Privacy Statement Goin’
We are Goin’. We offer an application(including a mobile app) (the “App“) to higher education institutions, which allows their students and potential students (each a “student”) to connect with each other in a meaningful manner and to get access to relevant information about student life.
When you use Goin’, you are entrusting us with your information (personal data). We understand this is a big responsibility and work hard to protect your data. This Privacy Statement is meant to help you understand what personal data we collect, why we collect it, and what your rights are under applicable laws.
Goin’ is established in Utrecht, the Netherlands and is registered in the Dutch Chamber of Commerce(Kamer van Koophandel) under number 81086695. You can find our contact details at the bottom of this Privacy Statement.
1. Our processing activities
In this section we explain what types of personal data we collect and for what purposes, as well as from whom we receive what personal data.
1.1 Creating your profile in the App
You can create an account in the App by using the access details (e.g. activation link) we provide to you. These access details are linked to your higher education institution.
You can start creating an account by using a social media login or an email login. If you use your social media login, the relevant social media will share basic information (usually only your email address) with us so that you can use their login.
After you log in, you are asked to create your own profile in the App.
If your higher education institution uses a single-sign-on service (a login option specifically for that institution) some details will be prefilled out in your account on the basis of information the institution has about you. Such as your name, email address, date of birth, city of origin, campus, degree and study (discipline and year). Some of these details cannot be altered, if your institution decides to keep them unaltered.
If your personal data are not prefilled, you will be asked to add details to your profile, including your name, email address, password, date of birth, interests, city of origin, gender (as applicable), country of origin, and what type of degree you will study, a profile picture and some back ground information about you. You must fill out this information to be able to use the App as this allows students to interact with each other in a meaningful manner, e.g. to search for other students that are from the same country or city.
We do not track your location but show the city you are from on a map, based on the information that you have filled out or was prefilled by your institution.
After you have filled in the details, you can choose to add additional information to your profile. To add certain content, you may have to allow us to access your camera or photo album. Of course, the decision on which extra content to add is completely up to you. If you do not wish to share more information about yourself, you are not required to do so in order to use our services.
We encourage you not to share sensitive data in the app, e.g. your racial or ethnic origin, sexual orientation or information about your sex life and/or religious beliefs. Sensitive data is not required to use the App. However, if you do choose to share such data, this is regarded as a voluntary publication of your sensitive data.
We may use your personal data to verify your compliance with the terms of service.
1.2 Connecting and communicating with other users
After you have made a profile, other students will be able to see your basic details in the App, e.g. your name, country and city you are from and your study. Other students will be able to see your full profile and can exchange chat messages with you, after you have accepted their connection request. You can block other users if you do not wish to connect with them.
You can view and post messages, including pictures and videos in groups in the App and also share direct messages with other students whom you are connected with. This way, student scan inform each other about their experiences, interesting events and other relevant information about life as a student.
If you find certain content in the App inappropriate, you can flag this content and you can also flag students you are connected with.
1.3 Content management / moderating
To ensure a safe and healthy community within the App, we may moderate content that is added to the App. We may do this if we flag inappropriate content or if a student does so.
An institution may also ask us to remove a certain student from the App, e.g. because they are no longer enlisted at the institution.
1.4 Communicating with you
We can use your contact details to interact with you directly. For example, we may send you a notification about new functionality in the App or to let you know you have unread messages or connection requests. Or we may notify you about changes in this Privacy Statement.
1.5 Access by higher education institution
Higher education institutions have their own administrator account for the App. We use the relevant administrator’s personal data (log in details, usage details) to offer the administrator account to the higher education institutions, to verify their access to the administrator account and verify their compliance with the terms of service.
Higher education institutions can use a dashboard that shows them aggregated information about their students using the App, e.g. how many students are from a certain country, how many apply for a certain study and how likely it is that they will apply for a study.
