Our Privacy Policy

When it comes to collecting your personal data our philosophy is clear: we want to collect as little data about you as possible.

The best way to keep your data private is simply not to collect it. Unlike most websites you visit, we do not install tracking cookies in your browser to track your (browsing) behavior and/or send you targetted marketing advertisements. We do not use popular services such as Google AdSense or Facebook Pixel to send you advertisements afterwards.

However, when you visit our website, we do collect some data about you, such as your IP address, your browser, your screen resolution, etc. This data may be temporarily stored by our hosting partners; this is to protect our website and services against DDOS-attacks on the basis of our legitimate interest. In order to maximize the protection of your data we only choose partners with a strict privacy policy. We will not distribute, copy and/or store your personal data collected in any other way, nor will we make attempts to link this information (eg. your IP-address) to other personal information (eg. your physical location).

Privacy for All may also store some cookies on your computer, tablet, or smartphone when you visit this website. These cookies are only functional or necessary cookies, that are processed on the basis of the legitimate interest of our organization, in particular secure our website and online forms.

When you fill out any form on our website (for example: 'Get in touch') we collect your name, email address, your physical address, VAT number and your phone number. We will only use these data in the context of our legitimate interest. This includes: contacting you by e-mail in the context of our services, notifying you of important changes to our services and/or notifying you of important changes to this privacy statement. We will only keep this information for a limited time and you can always have it removed on simple request.We will not send you a periodic newsletter without your prior explicit consent.

If you apply for a job or position at Privacy for All as intern, job applicant or to provide us with freelance services, we will proces your personal data such as name, last name, contact information, motivation letter and CV based on our legitimate interest to process your application.

If you use our services, Privacy for All will also process your personal data to the extent that it is needed for our business operations and/or if we are legally obliged to do so, such financial data we need to fill out our tax returns

Moreove, please keep in mind that when you click on one of the external links on our website, your browsing behavior can be tracked. Privacy for All is not responsible for the privacy practices of these external websites.

The General Data Protection Regulation (GDPR) gives you a lot of rights regarding the protection of your personal data:

• You have the right to access, correct or have your personal data deleted.
• You have the right to object to or restrict the processing of your personal data or to withdraw your consent to the data processing.
• You have the right to data portability. This means that you can request that the personal data we have on you be sent to you or another organization named by you in a computer file.

To exercise your rights it is sufficient to send a request to info@privacyforall.be.

To make sure that the request for inspection was made by you and to avoid sending your personal information to any third party, we may ask you to send a copy or photo of your identity document with the request. When providing us with copy that make sure to black out/cover your passport photo, passport number and your national registration number black. This is to protect your privacy.

We will respond to your request as quickly as possible, but no later than 30 days.

You also have the right of submitting a request or complaint to the national supervisory authority, the Belgian Data Protection Authority (GBA). You can do so via this link.

Privacy for All relies on Infomaniak SA for its website, email and cloud hosting services. Infomaniak is a Swiss company that specializes in hosting for small and medium-sized organizations and companies. They fall under the strict Swiss privacy laws that prohibit almost any data processing that is not explicitly approved by the data subjects. Infomaniak's data centers are certified and highly regarded for their strict rules on information security, privacy and minimal environmental impact. Read more on Infomaniak's website.

For email and VPN services, Privacy for All relies on the services of Proton Technologies AG. ProtonMail is also based in Switzerland and all their servers are located in Switzerland. They use end-to-end and zero-access encryption to secure emails. This means that even Proton Technologies cannot decrypt and read our emails. This also prevents third parties from accessing the content of our emails.

To enable you to contact us using our “get in touch” contact form, Privacy for All relies on third party provider Tally BV. Tally is based in Belgium and always treats your personal data with necessary care and confidentiality. You can read more about Tally on their website.

Your privacy is important to us and we maintain the highest standards when it comes to protecting your data. Therefore, Privacy for All will not transfer you data to any third parties, unless :

• You have explicily and specifically given us consent to transfer your data
• We are required to transfer you data based on a legally binding request (e.g. a court order)

For our hosting services we use the services of Proton Technologies AG and Infomaniak SA, both located in Switzerland. Switzerland is outside the European Economic Area (EEA) but is known for its strict privacy laws, which are in certain respects more stringent than those that apply within the EEA. Within the GDPR regulations, Switzerland is therefore recognized by European Commission as a 'safe' third country with adequate protection for personal data.

For all other cases where the transfer of data to third countries outside the EEA would be necessary, Privacy for All will always use standard contractual clauses as approved by the European Commission, as well as additional technical, organizational and legal safeguards to protect your personal data from unlawful transfer to government agencies or third parties.

Privacy for All does not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected. We apply the following retention periods for the categories of personal data listed below:

• Functional and analytical data about your activities on our website (based on our legitimate interest): up to 12 months
• Emails and personal data from web forms (based on our legitimate interest): up to two years
• Customer files, contractual agreements and payment data (for legal and fiscal reasons): maximum ten years.
• Personal data and CV's of job applicants/ interns/ freelancers based on our legitimate interest: up to two years

Privacy For All takes the protection of your data seriously and has taken all reasonable technical and organizational measures to minimize the risk of unauthorized access, misuse or loss of your personal data.

All traffic to and from our website is encrypted via Let's Encrypt SSL certificate with an RSA 2048 bit encryption. This way we prevent hackers who can access your (home) network from intercepting your data.

Our website is kept up to date against the latest threats and also continuously monitored by the Patchman Security Scanner that detects vulnerabilities and malware and prevents breaches.

Personal data you have submitted to us (e.g. emails, documents, CV and motivation letters containing personal information) will be encrypted both at rest (AES 256-bit) and in transit (SSL, VPN). In order to minimize the risk of (accidental) unauthorized disclosure of your personal data, we use end-to-end and zero-access encryption to secure our emails, multi-factor aunthentication to secure access to your data and require all staff members to use full disk encryption.

However, it is important to understand that it is technically impossible to develop a perfectly secure system. If you notice that your data have been processed against your will and/or if you have any comments on the security of our systems we request that you contact us (anonymously or otherwise) at info@privacyforall.be

This concerns decisions that are taken by computer programs or systems, without involving a person (for example an employee of Privacy for All).

Privacy for All does not make decisions based on automated processing on matters that can have (significant) consequences for people.

Our website does not intend to collect data about website visitors who are under age of 18, unless they have parental or guardian consent. However, we are unable to verify whether a website visitor is over 18. We therefore recommend that parents to be involved in the online activities of their children in order to prevent the collection of data about children without parental consent.

If you believe that we have collected personal information about a minor without such consent, please contact us at info@privacyforall.be and we will delete this information.

Yes, we may amend this Privacy Policy in the future if we start processing your personal data in a different way. If that is the case, we will publish a new version of this Privacy Policy on our website and also inform our customers about this. So please visit our website regularly and consult this Privacy Policy as well.

This Privacy Statement was last updated on : 11th November, 2023.

The data controller responsible for processing your data is:

Privacy For All BV
Lieremanstraat 20
9000 Ghent
Belgium

VAT: BE 0790.134.977