---

1. Identity of the Controller and DPO

The controller and Data Protection Officer (DPO) for all processing activities on this website is:
ClickwithIT sprl (trading as CheckMate – Data Protection Consulting), Rue Belliard 40, 1040 Brussels, Belgium
Contact: lio@checkmate-dataprotection.eu

2. Purposes and Legal Bases for Processing

Your personal data is processed for specific, legitimate purposes:

• To provide a secure and functional website:
  • the basis is legitimate interest (Art. 6(1)(f) GDPR; Art. 5(1)(a) EUDPR)
• To process enquiries sent via contact forms:
  • the legal basis is legitimate interest (Art. 6(1)(f) GDPR) for general enquiries.
  • where the enquiry is about a potential service, cooperation, or obtaining a quote, the legal basis is the performance of pre-contractual steps at your request (Art. 6(1)(b) GDPR).
• For compliance, technical updates, and to meet legal obligations

3. Types of Data Collected

We collect and process the following categories of personal data:

• Technical data (IP address, browser type, date and time of site access, device info, cookies and preferences)
• Data you voluntarily submit via contact forms (name, email, message)
• For more details on cookies, see our Cookie Policy;
• For contact form data, see our Data Protection Notice;

4. Recipients and Data Sharing

• Website hosting is provided by OVH (France/EU), acting as processor under a binding contract with us.
• Personal data is not shared with third parties, except when required by law or with regulatory authorities.

5. Data Transfers Outside the EU/EEA

No personal data is transferred outside the EEA. If this changes, you will be notified and appropriate safeguards (e.g., SCCs) will be implemented in accordance with GDPR.

6. Retention

• Technical logs (including security events) are kept only temporarily and deleted when no longer necessary.
• Data from contact forms: see Data Protection Notice for retention periods (up to 6 months for general enquiries, up to 3 years for prospects, longer for contracted business).
• Data may be retained longer if required by law or for the establishment, exercise, or defense of legal claims.

7. Security Measures

• All data exchanges with this website are encrypted using SSL/TLS.
• Personal data is stored on secure, access-controlled servers in the EU.
• Technical and organizational measures are implemented to protect data against unauthorized access, alteration, loss, or destruction.

8. Automated Decision-Making and Profiling

No automated decision-making, including profiling, is conducted using data collected via this website.

9. Data Subject Rights

You have the following rights under Articles 15–22 GDPR:

• Access to your personal data
• Rectification of inaccurate data
• Erasure (‘right to be forgotten’)
• Restriction of processing
• Data portability (where applicable)
• Objection to processing, especially on the grounds of legitimate interest
• Not to be subject to automated decision-making, including profiling

To exercise these rights, contact the DPO (see Section 1 above).

10. Complaints

If you believe your data has been processed unlawfully, you may lodge a complaint with the Belgian Data Protection Authority (APD).

11. Changes to This Policy

We will update this policy in response to changes in data protection law, our business practices, or new technologies.
Any changes will be posted on this page with the updated effective date.