PRIVACY NOTICE

ROOM 3D COMMUNICATIONS SA (ROOM 3D)

FAIR PROCESSING NOTICES

  1. CLIENTS/USERS

    1.1 APPROPRIATE COMMUNICATION CHANNELS: ROOM 3D's website, through a clear link (e.g., 'Privacy notice') accessible from the homepage, and preferably from all pages.

    1.2 NOTICE CONTENTS:

    'ROOM 3D COMMUNICATIONS SA (14-16 avenue Pasteur L-2310 Luxembourg, ROOM 3D) collects and processes personal data on you if you (or your company, which you represent or for which you act as a contact person or user) are an actual, former or prospective client of ROOM 3D, or a user of ROOM 3D products and services.

    ROOM 3D acts as the controller of such processing and is committed to respecting your privacy and protecting your personal data in accordance with the law, in particular the EU General Data Protection Regulation 2016/679 (GDPR).

PROCESSING PURPOSES. The processing of your data is based on the following grounds:

PURPOSE OF PROCESSING & GDPR LEGAL BASIS

ROOM 3D processes your data:* to manage your or your company's subscription to our products and services and the onboarding process

The processing is necessary:

  • in order to take steps prior to entering into a contract with you or your company

  • for purposes of legitimate interests pursued by ROOM 3D (that is, client/prospect management)

  • to manage the delivery of products and services you or your company have ordered or use, to manage your use of such products and services, including payments and other transactions you make through our products and services, as well as for billing, accounting and administrative management purposes

    The processing is necessary:

    • for the performance of a contract with you or your company
    • to comply with legal obligations to which ROOM 3D is subject
    • for purposes of legitimate interests pursued by ROOM 3D (that is, product/service delivery and improvement, client and user transactions and management

  • for marketing (including client relationship management, subscription to newsletter, alerts and marketing materials, social media, communities and event management), business intelligence and product/services improvement purposes

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, marketing, business intelligence and product/services improvement)

  • to manage and analyse your interactions with our website and products (see cookie policy) The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, business intelligence, product and website management and improvement) In exceptional cases, ROOM 3D may need your consent for certain processing operations (which is not the case for the processing purposes detailed above). In such case, ROOM 3D will ask for your consent separately.

DATA CATEGORIES. In addition to the information you have communicated to ROOM 3D directly or through your company, ROOM 3D may collect and process the following categories of personal data:

  • identity/details (contact person, company, phone, email, address, social media details, personal interests),
  • account details (subscription details, subscribed options/products/services), credentials (login, password, security data, OTP), account profile (license/account type, profile picture and details, contact list),
  • products/services data (information provided through online form, products/services ordered/used, communications contents, whiteboard contents, pictures/text/files shared by users, chat, audio/videos recordings, clickstream data),
  • technical data (user account details, email, browser/devices/applications used, issue description by user, technical measures/recommendations, user follow up, technical support query status),
  • user interactions with products/services, use of product, server logfiles, identifiers (user name, IP address, email address, connection logfiles, cookies),
  • newsletter subscription form/details, social media user subscriptions, and
  • if you take part in events organised by ROOM 3D: invitees lists, significant other, event management data (no shows, venue, catering/food allergies where specified by you), photos/videos. Where you provide personal data on third-parties (whether your employees, users or relatives) to ROOM 3D you should make sure you have informed them accordingly.

DATA RECIPIENTS. ROOM 3D may share your data with affiliated or third-party service providers as necessary to deliver the products/services to you and other purposes listed above, as well as to competent local authorities (tax authorities, regulators, law enforcement agencies), external auditors, payment providers, banks and, where applicable (events) communication agencies and event management providers (venue, catering, security).

DATA TRANSFERS OUTSIDE THE EU/EEA. ROOM 3D may transfer your personal data outside of the EU/EEA, including to countries which do not have a similar level of protection of personal data as the EU. In such case, and in accordance with GDPR, data transfers will:

  • be limited to what is necessary to perform the contract with you, or conclude a contract with a third-party in your interest, or
  • be justified by the establishment, exercise or defence of legal claims, or
  • if appropriate, be covered by appropriate safeguards, such as entering into EC approved standard contractual clauses, or
  • in exceptional cases, take place with your consent. In such case, ROOM 3D will ask for your consent separately.

