Privacy Policy
Last updated: 19/02/2026
Version: 1.0
1. Who we are
This website (secmaer.com) is operated by:
SECMAER BV
Diegemstraat 55, 1930 Zaventem, Belgium
KBO/BCE: BE 0897.030.759
Email: info@secmaer.com
Phone: +32 470 45 77 58
SECMAER BV (“we”, “us”, “our”) is the data controller responsible for your personal data as described in this Privacy Policy.
2. What personal data we collect and why
2.1 Contact form and appointment requests
When you submit a contact form or book an appointment through our website, we collect:
- Your name
- Your email address
- Your message or enquiry details
Purpose: To respond to your enquiry, schedule appointments, and follow up on your request.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — it is in our mutual interest to communicate about our services. Where your enquiry relates to a potential contract, we also rely on the necessity to take steps prior to entering into a contract (Art. 6(1)(b) GDPR).
Retention: We retain your enquiry data for a maximum of 2 years after our last interaction, unless a contractual relationship arises, in which case we retain data as described in Section 2.2.
2.2 Client and business relationship data
If you become a client or business partner, we process:
- Contact details (name, email, phone number, company name, address)
- Correspondence and project-related communications
Purpose: Contract performance, invoicing, and after-sales support.
Legal basis: Necessity for the performance of a contract (Art. 6(1)(b) GDPR) and compliance with legal obligations such as accounting and tax requirements (Art. 6(1)(c) GDPR).
Retention: We retain contractual data for up to 10 years after the end of the business relationship, in line with Belgian accounting and tax obligations (Belgian VAT Code) and the general civil law prescription period for contractual claims.
2.3 Website usage data (analytics)
When you visit our website, we collect data through cookies and similar technologies:
- IP address (anonymised where possible)
- Browser type and version
- Operating system
- Pages visited, time spent, and navigation path
- Referring website
- Screen resolution and device type
- Click behaviour and scroll depth (via session recordings)
This data is collected through Google Analytics and Microsoft Clarity. See our Cookie Policy for full details.
Purpose: To understand how visitors use our website, improve its content and performance, and analyse trends.
Legal basis: Consent (Art. 6(1)(a) GDPR) — these cookies are only placed after you have given your consent through our cookie banner (powered by WPConsent). Analytics scripts are blocked until you actively consent.
Retention: See the Cookie Policy for specific cookie durations. Aggregated analytics data may be retained indefinitely.
2.4 Server logs
Our hosting provider automatically collects technical data when you visit our website, including your IP address, browser type, the pages requested, and the date and time of access.
Purpose: Ensuring the security and proper functioning of the website.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — maintaining the security and availability of our website.
Retention: Server logs are retained for a maximum of 90 days.
3. Who we share your data with
We do not sell your personal data. We share personal data only with the following categories of recipients, acting as data processors on our behalf or as independent controllers:
| Recipient | Purpose | Location |
|---|---|---|
| Hosting provider (WordPress hosting) | Website hosting and server management | EU |
| Google LLC (Google Analytics) | Website analytics | USA |
| Microsoft Corporation (Clarity) | Session recording and heatmaps | USA |
| Gravity Forms | Processing contact form submissions | USA |
We may also disclose personal data if required by law or in response to a valid legal request by a public authority.
4. International data transfers
Some of our processors are located outside the European Economic Area (EEA), specifically in the United States. Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:
- The European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework (where the recipient is certified); or
- Standard Contractual Clauses (SCCs) approved by the European Commission.
You may request a copy of the relevant safeguards by contacting us at info@secmaer.com.
5. Your rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15) — request a copy of the personal data we hold about you.
- Right to rectification (Art. 16) — request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17) — request deletion of your personal data, subject to legal retention obligations.
- Right to restriction of processing (Art. 18) — request that we limit the processing of your data in certain circumstances.
- Right to data portability (Art. 20) — receive your personal data in a structured, commonly used, and machine-readable format.
- Right to object (Art. 21) — object to processing based on legitimate interests.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, please contact us at info@secmaer.com. We will respond within one month of receiving your request, as required by the GDPR. This period may be extended by two further months where necessary, taking into account the complexity and number of requests.
6. Right to lodge a complaint
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgian Data Protection Authority:
Gegevensbeschermingsautoriteit (GBA)
Drukpersstraat 35, 1000 Brussels, Belgium
Phone: +32 2 274 48 00
Email: contact@apd-gba.be
Website: www.dataprotectionauthority.be
7. Obligation to provide personal data
Providing your personal data via our contact form or appointment request is not a statutory or contractual obligation. However, if you choose not to provide the requested information (name, email address), we will be unable to respond to your enquiry or schedule an appointment. Providing personal data for analytics purposes is entirely voluntary and based on your cookie consent.
8. Automated decision-making and profiling
We do not use your personal data for automated decision-making or profiling as defined under Article 22 of the GDPR.
9. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include the use of SSL/TLS encryption on our website.
10. Children’s data
Our website and services are not directed at children. Under the Belgian Data Protection Act of 30 July 2018, the age at which a child may independently consent to the processing of personal data in connection with information society services is 13 years. We do not knowingly collect personal data from children under the age of 13. If you believe we have inadvertently collected such data, please contact us so we can delete it promptly.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically.
12. Contact us
If you have any questions about this Privacy Policy or our data processing practices, please contact us:
SECMAER BV
Diegemstraat 55, 1930 Zaventem, Belgium
Email: info@secmaer.com
Phone: +32 470 45 77 58