Website background image

Data Processing Agreement

Last updated: August 31st, 2025

This Data Processing Agreement ("Data Processing Addendum" or "DPA") forms an integral part of the agreement ("Main Agreement") between:

Appoleon BV, located at Wildert 104, 2170 Antwerp, Belgium ("Processor" or "Adeptiq"),

and

the party using the Adeptiq platform as customer ("Controller" or "Customer").

The Main Agreement can be consulted on the website.


1. Subject

This DPA governs the processing of personal data by Adeptiq in the context of providing its services to the Customer, as specified in the Main Agreement. The DPA is drafted in accordance with the General Data Protection Regulation EU 2016/679 ("GDPR").


2. Roles

  • Customer acts as Controller.

  • Adeptiq acts as Processor, acting exclusively on behalf of the Customer.


3. Processing purposes

Adeptiq processes personal data only for the following purposes:

  • Importing, structuring and making CVs searchable

  • Management of candidate information by the Customer

  • AI-based matching, summaries and searches

  • Support, maintenance and security of the platform

The Processor will not use the personal data for its own purposes.


4. Categories of personal data and data subjects

Categories of personal data:

  • Name, contact details

  • Work experience, education, skills

  • CV text, cover letters

  • Tags, labels, notes added by the Customer

Categories of data subjects:

  • Candidates whose data has been imported by the Customer

  • Users of the platform (recruiters, employees of the Customer)


5. Duration of the processing

The processing lasts as long as the Customer has an active account with Adeptiq. After termination of the contract, the data is deleted as described in article 9 of this DPA.


6. Obligations of Adeptiq

Adeptiq commits to:

  • Process personal data only on instruction of the Customer

  • Treat personal data confidentially

  • Limit access to personnel bound by confidentiality

  • Take appropriate technical and organizational measures to protect personal data (art. 32 GDPR)

  • Assist the Customer with:

    • responding to requests from data subjects

    • reporting data breaches

    • conducting DPIAs

  • Immediately inform the Customer in case of suspected data breach or unlawful access


7. Sub-processors

The Customer hereby gives general consent for the engagement of sub-processors. A current list of sub-processors is made available upon request.

All sub-processors are contractually obligated to equivalent safeguards as in this DPA.

Current sub-processors are located in the European Union.


8. International transfer

Adeptiq processes all personal data within the European Economic Area (EEA). No transfer of personal data takes place outside the EU/EEA.


9. Deletion or return of data

After termination of the Main Agreement, Adeptiq deletes all customer data within 60 days.


10. Audits

Upon written request, the Customer may, maximum once per year, conduct or have conducted an audit, provided reasonable notice and without disruption of Adeptiq's operational functioning.


11. Liability

The liability of both parties with regard to this DPA is limited to the liability clauses as included in the Main Agreement.


12. Applicable law

This DPA is governed by and interpreted according to Belgian law. Any disputes fall under the exclusive jurisdiction of the courts of the district of Antwerp.


13. Contact

info@adeptiq.be