Privacy Policy & Cookies

1. Introduction

This Privacy & Cookie Policy (“Policy”) explains how Brannify (“we”, “us”, “our”) collects, uses, and protects your data when you visit our website www.brannify.com, interact with us, or use our services.

We are committed to safeguarding your privacy and complying with the General Data Protection Regulation (GDPR), the Belgian Data Protection Act, and the ePrivacy Directive.

2. Scope

This Policy applies to:
- Visitors to our website
- Clients and prospective clients
- People who contact us by email, phone, or other means
- Individuals whose personal data we obtain through events, referrals, or publicly available sources

It does not apply to:
- Employees, job applicants, or contractors (covered by internal policies)
- Third-party websites we link to
- Data that has been anonymised

3. Data Controller

Brannify acts as the data controller for personal data processed about this website and our business activities. This means we determine the purposes and means of processing.

4. Legal Bases for Processing

We process your personal data based on one or more of the following:
- Consent (Article 6(1)(a) GDPR) – for marketing and non-essential cookies
- Contractual necessity (Article 6(1)(b) GDPR) – to deliver services
- Legal obligation (Article 6(1)(c) GDPR) – to comply with the law
- Legitimate interest (Article 6(1)(f) GDPR) – for security, service improvement, and marketing

5. How We Collect Personal Data

We may collect personal data when you:
- Fill in forms on our website
- Email or call us
- Attend events we organise or participate in
- Click on our ads or engage with our social media
- Are referred to us by a partner
- Are listed in a publicly available source relevant to our services

6. Categories of Personal Data

We may process:
- Basic identifiers – name, surname
- Contact information – email, phone, address
- Professional details – job title, company name, industry
- Billing details – bank account, VAT number
- Technical data – IP address, device type, browser type, OS
- Usage data – website interactions, analytics data, cookies

7. Special Category Data

We do not intentionally collect sensitive data (e.g., racial or ethnic origin, political opinions, religious beliefs, health information, sexual orientation). If we ever need to process such data, it will only be done with explicit consent or as otherwise permitted by GDPR.

8. Purposes of Processing

We process personal data to:
- Operate and secure our website
- Provide, manage, and support our services
- Respond to enquiries
- Send relevant marketing communications
- Collect payments
- Conduct due diligence where legally required
- Improve our services, website, and marketing efforts
- Comply with legal obligations
- Protect our rights and prevent fraud

9. Retention of Personal Data

We keep personal data only as long as necessary for the purposes stated in this Policy or as required by law.
- Marketing-related data: retained until consent is withdrawn or a maximum of 10 years after last interaction
- Client contractual data: retained for at least 7 years for tax and legal compliance in Belgium

10. Sharing of Personal Data

We share your personal data with:
- Service providers (e.g., hosting, payment processing, CRM tools)
- Professional advisors (e.g., accountants, legal counsel)
- Regulators or authorities when legally required
- Third parties in the event of a merger, acquisition, or asset sale

If data is transferred outside the EEA, we ensure appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

We never sell your personal data.

11. Data Integrity & Security

We implement appropriate technical and organisational measures, including encryption, access controls, and secure hosting, to protect your data against unauthorised access, alteration, or loss.

12. Cookies & Tracking Technologies

We use first-party and third-party cookies for:
- Website functionality (strictly necessary)
- Preferences (language, settings)
- Analytics (Google Analytics, etc.)
- Marketing and remarketing (e.g., LinkedIn Ads, Facebook Pixel)

You can manage or withdraw your cookie consent at any time via our cookie banner or browser settings. Non-essential cookies will only be set after your explicit consent.

13. Links to Other Websites

Our website may contain links to external sites or social media platforms. We are not responsible for the privacy practices of those third parties.

14. Your Rights Under GDPR

You have the right to:
- Access your data
- Correct inaccuracies
- Request deletion (“right to be forgotten”)
- Restrict processing
- Object to processing (including marketing)
- Receive a copy of your data in a portable format
- Withdraw consent
- Lodge a complaint with the Belgian Data Protection Authority

15. Entities Covered by This Policy

This Policy applies to Brannify and any future affiliates operating under the Brannify brand.

18. Supervisory Authority Contact (Belgium)

Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit)
Rue de la Presse 35, 1000 Brussels, Belgium
Email: contact@apd-gba.be
Website: https://www.gegevensbeschermingsautoriteit.be

19. Updates to This Policy

We may update this Policy from time to time. Material changes will be communicated via our website or email. The most recent version will always be available on our website.