Skip to content
Login

Privacy Notice

Last updated: 21/08/2025

This Privacy Notice explains how Be‑Sure Consulting BV processes personal data when you visit our website, contact us, or are a customer/user of our web application.

1) Controller

Be‑Sure Consulting BV
Company/KBO-VAT No.: BE0797.274.177
Address: Veldstraat 8A, 3740 Bilzen‑Hoeselt, Belgium
Privacy contact: contact @riskrovers.com

No Data Protection Officer (DPO) has been appointed. Please use the contact above for privacy requests.

2) Scope

This Notice applies to our websites and online services (the “Website”). We primarily serve B2B customers in Europe (EEA).

3) What data we process

3.1 Website visitors and prospects

  • Identification and contact details: name, email, phone, company, role, any message.

  • Technical data: IP address, device and browser details, timestamps, server logs.

  • Marketing preferences: newsletter sign‑ups/opt‑outs.

3.2 Customers and users of our web application

  • Customer data: contact person, company details, invoicing and payment details (processed via our payment provider), contract/order information.

  • Account data: username, email, login/activity logs, permissions.

  • Support: tickets, questions and related communications.

3.3 Special categories & children

We do not intentionally process special categories of data (e.g. health data). Our services are not directed at children. If you believe we have collected a child’s data, contact us so we can delete it.

4) Purposes and legal bases (GDPR Art. 6)

Purpose Examples Legal basis
Responding to enquiries & pre‑contract steps contact/quote forms, emails Legitimate interests (efficient communication) and/or pre‑contractual measures
Customer management & delivery of services creating accounts, providing access to the web app, invoicing, support Performance of a contract and legal obligation (accounting)
Direct marketing newsletters and limited promotions Consent (opt‑in). For existing customers: soft opt‑in for similar services, with opt‑out in every message
Security & abuse prevention logging, monitoring, anti‑abuse tools Legitimate interests
Statistics & website improvement aggregated analytics, A/B testing Consent for non‑essential cookies/trackers. If cookie‑less and anonymised: legitimate interests

You can withdraw consent at any time. This does not affect processing carried out before withdrawal.

5) Cookies and similar technologies

We use cookies and similar technologies. Non‑essential cookies (e.g. analytics, marketing, embeds) are only set with your consent.

6) Recipients and (sub)processors

We share data only with trusted service providers acting on our behalf and with whom we have data processing agreements:

  • Combell (hosting/CDN – EEA)

  • HubSpot (CMS/website, forms and CRM)

  • Microsoft 365 (email and office tools)

  • Stripe (payments)

  • IT service providers and security partners (maintenance, support) and, where applicable, our accountant and legal advisors.

An up‑to‑date list of processors is available upon request.

7) International transfers outside the EEA

Some providers (or their sub‑processors) may be located outside the EEA (e.g. the US). Where transfers occur, we implement appropriate safeguards, such as EU Standard Contractual Clauses (SCCs) and/or participation in a valid Data Privacy Framework, supplemented by technical and organisational measures (e.g. encryption and access controls). Copies of the relevant safeguards are available on request.

8) Retention periods

We do not keep data longer than necessary:

  • Prospect/contact data: up to 24 months after the last meaningful interaction.

  • Customer & contract data: for the contract term + minimum 7–10 years for accounting records.

  • Account/log data: 24 months after deactivation, unless longer is needed for security or dispute handling.

  • Support/tickets: 24 months after closure.

  • Marketing data: until you unsubscribe (opt‑out) + 24 months for audit logs.

  • Server & security logs: 12 months.

  • Back‑ups: according to fixed rotation (30–90 days).

9) Security

We protect data using appropriate technical and organisational measures, including TLS encryption in transit, access control on a least‑privilege basis, logging/monitoring, network and application security, encryption at rest where feasible, regular updates/patching, and data processing agreements with vendors. Access is restricted to those who need it.

10) Your rights

You have the right to access, rectify, erase, restrict, object, and to data portability, as well as the right to withdraw consent.
To exercise your rights, contact contact @riskrovers.com. We may ask for additional information to verify your identity.

You also have the right to lodge a complaint with the Belgian supervisory authority:
Data Protection Authority (GBA/APD)
Drukpersstraat 35, 1000 Brussels – www.gegevensbeschermingsautoriteit.becontact@apd-gba.be

11) Third‑party services and links

Our Website may contain links to, or integrations with, third‑party services (e.g. video or social media embeds). Your use of those services is governed by the privacy terms of the respective providers.

12) Changes

We may update this Notice from time to time. The latest version will always be available on this page. For material changes, we will provide a more prominent notice.