For some Higher Education Institutes the dashboard also shows personal data about the students such as name, email address, country of origin, account status, likelihood they will apply (“Goin’ score“) and number of other connections their students have. As a standard this option is not enabled for Higher Education Institutes, but they can request this option to be enabled. The institutions use the information in the dashboard for their own purposes, we process those personal data as a processor. Please see the relevant institution’s privacy statement for more information about their data processing activities. The institution will generally use the personal data in the dashboard to contact you (by email) about applying for a study there.
1.6 Analyzing the use(rs) of the app
We also process your data to ensure the App is working as intended and to understand how the App is used.
We may do this by asking you to rate us. Your answers will be disconnected from you profile and anonymized. We use ratings you provide us with to ensure our services are working as intended and to understand how our services are used.
We will also aggregate usage data to get insight into how the App is being used, for example, frequency and duration of your use of the App.
1.7 Ensuring the safety of our infrastructure and technical resources and the safety of your account
Goin’ makes every effort to ensure that the risks of fraudulent access to Goin’s system are minimized. To this extent, Goin’ uses your personal data to detect prevent and respond to fraud, abuse, security risks, and technical issues.
1.9 Complying with legal disclosure requests
We may become obliged to comply with a legal obligation imposed upon us which obliges us to disclose your personal data. We will try to minimize such disclosure to only that which is reasonably necessary to comply with the legal obligation and, where legally permitted to provide you with notice of such disclosure.
2. Legal grounds
In this section we explain the legal grounds on the basis of which we process your personal data.
The legal grounds for processing your personal data are:
3. Processors and third parties
In this section, we explain with which third parties we share your personal data.
We work with service providers who process your personal data on our behalf, including a hosting provider who stores the data, email providers who handle email communications, a chat hosting provider, and a software development company. As indicated above, we also share limited personal data with your institution and may be required to share personal data with other third parties, such as government institutions.
Our service providers store your data within the European Economic Area (EEA). However, some providers, such as our software development service provider in Serbia and others, may have remote access to data from third countries. For instance, even though our email sending services store data in the EEA, they are subject to U.S. legislation, which could allow access to data from the U.S. or other third countries.
We recognize that access from third countries constitutes a data transfer under the GDPR. To ensure compliance with GDPR, we have implemented appropriate safeguards, such as concluding Standard Contractual Clauses (SCCs) with these providers, which legally bind them to maintain an adequate level of protection for your personal data. Additionally, we have conducted a transfer impact assessment to evaluate and address the risks of third-country access, including potential government access under applicable laws.
4. For how long do we store your personal data?
In this section we explain how long we store your personal data.
The students’ data in the App are, by default, stored for a period of five years after the last login. If you have received access details to access the App but have not registered for an account in the App, your basic details (e.g. name, email address) will be removed from our system after a certain period, which period can be specified by the institution.
The administrators’ data are stored for as long as the administrator works for the higher education institution and uses the App and a period of 2 years after the administrator has left the institution’s service.
5. What are your rights?
In this section we explain what your rights are under the GDPR.
We find it important that you are aware of your rights and how to use them. Under the General Data Protection Regulation (GDPR) you have several rights. In summary, those include rights to:
These rights are not absolute, in some cases we have the right to not comply with your request. We will respond to your GDPR request within the applicable timeframes.
If you have a complaint about the way in which we handle your personal data, we will be happy to resolve it with you, please contact us using the contact details below.
You also have, at any time, the right to lodge a complaint with the relevant authority, for the Netherlands this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
6. Contact
If you have any questions or if you would like to exercise any of the mentioned rights, please contact us using our contact details below and provide us with enough information to identify you. Also, let us know the information to which your request relates.
Company name: Goin’ B.V.
Email address: info@goinconnect.com
7. Alterations of this Privacy Statement
We may have to update this Privacy Statement from time to time. In case of important changes, we will notify you thereof, for example through a notification in the App.
Date: 25 September 2023