DATA RETENTION. ROOM 3D will retain your personal data for as long as required to deliver the products/services you or your company have ordered or use, and/or for the mandatory retention duration set forth by applicable law (up to 10 years after the termination of our relation for certain accounting and contractual data).

YOUR STATUTORY RIGHTS. You have certain rights concerning your personal data under GDPR as mentioned below, and can exercise them by contacting ROOM 3D at dataprotection@tmrw.com.

  • Right to information. If you are a client-related third party (e.g., an employee of a corporate client), ROOM 3D may not have your current details and thus cannot contact you conveniently and in confidentiality. You can find updated information on ROOM 3D's processing of your data at any time on this website https://room3d.com/privacypolicy, or by contacting ROOM 3D at dataprotection@tmrw.com.

  • Access right. You have the right to access your personal data. ROOM 3D processes a large quantity of information, and can thus request, in accordance with GDPR, that before the information is delivered, you specify the information or processing activities to which your request relates.* Right to rectification. You can ask ROOM 3D to rectify, correct or update inaccurate and/or incorrect data.

  • Other rights. In certain limited cases (in which case ROOM 3D will first analyse whether the conditions for the exercise of such rights are fulfilled, in line with GDPR), you may object to, or request the limitation of, the processing of your personal data, or request the erasure or portability of your personal data. Where ROOM 3D asked for your consent to a specific processing, you have the right to withdraw such consent at any time (for future processing). You should note that the law authorizes ROOM 3D to retain and continue processing certain personal data, even where you have exercised your rights to object or erasure or -if applicable- withdrawn your consent: this is the case in particular where ROOM 3D has legitimate and compelling reasons for continuing the processing, such as compliance with applicable law. Finally, you can contact the Luxembourg data protection authority (Commission nationale pour la protection des donnees) to introduce a claim. https://cnpd.public.lu/en.html.Contact. You can contact ROOM 3D's Data Protection team here:

    ROOM 3D Communications S.A.

    14-16 avenue Pasteur L-2310 Luxembourg

    Email: dataprotection@tmrw.com

2. EXTERNAL STAFF/CONSULTANTS

2.1 APPROPRIATE COMMUNICATION CHANNELS: ROOM 3D's intranet (if any, and if concerned data subjects have access thereto) or website, through a clear link (e.g., 'Privacy notice') accessible from the homepage, and preferably from all pages.

2.2 NOTICE CONTENTS:

“ROOM 3D COMMUNICATIONS SA (14-16 avenue Pasteur L-2310 Luxembourg, ROOM 3D) collects and processes personal data on you if you (or your company) are an actual, former or prospective supplier of ROOM 3D.

ROOM 3D acts as the controller of such processing and is committed to respecting your privacy and protecting your personal data in accordance with the law, in particular the EU General Data Protection Regulation 2016/679 (GDPR).

If you are detached to ROOM 3D, please also refer to the Privacy Notice concerning ROOM 3D's employees as some of processing operations detailed therein might also apply to your personal data.

PROCESSING PURPOSES. The processing of your data is based on the following grounds:

PURPOSE OF PROCESSING & GDPR LEGAL BASIS

ROOM 3D processes your data:* to manage the contractual relation with you or your company, the services you deliver, as well as for billing, payment and accounting purpose The processing is necessary: * in order to take steps prior to entering into a contract with you or your company, or to perform such contract * for purposes of legitimate interests pursued by ROOM 3D (that is, supplier management)

  • to comply with legal obligations to which ROOM 3D is subject

  • for supplier onboarding purposes, including granting you access to ROOM 3D's IT systems as applicable

    The processing is necessary:

    • in order to perform a contract with you or your company
    • for purposes of legitimate interests pursued by ROOM 3D (that is, supplier management, IT systems and security management)

  • for communication and marketing purposes

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, communications and marketing)

In exceptional cases, ROOM 3D may need your consent for certain processing operations (which is not the case for the processing purposes detailed above). In such case, ROOM 3D will ask for your consent separately.

