Politique de confidentialité | For Ever Digital Solutions BV

1. Responsable du traitement

For Ever Digital Solutions BV
Ijzerlei 19, 3970 Leopoldsburg
TVA BE0668638222
Company number: 0668.638.222
E-mail: [email protected]
Website: www.foreverdigital.be

For Ever Digital Solutions BV is the data controller for all personal data processed in the context of its services. For questions about this policy, please contact us at the e-mail address above.

2. Scope

This privacy policy applies to all personal data that For Ever Digital Solutions BV processes from:

Clients and prospects (companies and their contact persons)
Visitors to our website www.foreverdigital.be
Persons who contact us via e-mail or the contact form
Suppliers and partners

Since For Ever Digital Solutions BV exclusively provides B2B services, we mostly process data of contact persons at companies, not consumers.

3. Quelles données personnelles traitons-nous ?

We only process data that is necessary for the stated purposes.

Category	Data	Purpose	Legal basis
Identification data	Name, first name, job title, company name	Client management, quotes, correspondence	Performance of contract
Contact data	E-mail address, phone number, postal address	Communication, support, invoicing	Performance of contract
Financial data	Invoice address, VAT number, bank account number	Invoicing, accounting	Legal obligation
Technical data	IP address, browser type, server logs, error messages	Security, fault diagnosis, fraud prevention	Legitimate interest
Communication data	E-mail messages, support tickets	Service delivery, quality monitoring, dispute handling	Performance of contract
Contractual data	Subscribed services, configuration data, SLA agreements	Contract management, service delivery	Performance of contract
Analytical data	Page visits, click behaviour (anonymised)	Website optimisation	Consent

We do not process special categories of personal data (such as health data, political opinions or criminal records).

4. Bases légales du traitement

Every processing activity is based on at least one of the following legal bases under the GDPR:

Performance of a contract (Art. 6.1.b GDPR): processing is necessary for the delivery of our hosting, server and development services.
Legal obligation (Art. 6.1.c GDPR): retention of invoice data and accounting records for 7 years under Belgian accounting law.
Legitimate interest (Art. 6.1.f GDPR): technical security and fraud prevention. Processing is limited to what is strictly necessary.
Consent (Art. 6.1.a GDPR): for analytical cookies and marketing communications. You may withdraw consent at any time.

5. Durées de conservation

We do not retain personal data longer than necessary for the purposes for which it was collected.

Category	Retention period	Basis
Client and contract data	Duration of contract + 5 years	Potential disputes (limitation period)
Invoices and accounting records	7 years	Legal accounting obligation
Technical logs	Maximum 90 days	Security and fault diagnosis
E-mail correspondence	5 years after last contact	Evidence, dispute handling
Support tickets	3 years after closure	Quality monitoring, warranty
Analytical website data	Maximum 14 months	Website optimisation
Prospect data (no contract)	2 years after last contact	Legitimate interest

After the retention period expires, data is securely deleted or anonymised.

6. Finalités du traitement

We process personal data exclusively for the following purposes:

Performance of contract: delivering, configuring, monitoring and supporting our services.
Invoicing and accounting: issuing invoices, following up on payments and meeting tax obligations.
Technical security: detecting and preventing unauthorised access and security incidents.
Support and communication: answering questions and resolving technical issues.
Website analysis: measuring the use of our website to improve it (only after consent).
Marketing communications: sending relevant information about our services to existing clients or opted-in prospects (only after consent).
Legal obligations: retaining accounting records and providing information to competent authorities when legally required.

We do not use personal data for automated decision-making or profiling with legal consequences for the data subject.

7. Cas clients et mentions publiques

We do not publicly mention clients by name without prior written consent. Client cases on our website are fully anonymised and contain no company names, personal names or other data that could directly or indirectly identify a client.

If you consent to a name mention (reference or testimonial), you may withdraw this consent at any time. After withdrawal, we will remove the mention within 14 days.

8. Transfert à des tiers

We do not share your personal data with third parties, except in the following cases:

Infrastructure partners (processors): EU-based hosting partners for storage and processing of data, exclusively within the European Economic Area. An up-to-date list of processors is available on request at [email protected].
Accounting software: an EU-based provider processes invoice data for our administration.
E-mail services: we use EU-compliant e-mail infrastructure for transactional communication and support tickets.
Competent authorities: when legally required, we may provide data to judicial or administrative authorities.

