Trading name: NACKAERTS Web Design | Legal name: NACKAERTS (Natural person: Nackaerts Eric)

Registered office: Liersesteenweg 30, 2520 Emblem

Company number or VAT: BE0837.341.810

Email: info@nackaerts.eu

Website: https://nackaerts.eu

We value your privacy. This notice explains how we collect, use and protect personal data when you visit our website, contact us, or use our services. We may update this notice from time to time. Please check it periodically for changes.

Who we are, roles and scope

NACKAERTS Web Design is the data controller for the processing described in this notice. This notice applies to our website and to the processing of personal data of clients, prospects, suppliers, and website visitors.

If we act as a processor on behalf of a client, the client’s privacy notice and instructions prevail for that processing.

The personal data we collect

Depending on your interactions with us, we may process:

• Identification and contact data: for example name, company, address, email, telephone.
• Project and account data: for example website credentials provided by you, project notes, support history.
• Billing data: for example VAT number, bank details shown on invoices, payment status.
• Marketing preferences: for example newsletter subscription and opt-in records.
• Usage data: for example IP address, browser type, pages viewed, and interactions with our site.
• Recruitment data: if you apply for a role, for example CV, cover letter, interview notes.

We may combine information collected from you with information obtained from public or trusted sources to maintain accuracy and to tailor our communications.

Purposes and legal bases

We process personal data for the following purposes:

• To deliver services and support: for example preparing a proposal, building or maintaining a website, providing hosting or security services. Legal bases: performance of a contract, legitimate interests, compliance with legal obligations.
• Administration and finance: for example invoicing, bookkeeping, audit. Legal bases: legal obligation, legitimate interests.
• Client relationship and communications: for example service updates, maintenance notices, security advisories. Legal basis: legitimate interests.
• Direct marketing to clients and consenting prospects: for example newsletters and information about services that may interest you. Legal bases: legitimate interests for existing clients, consent for non-clients. You can withdraw consent at any time.
• Recruitment: for example evaluating applications and managing hiring. Legal bases: contract related steps at your request, legitimate interests, legal obligations.
• Security and fraud prevention: for example access controls, logs, incident response. Legal bases: legitimate interests, legal obligations.
• Compliance: for example responding to lawful requests from authorities and maintaining required records. Legal basis: legal obligation.

Sources

We obtain data directly from you, from your organisation, from public sources, and from our service providers where necessary for the purposes above.

Sharing and international transfers

We share personal data only when necessary:

• With our service providers under written contracts that include confidentiality and data protection obligations. Examples include hosting, email delivery, newsletter tools, CRM, ticketing, analytics, and accounting.
• With payment service providers when you pay us, for example your bank or payment gateway.
• With domain registries and registrars if we register or manage domain names for you, certain registration data may be published in WHOIS or shared with the registry according to their rules.
• With public authorities where required by law or to protect our rights.

We do not sell your data. If data are transferred outside the European Economic Area, we use appropriate safeguards, for example adequacy decisions or Standard Contractual Clauses.

Our processors, examples

We use reliable providers to operate our business. Replace or complete this list with your actual tools:

• Hosting and infrastructure: Hostinger.
• Email and newsletters: Mailchimp.
• CRM and support: /.
• Accounting and invoicing: Peppol, Accountant Benilco BV.
• Domain registration: Hostinger.
• Payments: Stripe.

For each provider we keep a current record of processing with purpose, location, and safeguards.

Cookies and similar technologies

We use cookies and similar technologies to operate our website, improve performance, and understand how visitors use our pages. For details about cookie types, retention, and your choices, please read our Cookie Policy. You can manage your preferences through the cookie banner or your browser settings.

How long we keep data

We retain personal data only as long as necessary for the purposes described:

• Contact form and enquiry data, for the duration of the conversation and a reasonable period to follow up.
• Newsletter data, until you unsubscribe or we discontinue the newsletter.
• Contract and billing records, for the statutory retention period.
• Project and technical records, for the duration of the contract and a reasonable period after termination to protect our rights and for support, unless you ask us to delete specific items that are not required by law.
• Aggregated or anonymised data may be kept longer for statistics.

Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, and disclosure. Internet transmission always carries residual risk, so we cannot guarantee absolute security. If a security incident affects your data, we will act promptly according to our incident response process and our legal obligations.

Your rights

Under the GDPR (AVG) you have the following rights, subject to conditions and exceptions:

• Right of access: you can request a copy of your personal data.
• Right to rectification: you can ask us to correct inaccurate or incomplete data.
• Right to erasure and restriction: you can request deletion or restriction of processing, which may affect our ability to provide certain services.
• Right to object: you can object to processing based on legitimate interests, including direct marketing.
• Right to data portability: you can request your data in a structured, commonly used, machine-readable format and ask us to transmit it to another controller where technically feasible.
• Right to withdraw consent: where processing is based on consent, you can withdraw it at any time.

To exercise your rights, contact us using the details above. We may ask for proof of identity where reasonable.

Complaints

You can lodge a complaint with your supervisory authority. In Belgium this is the Data Protection Authority, Drukpersstraat 35, 1000 Brussels, telephone +32 2 274 48 00, email: contact@apd-gba.be. You can find information on questions, mediation, and complaints on the Authority’s website: gegevensbeschermingsautoriteit.be

Children

Our website and services are not intended for children. We do not knowingly collect personal data from anyone under the age of 18.

Links to other websites

Our website may contain links to third party sites for your convenience. Those sites have their own privacy policies. We are not responsible for their content or privacy practices.Contact

For questions about this notice, or to exercise your rights, contact NACKAERTS Web Design at info@nackaerts.eu. If you are an existing client, you can also reach your usual point of contact.