DATA CATEGORIES. In addition to the information you have communicated to ROOM 3D directly or through your company, ROOM 3D may collect and process the following categories of personal data:

  • identity/details (name, contact details),
  • work done, tariffs/expenses, time spent, bank details, invoice payment status,
  • pictures, photos, videos, articles, contributions, and
  • if you take part in events organised by ROOM 3D: invitees lists, significant other, event management data (no shows, venue, catering/food allergies where specified by you), photos/videos.

Where you provide personal data on third-parties (whether your employees, users or relatives) to ROOM 3D you should make sure you have informed them accordingly.

DATA RECIPIENTS. ROOM 3D may share your data with affiliated or third-party service providers as necessary to receive and use the products/services you deliver and other purposes listed above, as well as to your company, competent local authorities (tax authorities, regulators, law enforcement agencies), external auditors, payment providers, banks and, where applicable (events) communication agencies and event management providers (venue, catering, security).

DATA TRANSFERS OUTSIDE THE EU/EEA. ROOM 3D may transfer your personal data outside the EU/EEA, including to countries which do not have a similar level of protection of personal data as the EU. In such case, and in accordance with GDPR, data transfers will:

  • be limited to what is necessary to perform the contract with you, or conclude a contract with a third-party in your interest, or
  • be justified by the establishment, exercise or defence of legal claims, or
  • if appropriate, be covered by appropriate safeguards, such as entering into EC approved standard contractual clauses, or
  • in exceptional cases, take place with your consent. In such case, ROOM 3D will ask for your consent separately.

DATA RETENTION. ROOM 3D will retain your personal data for as long as required to manage the products/services you or your company provide to ROOM 3D and related payments, and/or for the mandatory retention duration set forth by applicable law (up to 10 years after the termination of our relation for certain accounting and contractual data).

YOUR STATUTORY RIGHTS. You have certain rights concerning your personal data under GDPR as mentioned below, and can exercise them by contacting ROOM 3D at dataprotection@tmrw.com.

  • Right to information. If you are a supplier-related third party (e.g., an employee of a supplier of ROOM 3D), ROOM 3D may not have your current details and thus cannot contact you conveniently and in confidentiality. You can find updated information on ROOM 3D's processing of your data at any time on this website https://room3d.com/privacypolicy, or by contacting ROOM 3D at dataprotection@tmrw.com.
  • Access right. You have the right to access your personal data. ROOM 3D processes a large quantity of information, and can thus request, in accordance with GDPR, that before the information is delivered, you specify the information or processing activities to which your request relates.* Right to rectification. You can ask ROOM 3D to rectify, correct or update inaccurate and/or incorrect data.
  • Other rights. In certain limited cases (in which case ROOM 3D will first analyse whether the conditions for the exercise of such rights are fulfilled, in line with GDPR), you may object to, or request the limitation of, the processing of your personal data, or request the erasure or portability of your personal data. Where ROOM 3D asked for your consent to a specific processing, you have the right to withdraw such consent at any time (for future processing). You should note that the law authorizes ROOM 3D to retain and continue processing certain personal data, even where you have exercised your rights to object or erasure or -if applicable- withdrawn your consent: this is the case in particular where ROOM 3D has legitimate and compelling reasons for continuing the processing, such as compliance with applicable law. Finally, you can contact the Luxembourg data protection authority (Commission nationale pour la protection des donnees) to introduce a claim. https://cnpd.public.lu/en.html/

Contact. You can contact ROOM 3D's Data Protection team here:

ROOM 3D Communications S.A.

14-16 avenue Pasteur L-2310 Luxembourg

Email: dataprotection@tmrw.com

3. JOB APPLICANTS, EMPLOYEES, EXTERNAL STAFF/CONSULTANTS

3.1 APPROPRIATE COMMUNICATION CHANNELS: ROOM 3D's intranet (if any, and if concerned data subjects have access thereto) or website, through a clear link (e.g., 'Privacy notice') accessible from the homepage. It is not recommended adding this notice in the employment or service contract as (i) this is not required or useful, and (ii) the contents of the notice are prone to change.

