Privacy Policy

(GDPR – Belgium/EU)
Last updated: 10 November 2025

1. Who is the controller?

Hazze – Rozenlaan 14, 2531 Vremde
Company/VAT number: BE0780.362.624
Email: info@centpilot.be · Phone: +32 473 90 90 81

2. Who does this policy cover?

Visitors of our website and consumers who purchase the digital content (Excel file) or book a 45-minute consult. This website is not aimed at children.

3. Which personal data do we process?

• Identification and contact details (name, email, phone if supplied).
• Transaction data (order, price, date/time, invoice details).
• Payment data (processed by our payment provider; we do not receive full card numbers).
• Appointment data (chosen timeslot, channel in-person/video, optional notes).
• Technical data (IP address, basic browser/device information, server and security logs).
• Travel cost calculation (only when relevant: starting point "Rozenlaan, Vremde", distance to the location).

4. For what purposes and on which legal bases?

• Contract performance (Art. 6(1)(b) GDPR): delivering the digital download, planning and performing the consult, customer communication.
• Legal obligation (Art. 6(1)(c) GDPR): bookkeeping, fiscal obligations (invoicing/archiving).
• Legitimate interest (Art. 6(1)(f) GDPR): website/app security, fraud- and abuse-prevention, service optimisation (no profiling).
• Consent (Art. 6(1)(a) GDPR): only for optional items (e.g. marketing communication). You can withdraw consent at any time.

5. Who do we share data with?

• Payment provider: Stripe (payment processing; may act as its own controller for fraud prevention).
• Hosting: our infrastructure provider (to run the site and provide security).
• Email: our email provider for customer communication and invoices.
• Scheduling: our booking tool (only when you book a consult).
• Digital delivery: storage/delivery partner to provide your download securely.

We sign data processing agreements with processors. Suppliers may be located outside the EEA; in that case we rely on appropriate safeguards (e.g. EU Standard Contractual Clauses).

6. Retention periods

• Orders/invoices: at least 7 years (tax retention requirement).
• Appointment/support data: up to 24 months after the last contact.
• Security/server logs: up to 12 months, unless required longer for incident handling.
• Marketing consent: until withdrawal plus a limited administrative retention period.

7. Cookies and tracking

We only use strictly necessary functionality (e.g. basic server logs and checkout via Stripe). We do not place marketing cookies or profiling scripts. Third-party services (such as Stripe on their own domain) may place their own cookies according to their policies.

8. Your rights

You have, within legal limits, the right to:

• access your data,
• rectification and erasure,
• restriction of processing,
• data portability,
• object to processing based on legitimate interest,
• withdraw consent (where applicable).

You can exercise these rights via info@centpilot.be. We usually respond within 30 days. You also have the right to lodge a complaint with the Belgian Data Protection Authority:www.gegevensbeschermingsautoriteit.be.

9. Security

We take appropriate technical and organisational measures to protect your data (including encrypted transport layers, access control and need-to-know principles). No system is 100% secure; please report potential vulnerabilities to info@centpilot.be.

10. International transfers

If data is processed outside the EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses) and additional measures where required. You can request more information about this.

11. Automated decision-making

We do not carry out automated decision-making with legal or similarly significant effects on individuals.

12. Contact and questions

Questions about this policy or your privacy? Email us at info@centpilot.be.

13. Changes

We may update this privacy policy. The current version is always available on this page with the date of last update.