Privacy Policy

Confidentiality Personal data protection policy

ARHS Spikeseed (hereinafter, the 'Provider') has developed a computer system, named Sekkya. Sekkya allows our clients to receive notifications of suspicious behavior at their premises via Internet services (the 'Services') through mobile applications to be installed and executed on a mobile device.

'User' means any client member who uses its Services. To do this, the user must create an account (the 'Sekkya Account').


The Provider does not interfere with the User's use of the personal data processed via the Application.

The User agrees to comply with the legislation on the protection of personal data to which it is subject. The User ensures to obtain the consent of their customers or any other concerned persons for the use of their contact information and sending of messages.

It guarantees the Provider against any action by a third party claiming the existence of a violation of legal provisions as a result of data processing operations carried out via the Services in the context of its own data processing.

As a subcontractor, the Provider is required to perform technical operations on the User's data and undertakes to perform operations on such data only in a context which is strictly required for the provision of Services, such as those described in the Features.


The User can access their Sekkya Account online by connecting from a specially created account within the mobile application. Access to the Sekkya Account only requires authentication via an e-mail address and password. The user can freely choose, when creating the Sekkya Account, the e-mail address and password.

When creating the Sekkya Account, the User is asked to provide certain data for identification purposes. These include the following: email address, last name, first name, and phone number (optional). This User is able to modify this information at any time by contacting Sekkya.

The data communicated by Users as well as data related to their use of the Services will be processed by the Provider for the provision of the Services, the management of its customers and the production of statistics to help it improve its Services. These data will not be communicated to third parties, unless the Provider is required to do so by law. The Provider may also process this data in the context of preventing and managing fraud in the use of the Services and, in the event of a dispute, to defend its interests.


The Provider uses the contact data provided by the User:
  • To contact the User for the purposes of providing the Services, in particular to inform them of new Functionalities;
  • To send them information on new services offered by the Provider.

The User has the ability to object at any time to the continued use of his or her contact data, in the latter case by unsubscribing to the mailing lists.


The User authorizes the Provider to enter the data intended to enable the processing of the Feedbacks created by the User into the Sekkya Database.



The Provider undertakes to respect the strictest confidentiality regarding the personal data it stores and processes in connection with the Services and not to disclose them to third parties except to the extent necessary for the provision of the Services or if it is required to do so by law. The Provider shall ensure observance of this obligation by our employees, agents or potential subcontractors.

Data storage and security

The Provider shall take all reasonable technical measures in the light of the state of the art to protect personal data against accidental or unauthorized destruction by third parties, accidental loss and modification, access and all other unauthorized processing by third parties. However, the Provider cannot guarantee that this data cannot be accessed by third parties in the case of hacking or computer piracy, even if the latter takes all reasonable measures to ensure data protection.

With regard to data storage services, the servers, on which the data associated with Sekkya Accounts are stored, are located within the European Economic Area or in a country offering an adequate level of protection. The Provider may use third party companies and sub-contract services or rent data storage media to them. In this case, the Provider obtains commitments from the subcontractor or third party in terms of confidentiality and security equivalent to those offered to the User in the context of this document in terms of security and confidentiality of the data.

The User, whose data are stored by the Provider, may request information from the Provider at any time about the place where the data are stored and request a written description of the technical and organizational measures implemented to ensure the confidentiality and security of the data by sending a request to the following address: In its response and description, the Provider is likely to omit any technical elements or details where required, if their disclosure could compromise the security of the data.

By using the Services, the User acknowledges that:
  • they have been sufficiently informed of the technical and organizational measures that the Provider takes to ensure the security and confidentiality of its data so that they are adequately protected, taking into account the state of the art and technology, against accidental or unauthorized destruction by third parties, against accidental loss and against modification, access and any other processing not authorized by third parties;
  • these measures are sufficient and adequate with regard to the data that the User intends to store in the context of the Services.

Damage to data security

If a user notices a data security incident, they shall let the Provider know as soon as possible at the following address:


Data accessible via the Accounts

Users who have created a Sekkya Account can consult and modify their personal data at any time. All they have to do is describe the desired changes or deletions in an email at the following address:

Other personal data

Any User or any third party may exercise their rights to access, modify and object regarding their personal data. For personal data that the Provider processes and that can not be accessed, modified or deleted directly by the User through the features of the Services, the User or the third party may address a request for access, modification or objection by post to the following address:

ARHS Spikeseed
13 Boulevard du Jazz
L-4370 Luxembourg

Proof of identity will be requested, which implies that they must attach a copy of their identity card. The application must be dated and signed. The Provider will respond to this request within the period set out by the Luxembourg data protection legislation.


The Provider reserves the right to update and modify the terms of its data protection policy at any time and on a regular basis, provided that Users are informed 8 days before the updated or modified terms enter into force. The updated version of this policy will always be available on the Website. Use of the Website or Services by the User after changes or revisions to the data protection policy implies acceptance of the policy as amended. If the User does not accept these changes, it is up to the User to cancel their account.


Our commitments and requirements regarding the protection of personal data are subject to Luxembourg legislation on the protection of personal data.