3.2 NOTICE CONTENTS:

ROOM 3D COMMUNICATIONS SA (14-16 avenue Pasteur L-2310 Luxembourg, ROOM 3D) collects and processes personal data on you when you apply for a job with ROOM 3D, or if you are an actual, former or prospective employee or external staff of ROOM 3D.

ROOM 3D acts as the controller of such processing and is committed to respecting your privacy and protecting your personal data in accordance with the law, in particular the EU General Data Protection Regulation 2016/679 (GDPR).

If you are detached to ROOM 3D as a consultant or external staff, please also refer to the Privacy Notice concerning ROOM 3D's suppliers as some of processing operations detailed therein might also apply to your personal data.

PROCESSING PURPOSES. The processing of your data is based on the following grounds:

PURPOSE OF PROCESSING & GDPR LEGAL BASIS

ROOM 3D processes your data:1. FOR JOB APPLICANTS:

  • to review job applications and manage recruitments

    The processing is necessary:

    • in order to take steps prior to entering into a contract with you
    • for purposes of legitimate interests pursued by ROOM 3D (that is, HR management)
  1. FOR EMPLOYEES, INTERNS, EXTERNAL STAFF/CONSULTANTS:

  • as required by law (labour, tax, social, corporate, sanitary -e.g., COVID-19 mandatory checks- or other) and make legally required filings or reporting to authorities

    The processing is necessary:

    • to comply with legal obligations to which ROOM 3D is subject

  • to manage staff onboarding, payroll management, process payments and expenses, benefits management

    The processing is necessary:

    • for the performance of a contract with you or your company
    • to comply with legal obligations to which ROOM 3D is subject

  • for usual human resources management purposes (including employment, service or consultancy contract management and performance, appraisals performance reviews, training, background checks, discipline, investigations, security, emergency contacts, contingency plans, career development, absence/sickness leave, working time, project management, budgeting and financial forecasting and record-keeping purposes), to ensure the security of ROOM 3D's assets, the continuity of activities and, in general, administer ROOM 3D's business The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, HR, asset security, activities and business management)
    • to comply with legal obligations to which ROOM 3D is subject

  • for timekeeping, billing and invoicing

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, financial management)
    • to comply with legal obligations to which ROOM 3D is subject

  • for physical security (badge issuance and management, access restrictions)

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, premises, asset and information protection)

  • for IT management (IT licenses and accounts management, contacts/agenda management, collaborative tools, visio, chatrooms, file storage), electronic communications management (corporate email, mobile phones, telephony and connectivity) and related monitoring and investigations

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, IT and asset management and protection)

  • for internal communications and marketing purposes

    The processing is necessary:

    • for purposes of legitimate interests pursued by ROOM 3D (that is, internal communications and marketing)

DATA CATEGORIES. In addition to the information you have communicated to ROOM 3D directly (or, for external staff/consultants, through your company), ROOM 3D may collect and process the following categories of personal data:

  • for job applicants: identity (first/last name), contact details (address, phone, email, professional social media profiles), professional details (CV, experience, training, references, licenses, certifications, portfolios), tests, appraisals, role play video recordings, background checks (former employers, schools/universities), sanctions list research, interview notes, assessment, final decision, residence certificate, work permit, email correspondence with you, non-disclosure agreements, disclosures re. conflicts of interest, salary/benefits and professional expectations;

  • for employees and (where applicable) external staff/consultants: identity (first/last name, social security number/affiliation details, ID/passport, address, phone, email), personal details (next of kin, emergency contacts, date of birth, nationality, civil status, household composition, personal interests), professional details (licenses, certifications), position (service, job description, position/professional profile, seniority, reporting lines, business cards, hiring/termination date), internal employee number, salary, benefits (additional health insurance), financial data and bank details (IBAN), criminal record, residence certificate, visas, work permit, medical certificates, sickness/absence periods, occupational accidents files/reports, workplace/job description adaptation (workplace and equipment preferences), including for disabled employees or employees with particular conditions, food allergies /preferences (internal events organisation), personal leave, parking allocation as applicable, payroll management (tax details, withholdings, tax card, deductions), presence/absence/working time management, time/job allocation, overtime work), attestations (work certificates), professional travel/venue arrangements, expenses (vouchers), employment contract details, disciplinary file, photo, appraisal interview notes and feedback, training followed (contents, certificates, presence, test results), training requests, training or HR-related interviews, feedback on employees, promotions/change, IT account details (internal number, name, account login, passwords, email, phone, address, function, office, department, reporting line/subordinates, professional groups, user profile/access rights, IT user profile, access rights, corporate equipment/allocation, Outlook profile, emails, contacts, tasks, calendar, documents, Teams profile/logs/chats/visio data, access/logfiles, user interactions, IT traces, date/hour of connection, interactions with applications, IP addresses, license management data, software applications or paying/license-based web applications, license rights, account credentials, use logs and related monitoring and investigations results) and project management data (task allocation/completion/priority, assignor/assignee, work log).

