België
[email protected]
+32484530039
Get in touch

Privacy Policy

Download Privacy Policy

Last updated: 2024

Benelux Soft B.V. (“BeneluxSoft”, “we”, “us”, or “our”) is committed to protecting the privacy and personal data of all visitors to our website and of our customers, partners and other stakeholders.

This Privacy Policy explains how we collect, use, store and protect your personal data when you visit https://beneluxsoft.com/ or interact with us in connection with our services. It is drafted in accordance with Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR) and applicable Belgian and EU data protection rules.

By using our website or otherwise providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy.

1. Data controller

The data controller responsible for your personal data is:

Benelux Soft B.V.
Da Vincilaan 1, 1930 Zaventem België
VAT: BE 0781.446.153
Email: [email protected]
Phone: +32 484 53 00 39

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us at the email address above.

At this time, BeneluxSoft has not appointed a mandatory Data Protection Officer (DPO). If this changes, we will update this Privacy Policy and provide the relevant contact details.

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • Visitors to our website https://beneluxsoft.com/ and its sub-pages;
  • Prospective and existing customers and partners;
  • Individuals who contact us via contact forms, email, phone, social media or in the context of EU-funded projects and other collaborations;
  • Individuals taking part in events, webinars or other activities organised or co-organised by BeneluxSoft.

It does not apply to third-party websites or services that may be linked from our website. Those services are governed by their own privacy policies.

3. Categories of personal data we collect

Depending on how you interact with us, we may collect and process the following categories of personal data:

  1. Identification and contact data
    • Name, surname
    • Job title and role
    • Company/organisation name
    • Business email address
    • Business phone number
    • Country and city
  2. Communication data
    • Content of messages sent via our contact forms, email, phone or social media
    • Information you choose to share during calls, online meetings or events
  3. Website and usage data
    • IP address
    • Browser and device information
    • Operating system, screen resolution, language preferences
    • Pages visited, time and date of visits, time spent on pages, clickstream data
    • Referrer URL (how you came to our website)
  4. Cookies and similar technologies
    • Information collected through cookies, pixels, tags and similar technologies, as described in our separate Cookie Policy (e.g., session identifiers, analytics cookies, advertising cookies).
  5. Account and contract-related data (B2B clients/partners)
    • Contract details, billing information, VAT numbers
    • Project-related information
    • Correspondence related to proposals, contracts, support and project delivery
  6. Recruitment and HR data (where applicable)
    • CV, cover letter, professional experience
    • Education, skills and certifications
    • References you provide
    • Any other information you voluntarily include in your application

We generally do not request or process special categories of data (such as health data, religion, political opinions, etc.). If such data is shared with us unintentionally, we will either delete it or protect it with heightened care in line with GDPR requirements.

4. Purposes and legal bases for processing

We process your personal data only when we have a valid legal basis under Article 6 GDPR.

We use your data for the following purposes:

  1. Operating and securing our website
    • To display the website and its functionalities correctly;
    • To ensure the stability, security and performance of our systems;
    • To prevent abuse and detect fraudulent or malicious activity.
      Legal basis: our legitimate interests (Art. 6(1)(f) GDPR) in operating a secure and functional website.
  2. Responding to enquiries and providing information
    • To answer contact requests, emails or phone calls;
    • To provide information about our services, EU projects or partnership opportunities.
      Legal basis:
    • performance of a contract or steps prior to entering into a contract (Art. 6(1)(b) GDPR);
    • and/or our legitimate interests in communicating with prospects and partners (Art. 6(1)(f) GDPR).
  3. Delivering our services and managing customer relationships
    • To negotiate, conclude and perform contracts;
    • To manage projects, invoicing and support;
    • To maintain records of our business relationships.
      Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and compliance with legal obligations (e.g. accounting laws) (Art. 6(1)(c) GDPR).
  4. Participation in EU-funded projects and tenders
    • To prepare and submit proposals;
    • To manage project communication with partners and agencies;
    • To comply with EU programme rules and audit requirements.
      Legal basis:
    • performance of a contract or pre-contractual steps (Art. 6(1)(b) GDPR);
    • compliance with legal obligations under EU funding rules (Art. 6(1)(c) GDPR);
    • our legitimate interests in participating in EU projects (Art. 6(1)(f) GDPR).
  5. Analytics and improvement of our website and services
    • To understand how visitors use our website;
    • To improve user experience and content;
    • To develop and optimise our services and marketing activities.
      Legal basis:
    • your consent for non-essential cookies and analytics tools (Art. 6(1)(a) GDPR, in line with the ePrivacy Directive)
    • our legitimate interests in improving our services (Art. 6(1)(f) GDPR) where allowed by law.
  6. Marketing communication
    • To send you newsletters, event invitations or information about our services;
    • To display relevant content or ads on third-party platforms (e.g. LinkedIn) when you have consented to such marketing.
      Legal basis:
    • your consent (Art. 6(1)(a) GDPR) where required;
    • and/or our legitimate interests (Art. 6(1)(f) GDPR) in promoting our services to business contacts, subject to your right to opt out at any time.
  7. Recruitment
    • To process your application;
    • To assess your suitability for a role;
    • To keep records of your application.
      Legal basis:
    • pre-contractual steps at your request (Art. 6(1)(b) GDPR);
    • our legitimate interests in hiring qualified candidates (Art. 6(1)(f) GDPR).
  8. Compliance and legal claims
    • To comply with legal obligations (e.g. bookkeeping, tax rules);
    • To respond to lawful requests from authorities;
    • To establish, exercise or defend legal claims.
      Legal basis:
    • legal obligation (Art. 6(1)(c) GDPR);
    • legitimate interests in protecting our rights (Art. 6(1)(f) GDPR).

