception of our partners and preferred suppliers.
2. We do not sell or share your information to any vendor not stated as partner or preferred supplier.
Our third parties and your information
So, right now, we have no major control over what third parties do with the information we provide them. However, we are in the middle of making all the right noises, reviewing, and tightening our contracts with all our partners/preferred suppliers so that we do our best to ensure that the third parties are observing the same principles as us.
Who are your partners
We have partnerships with several product and/or service providers. A top 10 list, with a link to their website, is provided in your personal dashboard.
However, to reveal all our partners would be, as the SCOTS, would say, “lifting our kilt”! - However, If any additional information is needed on one or more of our partners/ preferred suppliers, these will be provided after a simple call with Yucopia.
How do you protect my Data?
At best, it would be naive for us to declare that your data is 100% safe from cyber criminals. 100% percent security is a fallacy.
We take several precautions to ensure your data is not subject to unauthorized access. Some of the steps we take include, but are not limited to:
• Encrypting, where possible, your personal information when it is NOT being transmitted (at rest).
• Encrypting your data during transmission.
• Ensuring our staff are constantly made aware of their responsibilities towards protecting your personal information.
• We believe in transparency and are always prepared to own up when things go wrong. We will keep you and the regulators posted when things go wrong and let you know what we did to recover from such incidents.
How Do You Process My Data?
We primarily rely on the Microsoft Azure Servers, located in Amsterdam, to host and process your personal information. This approach allows for a far more efficient method to control (issue, take-away) access for our employees and third parties. We have a very extensive SLA with Microsoft to ensure al measures are taken to safeguard and encrypt all collected data.
So, yes, Microsoft Azure is our primary data processor. The Yucopia platform is our other primary data processor.
How Do You Obtain My Data?
We use multiple methods of obtaining your data including:
• Forms on https://my.yucopia.com and any subdomains on this website.
• LinkedIn - we, like you, use LinkedIn.
How long do we keep your information
Based on our experience we have deemed it necessary to retain your data for 24 months after which we will reach out to confirm your intentions. You will always have the ability to opt-out at any time.
How do you dispose of my data?
We primarily rely on Microsoft Azure and the Yucopia platform to host your data. To that extent, we rely on those parties to ensure that they:
• Remove your data when we hit the “delete” or remove button.
• Allocate your data in the “Do not Email” bucket when you unsubscribe from our Notification lists.
When I invoke “Forget me” what do you do?
Hmmm - This is a vicious cycle (surely it is). For us to truly forget you, we must remove all instances of your records in all our databases. You may want to check if we have done so. Herein lies the contradiction, if a business deletes all evidence of you (your personal information) and your request to “Forget me” - then there is no available record that they held your data in the first place. If they maintain a record of your request, they could expose the very fact that you were associated with the business in some way. So if you want to be forgotten, and of course you have that right, you just have to send an email to Laura@yucopia.com and we’ll take care of the rest.
And we will never forget you, although that is exactly what the system will do.
Complete Transparency - when attackers succeed.
When discussing a data breach, it’s not a matter of IF but WHEN a business is attacked and compromised. To that extent, we believe in being fully transparent with you and any other regulators.
We are constantly on the lookout for criminal activity on our networks and systems. When discovered we invoke our cyber incident response plan and take the necessary steps to either stop the ongoing attack and or take sensible response measures to mitigate the impact to you and our business.
We organize a penetration test, that is like paying hackers to try to hack u, minimum once a year. The last pentest was conducted in Feb 2021 and was completed successfully. For us, not for the paid hackers.
Yes. As most business we strive to offer you the best experience when you are on our website. We use the following cookies, from the following partner websites
• More detailed information on cookies will be here soon.
This website is owned and operated by Yucopia BV. We are registered in Belgium under registration number BE0712918227, and our registered office is at Walemstraat 72B, 2570 Duffel, Belgium.
Our principal place of business is at the same location. You can contact us by writing to the business address given above, by using our website contact form, by email to Laura@yucopia.com or by calling our Yucopia hotline on +32472413509.
Anyway, when in doubt, here is rule number one: stay calm, don’t hesitate, and call or email us.
Ok, 3 rules it is…