Donaki Partners Privacy Policy

Last updated: May 6, 2026

1. Introduction

This Privacy Policy explains how Donaki Partners collects, uses, stores, protects and, where applicable, transfers the personal data of people who use the Donaki Partners partner portal (hereinafter the “Portal”).

Donaki Partners is the space reserved for shops, merchants, administrators and professional representatives wishing to integrate Donaki services into their online store.

Donaki Partners attaches particular importance to the protection of privacy and undertakes to process personal data in compliance with applicable law, including Regulation (EU) 2016/679 (“GDPR”) and applicable Belgian legislation.

2. Official language

This Privacy Policy is originally written in French. Any translation into another language is provided for information purposes only.

In the event of any contradiction, difference of interpretation or ambiguity between the French version and a translated version, only the French version shall prevail.

3. Data controller

The data controller for personal data processed in connection with Donaki Partners is:

Scorpius XI srl
Company number (BCE): BE0652760906
VAT number: BE0652760906
Email: support@donaki.com
Contact page: https://partners.donaki.com/portal/contact-admin/

4. Data Protection Officer / privacy contact

For any question relating to the protection of personal data, you may contact:

privacy@donaki.com

This email address is the privacy contact point.

5. Personal data collected

5.1 Data required to create and manage the partner account

• email address;
• encrypted / hashed password;
• last name;
• first name;
• preferred language;
• internal partner identifier;
• account creation date;
• account status;

5.2 Data relating to the partner shop

• company or shop name;
• trade name;
• administrative email address;
• website or online store URL;
• shop category;
• country, region, city and professional address;
• shop logo;
• integration status;
• public or non-public status of the shop within the Donaki ecosystem;

5.3 Data related to technical integration

• partner identifier;
• integration token or key;
• plugin connection status;
• Donaki button detection status;
• date of the last detected click on the Donaki button;
• number of detected clicks on the Donaki button;
• technical information necessary to verify the proper functioning of the integration;
• technical logs and security data strictly necessary for the operation, protection and administration of the Portal.

5.4 Data related to billing and subscriptions

• selected plan;
• billing status;
• plan expiry or renewal date;
• free or paid status;
• information necessary for administrative subscription tracking.

When payment is made through an external payment provider, sensitive payment data, such as full bank card numbers, is not stored by Donaki Partners.

5.5 Data resulting from the use of the Portal

• actions performed in the Portal;
• support requests;
• messages sent via contact forms;
• notifications related to the partner account;
• data necessary for abuse prevention, security and technical diagnosis;

6. Purposes of processing

Personal data is processed for the following purposes:

• to allow the creation and management of the partner account;
• to authenticate users and secure access to the Portal;
• to allow the registration and management of a partner shop;
• to allow the technical integration of the Donaki button on the partner shop;
• to verify the proper functioning of the Donaki plugin or integration;
• to manage the validation, activation or suspension status of a partner;
• to manage subscriptions, plans, payments and billing statuses;
• to display certain public information relating to partner shops where necessary for the operation of the service;
• to ensure maintenance, security, abuse prevention, malfunction detection and protection of the Portal;
• to respond to support requests and partner questions;
• to comply with applicable legal obligations;

7. Legal bases for processing

Depending on the case, Donaki Partners processes personal data on the following legal bases:

• the performance of the services provided to the partner through the Portal;
• the performance of pre-contractual or contractual measures related to registration, integration or subscription;
• the legitimate interest of Donaki Partners in ensuring the proper functioning, security, administration, technical improvement and protection of the Portal;
• compliance with a legal obligation, particularly in accounting, tax or security matters;
• the user’s consent, when required for a specific feature;

8. Data visible in the Portal

The partner’s data may be visible in the Portal to authorized users linked to the partner account, as well as to Donaki Partners internal teams responsible for administration, support, security and maintenance.

Data visible in the Portal may include:

• shop name;
• shop URL;
• category;
• logo;
• integration status;
• billing status;
• information necessary for technical support;

9. Publicly visible data

Certain information relating to partner shops may be publicly visible when the shop is validated, active or integrated into the Donaki network.

