Return to Operations Center

Legal Document

GDPR Compliant

Document ID: SA-PRIVACY-001

Last Updated: 9/18/2025

Privacy Policy & GDPR Compliance

Data Protection Guidelines for SecretAgency.be

SecretAgency.be ("we", "our", or "us") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services. By using SecretAgency.be, you consent to the data practices described in this policy.

1.Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete personal data.
  • Right to Erasure: You can request deletion of your personal data ("right to be forgotten").
  • Right to Data Portability: You can request your data in a portable format to transfer to another service.
  • Right to Restrict Processing: You can request limitation of processing in certain circumstances.
  • Right to Object: You can object to processing of your personal data for certain purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at: privacy@secretagency.be

2.Personal Data We Collect

We collect the following types of personal data:

Information You Provide:

  • Name and contact details (email, phone number)
  • Account credentials (username, encrypted password)
  • Booking preferences and special requests
  • Communications with us (emails, messages)
  • Age verification information
  • Payment information (processed by secure third parties)

Information Collected Automatically:

  • IP address and device information
  • Browser type and operating system
  • Pages visited and time spent on site
  • Referral source and exit pages
  • Cookies and similar tracking technologies

3.Lawful Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: For marketing communications, cookies, and optional data collection
  • Contract: To provide services you've requested and process bookings
  • Legal Obligation: To comply with laws, including age verification requirements
  • Legitimate Interests: For security, fraud prevention, and improving our services

4.How We Use Your Data

We use your personal data for:

  • Processing and managing bookings
  • Communicating with you about services
  • Verifying age and identity where required
  • Improving website functionality and user experience
  • Sending marketing communications (with consent)
  • Preventing fraud and ensuring security
  • Complying with legal obligations
  • Analytics to understand website usage patterns

5.Data Retention & Security

Retention Periods:

  • Booking data: 2 years after last activity
  • Account information: Until account deletion request
  • Marketing preferences: Until consent withdrawn
  • Security logs: 6 months
  • Legal compliance data: As required by law

Security Measures:

  • SSL/TLS encryption for all data transmissions
  • Encrypted storage of sensitive information
  • Regular security audits and updates
  • Access controls and authentication
  • Employee training on data protection

6.Third-Party Processing & Disclosure

We may share your data with:

  • Service Providers: Email services (Gmail API), cloud storage (Google Cloud), hosting providers
  • Payment Processors: Secure payment gateways (we never store payment card details)
  • Legal Authorities: When required by law or court order

All third-party processors are vetted for GDPR compliance and bound by data processing agreements.

7.International Data Transfers

Your data may be transferred outside the European Economic Area (EEA). We ensure appropriate safeguards through:

  • Standard Contractual Clauses approved by the EU Commission
  • Adequacy decisions for certain countries
  • Your explicit consent where required

8.Cookies & Tracking Technologies

We use cookies for:

  • Essential website functionality
  • Remembering your preferences
  • Analytics and performance monitoring
  • Security and fraud prevention

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

9.Complaints & Supervisory Authority

If you have concerns about our data processing, you have the right to lodge a complaint with a supervisory authority.

Belgian Data Protection Authority:

Rue de la Presse 35, 1000 Brussels

Email: contact@apd-gba.be

Website: www.dataprotectionauthority.be

We encourage you to contact us first to resolve any concerns.

10.Data Protection Contact

For all data protection inquiries:

Data Protection Officer

SecretAgency.be

Email: privacy@secretagency.be

Response time: 72 hours

When contacting us, please include your name and email address for verification.

11.Policy Updates

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or website notice.

Please review this policy periodically. Continued use of our services after changes indicates acceptance of the updated policy.

This Privacy Policy is effective as of 9/18/2025 and complies with GDPR and applicable data protection laws.

For our terms of service, please see our Terms and Conditions.

Privacy Policy • GDPR Compliant • SecretAgency.be