Version 1.1 — Effective Date: May 29, 2026
At Kannika, we believe in transparency, resilience, and respect — not just for your data infrastructure, but for your personal privacy as well. This Privacy Policy explains how we collect, use, and protect your information across our website and business operations.
Table of Contents
1. Who are we?
“We,” “us,” or “our” refers to CYMO NV, the legal entity behind Kannika.
Registered Office: Bellevue 1/101, 9050 Gent, Belgium
Company Number: BE 0741.578.163 (RPR Gent, Site Kortrijk)
Privacy Contact: privacy@kannika.io
Phone: +32(0) 474 07 92 43
While we do not have a dedicated Data Protection Officer (DPO), our privacy team is available at the email address above for any questions or requests.
2. How we handle your data
We process data based on specific legal grounds. Where we rely on Legitimate Interest, we have conducted a balancing test to ensure your privacy rights are respected.
A. Website Visitors
We collect technical data via cookies to ensure our site runs smoothly and to understand our audience.
Source of Data: Collected directly from your device via browser scripts.
Data We Collect: IP address (anonymized), device type, browser information, and pages visited.
Purpose: Website performance analysis and personalization.
Legal Basis: Consent (via Cookiebot).
B. Candidates & Applicants
We process candidate data to assess your fit for our team and maintain a talent pool for future opportunities.
Source of Data: Collected directly from you (CV/interview) or via professional platforms (e.g., LinkedIn).
Data We Collect: CV, contact details, academic/professional history, and interview notes.
Purpose: Talent evaluation and recruitment.
Legal Basis:
• Contractual Necessity: For open vacancies.
• Legitimate Interest: We retain summarized records (motivation, skills, interview reflections) to contact you for future relevant positions. We have balanced this against your rights and concluded it is necessary to maintain an efficient hiring pipeline, which benefits both Kannika and the candidate.
Retention: 2 years for non-hired summarized records.
C. B2B Customers & Partners
We process representative contact data to fulfill contracts and manage professional relationships.
Source of Data: Collected directly from you or shared by colleagues.
Data We Collect: Name, email, phone, company financial data.
Purpose: Contract fulfillment, billing, and relationship management.
Legal Basis: Contractual Necessity and Legitimate Interest. We process contact data of corporate representatives because it is essential for business continuity and relationship management; these interests outweigh the minimal privacy impact on professional contact details.
Retention: Up to 7 years after contract termination (in line with Belgian tax/accounting obligations).
D. Mandatory Data Provision
Contractual/Recruitment: If you do not provide requested contact/financial data, we may be unable to fulfill our service obligations or proceed with your candidacy.
Cookies/Marketing: Voluntary. Choosing not to provide this data will not affect your ability to use our website.
3. Your Rights & Consent Withdrawal
You have the right to access, rectify, erase, or object to the processing of your data.
Withdrawing Consent: If you have provided consent (e.g., for cookies or newsletters), you may withdraw it at any time by contacting us at privacy@kannika.io or using the “Cookie Settings” link in our footer.
Consequences of Withdrawal: If you withdraw consent, we will immediately cease the specific processing activity. Note that this does not affect the lawfulness of any processing performed prior to your withdrawal. If you withdraw consent for essential services (like newsletter delivery), you will no longer receive those services.
4. Automated Decision-Making & Profiling
We do not use automated individual decision-making or profiling. All decisions regarding recruitment, sales, or service provision are made by human staff to ensure accuracy and personal consideration.
5. Data Transfers & Security
We strive to keep data within the EEA. When we use service providers (e.g., Google) that process data in the US, we rely on Standard Contractual Clauses (SCCs) to ensure an equivalent level of protection. Our security measures are consistent with ISO 27001 standards, including encryption and strict access controls.
6. Filing a Complaint
If you have concerns, please contact us first. You also have the right to lodge a complaint with the Belgian Data Protection Authority (GBA):
Address: Drukpersstraat 35, 1000 Brussel
Website: www.gegevensbeschermingsautoriteit.be
7. Updates to this Policy
We may update this policy occasionally. Significant changes will be announced on our website.