The following may be made publicly visible:

• shop name;
• logo;
• website or shop URL;
• category;
• country or general geographic area;
• status indicating that a shop is part of the Donaki network.

Internal administration, connection, billing or security information is not intended to be displayed publicly.

10. Technical integration with the partner shop

Donaki Partners allows partner shops to integrate a Donaki button into their e-commerce website.

In this context, Donaki Partners may process technical data necessary to identify the partner, verify the proper functioning of the integration, secure exchanges and detect clicks or events related to the Donaki button.

These processing operations are intended only to provide the service requested by the partner, ensure the security of the integration and allow technical monitoring of the proper functioning of the Donaki button.

11. Recipients of the data

Personal data may be accessible, within the limits of what is necessary, to the following categories:

• Donaki Partners internal teams responsible for administration, support, security, billing and maintenance;
• technical service providers involved in hosting, infrastructure, maintenance, security, backups or email sending;
• payment providers, when the partner uses a paid service;
• competent authorities when required by law;
• the public, only for information expressly intended to be displayed publicly as part of the Donaki network.

Donaki Partners does not state that it sells personal data to third parties.

12. Cookies

Donaki Partners uses only cookies and similar technologies that are strictly necessary for the technical operation of the Portal, authentication, security, session management, display language and the proper provision of the service requested by the user.

No behavioral advertising or marketing tracking cookies are placed within the scope described by this policy, unless otherwise stated in a separate policy or after an explicit update of the information provided to users.

13. Transfers outside the European Economic Area

The Portal can be used worldwide.

The main server of Donaki Partners is hosted in the United States. Mirror servers or additional technical infrastructure may also be distributed in other countries in order to improve speed, availability and user experience.

As a result, certain personal data may be transferred to or hosted outside the European Economic Area.

Where required, Donaki Partners ensures that such transfers are governed in accordance with applicable law.

14. Retention period

Personal data is retained as long as the partner account is active or as long as it is necessary to provide the service.

In the event of deletion of the partner account, personal data is deleted or anonymized, except where its retention remains necessary to:

• comply with a legal obligation;
• retain accounting or tax documents;
• ensure the security of the Portal;
• prevent or handle abuse;
• manage a dispute;
• retain temporary technical backups;

Data related to billing may be retained for the legally required period.

15. Security

Donaki Partners implements reasonable technical and organizational measures intended to protect personal data against loss, unauthorized access, alteration, disclosure or unlawful destruction.

The user’s password is stored in encrypted / hashed form.

Keys, tokens and technical identifiers linked to the partner integration must be kept confidential by the partner and must not be published or shared with unauthorized third parties.

Donaki Partners may suspend or revoke an integration when a security risk, misuse or compromise is detected.

16. User rights

In accordance with applicable law, you may request in particular:

• access to your personal data;
• rectification of inaccurate data;
• erasure of your data in the cases provided for by law;
• restriction of certain processing operations;
• objection to certain processing operations, where permitted by law;
• portability of certain data, where this right applies.

For any question or to exercise your rights, you may contact: support@donaki.com or privacy@donaki.com.

17. Professional accounts and representatives

Donaki Partners is primarily intended for shops, merchants, companies, self-employed persons or professional representatives.

When a person uses the Portal on behalf of a company or shop, they guarantee that they have the necessary rights to communicate the information relating to that company or shop and to manage its integration into the Donaki network.

When several people are involved for the same shop, each user is invited to use personal access credentials and not to share their login details.

18. Complaints

If you believe that the processing of your personal data does not comply with applicable legislation, we invite you to contact us first at privacy@donaki.com or support@donaki.com.

You also have the right to lodge a complaint with the competent Data Protection Authority in Belgium:

Data Protection Authority
Rue de la Presse 35, 1000 Brussels

19. Changes to this policy

Donaki Partners may modify this Privacy Policy in order to take into account, in particular, legal, regulatory, technical, commercial or functional changes to the Portal.

The applicable version is the one published on the Portal with its last update date.

In the event of a substantial change, Donaki Partners may inform users by any appropriate means.

20. Contact

For any question relating to this Privacy Policy, you may contact:

Scorpius XI srl
https://partners.donaki.com/portal/contact-admin/
support@donaki.com
privacy@donaki.com