Privacy Policy

1. Identity of the Data Controller

This privacy policy applies to the processing of personal data by:

Web Factor BV
Registered office: Wijngaardstraat 8, 3620 Lanaken, Belgium
VAT number: BE0735515366
Company number (KBO): 0735.515.366
Email: peter@web-factor.be
Hereinafter referred to as: “we” or “the Company”.

We process personal data in accordance with:

  • The General Data Protection Regulation (EU) 2016/679 (GDPR)
  • Belgian data protection law

2. What personal data do we process?

We may process the following personal data, among others:

2.1. Data from clients and prospects

  • First and last name
  • Company name
  • Address details
  • Telephone number
  • Email address
  • Company number and VAT number
  • Billing information

We do not process special categories of personal data.

3. Purposes of processing

We process personal data solely for the following purposes:

  • Drafting and executing agreements
  • Billing and accounting obligations
  • Customer management
  • Technical support
  • Management of hosting, domain, and email services
  • Legal obligations
  • Security of the established systems

If we process personal data for marketing purposes, this is done only on the basis of consent or legitimate interest in accordance with the GDPR.

4. Legal basis for processing

We process personal data based on:

  • The performance of a contract
  • Legal obligations
  • Legitimate interest (such as customer management or security)
  • Consent (if required)

5. Retention period

Personal data will not be retained longer than necessary for the purpose for which they were collected.

  • Billing information: in accordance with the legal retention period (currently 7 years)
  • Contractual data: up to 10 years after the end of the cooperation
  • Technical logs: maximum of 12 months, unless required for security

6. Disclosure to third parties

We do not sell personal data to third parties.

Personal data may be shared with:

  • Accountant or auditor
  • Hosting providers or IT service providers
  • Software suppliers
  • Government authorities if legally required

If personal data are processed outside the European Economic Area, we ensure appropriate safeguards in accordance with the GDPR (such as standard contractual clauses).

7. Security

We take appropriate technical and organizational measures to protect personal data against:

  • Unauthorized access
  • Loss
  • Misuse
  • Unlawful processing

Access to personal data is limited to individuals who need it to perform their duties.

8. Your rights

As a data subject, you have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent (if applicable)

You can exercise your rights by sending an email to: peter@web-factor.be.

We may ask you to verify your identity before we process your request.

9. Complaints

If you believe your personal data is being processed unlawfully, you can file a complaint with:

Data Protection Authority (GBA)
Drukpersstraat 35
1000 Brussels
www.gegevensbeschermingsautoriteit.be

10. Processing on behalf of clients (processor)

When we process personal data on behalf of clients (e.g., through hosting, websites, or applications), we act as a processor within the meaning of the GDPR.

In that case:

  • the client remains the data controller;
  • we process personal data only according to written instructions;
  • we take appropriate security measures;
  • we enter into a separate data processing agreement if necessary.

11. Changes

We reserve the right to change this privacy policy. The most recent version is always available on our website.