5. Cookies and similar technologies

We use cookies and similar technologies to operate our website, conduct analytics and support marketing activities. Details on the types of cookies we use, their purposes, storage periods and how you can manage your cookie preferences are set out in our separate Cookie Policy, which forms an integral part of this Privacy Policy.

For non-essential cookies (e.g. analytics, advertising), we obtain your consent through the cookie banner, in line with the ePrivacy Directive 2002/58/EC and GDPR requirements for consent.

You can change or withdraw your cookie consent at any time via your browser settings or the cookie preferences tool (where available).

6. Recipients of personal data

We only share your personal data with:

  • Service providers (processors)
    • hosting and infrastructure providers;
    • CRM, ticketing or project management tools;
    • email, newsletter and communication platforms;
    • analytics and marketing tools (e.g. Google, LinkedIn) where applicable.

These providers are bound by data processing agreements and may only process your data according to our documented instructions.

  • Project partners and consortium members
    • in the context of EU-funded or other joint projects, limited data may be shared where necessary for project execution and reporting obligations.
  • Public authorities and regulators
    • where required by law or in order to protect our rights or the rights of third parties.

We do not sell your personal data to third parties.

7. International data transfers

Some of our service providers or partners may be located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place for international data transfers, for example:

  • An adequacy decision by the European Commission; or
  • Standard Contractual Clauses (SCCs) approved by the European Commission; or
  • Other appropriate safeguards as provided by Chapter V GDPR.

You can contact us for more information about the specific transfer mechanisms we use.

8. Data retention periods

We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy or to comply with legal obligations.

Indicatively:

  • Contact enquiries: up to 2 years after last contact, unless a contractual relationship is established.
  • Customer and contract data: for the term of the contract and at least 7–10 years thereafter, in line with accounting and tax retention obligations.
  • EU-funded project documentation: for the duration of the project plus any retention period required by the relevant funding programme.
  • Marketing data: until you withdraw your consent or object to processing, or after a defined period of inactivity.
  • Recruitment data: typically up to 1 year after the completion of the recruitment process, unless you consent to a longer retention.

When data is no longer required, we will delete or anonymise it in a secure manner.

9. Security of your personal data

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access, in line with Article 32 GDPR and information security best practices (including ISO 27001-aligned controls).

These measures include, for example:

  • Use of secure network protocols (such as TLS) for data transmission;
  • Access control and authentication;
  • Role-based access to systems and data;
  • Regular security updates and monitoring;
  • Backups and business continuity measures;
  • Employee confidentiality undertakings and awareness.

Despite these measures, no system can be completely secure. If we detect a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, the affected individuals, in accordance with GDPR.

10. Your rights as a data subject

Under GDPR, you have the following rights in relation to your personal data:gdpr-info.eu

  1. Right of access – to obtain confirmation as to whether we process your personal data and to receive a copy of that data.
  2. Right to rectification – to request correction of inaccurate or incomplete data.
  3. Right to erasure (“right to be forgotten”) – to request the deletion of your personal data in certain circumstances.
  4. Right to restriction of processing – to request that we restrict processing under specific conditions.
  5. Right to data portability – to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to another controller where technically feasible.
  6. Right to object – to object, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling. You also have an absolute right to object to direct marketing at any time.
  7. Right to withdraw consent – where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise your rights, please contact us at [email protected]. We may need to verify your identity before responding to your request.

You also have the right to lodge a complaint with your local supervisory authority. In Belgium, this is the Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données).

11. Automated decision-making and profiling

We do not use your personal data to take decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you within the meaning of Article 22 GDPR.

If this changes in the future, we will update this Privacy Policy and provide you with all relevant information and safeguards.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or other reasons. The “Last updated” date at the top of this page indicates when it was last revised.

We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.

13. Contact

If you have any questions, concerns or requests regarding this Privacy Policy or your personal data, please contact us at:

Benelux Soft B.V.
Da Vincilaan 1, 1930 Zaventem België
Email: [email protected]
Phone: +32 484 53 00 39

Download Privacy Policy
Close
Search

Hit enter to search or ESC to close

cookie By using this website, you agree to our cookie policy. Close