We conclude a data processing agreement with all processors in accordance with Art. 28 GDPR. No transfer of personal data outside the European Economic Area takes place. We never sell your personal data to third parties.

9. Vos droits en tant que personne concernée

Under the GDPR you have the following rights. We handle every request within 30 days. For complex requests this period may be extended by up to 2 months, of which we will notify you in advance.

Right of access (Art. 15 GDPR): you may request which personal data we process about you, for what purposes and how long we retain it.
Right to rectification (Art. 16 GDPR): you may request correction of inaccurate or incomplete data.
Right to erasure (Art. 17 GDPR): you may request deletion of your data, unless a legal retention obligation or other legitimate interest applies.
Right to restriction of processing (Art. 18 GDPR): you may request temporarily limiting processing, for example while an objection is being investigated.
Right to object (Art. 21 GDPR): you may object to processing based on legitimate interest or for direct marketing purposes.
Right to data portability (Art. 20 GDPR): for processing based on consent or contract, you may request a copy of your data in a machine-readable format.
Right to withdraw consent (Art. 7.3 GDPR): for processing based on consent, you may withdraw it at any time.

Send your request to [email protected]. State your name, e-mail address and the right you wish to exercise. We may verify your identity before handling your request.

10. Cookies et suivi

Our website uses cookies. A cookie is a small text file stored on your device when you first visit.

Type	Name / provider	Purpose	Retention	Consent required
Functional	cookie_consent (own)	Storing your cookie preference	1 year	No (strictly necessary)
Functional	Session cookie (own)	Navigation, form security	Session	No (strictly necessary)
Analytical	Google Analytics (_ga, _gid)	Measuring website usage (anonymised)	13 months / 24 hrs	Yes

Analytical cookies are only loaded after you give consent via the cookie banner. If you decline, Google Analytics is not loaded. You may change your choice at any time via the "Cookies" button at the bottom of the page.

Google Analytics is configured with IP anonymisation. We do not share data with advertising networks and do not use data for remarketing.

11. Décision automatisée

For Ever Digital Solutions BV does not use fully automated decision-making or profiling with legal consequences for data subjects (Art. 22 GDPR). All decisions that materially affect your rights or interests are made by a staff member.

12. Sécurité des données personnelles

For Ever Digital Solutions BV takes appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access or alteration:

Encryption in transit: all communication uses TLS 1.3
Encryption at rest: stored data is encrypted with AES-256
Access control: personal data is only accessible to staff who need it for their role (need-to-know principle)
Strong authentication: two-factor authentication for access to internal systems
Regular backups: daily backups with controlled recovery procedures
Security audits: periodic review of systems and access rights
Incident response: a documented procedure for handling data breaches, including notification to the supervisory authority within 72 hours where required

13. Violations de données

For Ever Digital Solutions BV has an internal policy for detecting and handling data breaches. In the event of a breach that poses a risk to your rights and freedoms:

We will notify the Data Protection Authority (GBA) within 72 hours of discovery (Art. 33 GDPR)
We will inform affected persons without undue delay if the breach poses a high risk to their rights and freedoms (Art. 34 GDPR)

If you suspect a security incident or data breach related to our services, please report it immediately at [email protected].

14. Complaints

Do you have a question or complaint about the way For Ever Digital Solutions BV processes your personal data? Please first contact us at [email protected]. We will handle your complaint as quickly as possible.

If you are not satisfied with our response, you have the right to lodge a complaint with the competent supervisory authority:

Data Protection Authority (GBA)
Drukpersstraat 35, 1000 Brussels
Tel.: +32 2 274 48 00
E-mail: [email protected]
Website: www.gegevensbeschermingsautoriteit.be

15. Modifications de la présente politique

For Ever Digital Solutions BV reserves the right to update this privacy policy at any time, for example in response to changes in legislation or our services. The most recent version is always available on our website.

For substantial changes that materially affect your rights, we will send you an e-mail summary of the changes at least 14 days before they take effect.