Privacy Policy

Last updated: October 29, 2025
Website: www.dessaro.be
Email: info@dessaro.be

1. Who are we?

This privacy statement applies to Dessaro ("we", "us").
Data controller:
Dessaro
Address: Mellestraat 208, 8501 Heule, Belgium
Company/VAT number: [fill in]
Contact for privacy: info@dessaro.be
Regulator Belgium: Data Protection Authority (GBA)www.gegevensbeschermingsautoriteit.be

2. To whom does this apply?

  • Visitors of our website(s) and landing pages.

  • Prospects and leads (B2B).

  • Customers and their contacts.

  • Applicants.

  • Suppliers/partners.

3. What data do we collect?

Website visitors

  • Technical data: IP address (anonymized if possible), device/browser, timestamps, visited pages, cookies/trackers (see §10).

  • Forms: name, email, phone, company, message.

Prospects/Leads (B2B)

  • Identification: name, business email, position, phone (if available for business), company, industry.

  • Communication metadata: open/click data of emails (if and to the extent permitted, see §10).

Customers

  • Contract/Billing: name, (business) contact details, company name, VAT number, invoice details, project information.

  • Operational: log data in tools, support cases, feedback.

  • Payment data: via our payment processor (see §8).

Applicants

  • CV, motivation letter, contact details, references, notes from interviews, public LinkedIn information.

Suppliers/Partners

  • Contact details, contract details, correspondence.

4. Why do we process this data? (Purposes & legal grounds)

We process personal data only if permitted by the GDPR:

  • Website functionality and security (legitimate interest: a secure and functioning site).

  • Responding to contact requests (contractual necessity or pre-contractual steps).

  • B2B outreach and marketing (legitimate interest: relevant business communication with clear opt-out).

  • Sales & delivery: quotes, contract drafting, project execution, support (contractual necessity).

  • Billing & accounting (legal obligation).

  • Improvement of services and analytics (legitimate interest; where required: consent via cookie banner).

  • Recruitment & selection (legitimate interest; consent if spontaneously provided or where required).

When we ask for consent (e.g. for non-essential cookies or newsletter), you can withdraw it at any time (see §11).

5. With whom do we share data? (Recipients)

We share data only with processors acting on our behalf or when legally required. Examples of processors (depending on your setup):

  • Hosting & infrastructure: Vercel (hosting), [Fill in Supabase/DB-host]

  • Productivity & CRM/PM: Notion, Google Workspace, Slack

  • Marketing & email: [Instantly/SMTP-provider], [LinkedIn Ads/Meta Ads/... if applicable]

  • Planning & meetings: Calendly

  • Payments: Stripe

  • Automations: n8n Cloud
    We enter into a data processing agreement (DPA) with each of these processors.

We do not disclose personal data to third parties for their own marketing.

6. Transfers outside the EEA

If processors are located outside the EEA or data is stored outside the EEA, we ensure appropriate safeguards (e.g. EU Standard Contractual Clauses (SCCs), additional measures). More info: info@dessaro.be.

7. Payments

Payments are processed via Stripe. Stripe is the data controller for certain payment data and the processor for others; their privacy policy applies. We do not have access to full card details.

8. Security

We take appropriate technical and organizational measures, including: access management, encryption in transit (TLS), confidentiality, least-privilege access, logging/monitoring, backups, and regular evaluations. No system is 100% secure; in the event of a data breach, we follow the GDPR notification obligations.

9. Cookies & tracking

  • Essential cookies: necessary for the functioning of the site (legal basis: legitimate interest/contract).

  • Analytical & marketing cookies: only after consent via our cookie banner. You can manage preferences and withdraw consent.

  • Email outreach (B2B): we limit tracking to what is necessary and avoid hidden pixels in the EU unless consent or transparent notice is given. Each email contains an opt-out.

A detailed list of cookies (name, purpose, duration, provider) can be found in our Cookie Policy on the website.

  1. Your rights

You have the right to:

  • Access your data;

  • Request rectification or deletion;

  • Request restriction of processing;

  • Object to processing based on legitimate interest (e.g. B2B marketing);

  • Request data portability (where applicable);

  • Withdraw consent (if processing is based on that).

You can exercise these rights via info@dessaro.be. We may ask you to verify your identity. We usually respond within 30 days.

Want to file a complaint? You can always contact the Data Protection Authority (GBA): www.gegevensbeschermingsautoriteit.be.

11. Minors

Our services are aimed at businesses and adults. We do not knowingly process data from minors. Do you think that data from a minor has been collected anyway? Contact us at info@dessaro.be.

12. B2B outreach & opt-out

We communicate with business contacts based on legitimate interest (relevant B2B context). We apply target selection, limit volume, and provide simple opt-out in every email. In case of “stop” or opt-out, we add you to our suppress list.

13. Changes to this statement

We may adjust this privacy statement. The last updated date is at the top. We will inform you via the website and/or email in case of significant changes.

14. Contact

Questions, requests, or complaints about privacy?
Email: info@dessaro.be