    Where you provide personal data on third-parties (including your relatives) to ROOM 3D you should make sure you have informed them accordingly.

DATA RECIPIENTS. ROOM 3D may share your data with affiliated or third-party service providers as necessary to achieve the above listed purposes, as well as to your company (for external staff/consultants), competent local authorities (tax authorities, regulators, law enforcement agencies), external auditors, payment providers, banks and, where applicable (events) communication agencies and event management providers (venue, catering, security).

DATA TRANSFERS OUTSIDE THE EU/EEA. ROOM 3D may transfer your personal data outside the EU/EEA, including to countries which do not have a similar level of protection of personal data as the EU. In such case, and in accordance with GDPR, data transfers will:

  • be limited to what is necessary to perform the contract with you, or conclude a contract with a third-party in your interest, or
  • be justified by the establishment, exercise or defence of legal claims, or
  • if appropriate, be covered by appropriate safeguards, such as entering into EC approved standard contractual clauses, or
  • in exceptional cases, take place with your consent. In such case, ROOM 3D will ask for your consent separately.

DATA RETENTION.* For job applicants: ROOM 3D will retain your personal data as long as necessary for the hiring process and, if your application is not retained, for up to 2 years as we might have other positions matching your profile, unless you object to such retention by email to your usual HR contact at ROOM 3D or to dataprotection@tmrw.com.

  • For employees and external staff/consultants: ROOM 3D will retain your personal data for as long as required to manage the employment relation or the business relation with you or your company, and/or for the mandatory retention duration set forth by applicable law (up to 10 years after the termination of our relation for certain accounting and contractual data).

YOUR STATUTORY RIGHTS. You have certain rights concerning your personal data under GDPR as mentioned below, and can exercise them by contacting ROOM 3D at dataprotection@tmrw.com.

  • Right to information. If you are a supplier-related third party (e.g., an employee of a supplier of ROOM 3D), ROOM 3D may not have your current details and thus cannot contact you conveniently and in confidentiality. You can find updated information on ROOM 3D's processing of your data at any time on this website https://room3d.com/privacypolicy, or by contacting ROOM 3D at dataprotection@tmrw.com.

  • Access right. You have the right to access your personal data. ROOM 3D processes a large quantity of information, and can thus request, in accordance with GDPR, that before the information is delivered, you specify the information or processing activities to which your request relates.* Right to rectification. You can ask ROOM 3D to rectify, correct or update inaccurate and/or incorrect data.

  • Other rights. In certain limited cases (in which case ROOM 3D will first analyse whether the conditions for the exercise of such rights are fulfilled, in line with GDPR), you may object to, or request the limitation of, the processing of your personal data, or request the erasure or portability of your personal data. Where ROOM 3D asked for your consent to a specific processing, you have the right to withdraw such consent at any time (for future processing). You should note that the law authorizes ROOM 3D to retain and continue processing certain personal data, even where you have exercised your rights to object or erasure or -if applicable- withdrawn your consent: this is the case in particular where ROOM 3D has legitimate and compelling reasons for continuing the processing, such as compliance with applicable law. Finally, you can contact the Luxembourg data protection authority (Commission nationale pour la protection des donnees) to introduce a claim..Contact. You can contact ROOM 3D's Data Protection team here:

    ROOM 3D Communications S.A.

    14-16 avenue Pasteur L-2310 Luxembourg

    Email: dataprotection@tmrw.com