Legal
Privacy Policy
Last updated: 21 June 2026
This policy explains how MonsieurData handles personal data when you visit monsieurdata.be. It is written to comply with the EU General Data Protection Regulation (GDPR), the Belgian Data Protection Act, and UK GDPR/PECR for visitors in the UK.
1. Who is responsible for your data
The data controller is MonsieurData BV (BV), trading as MonsieurData.
- Address:
- Enterprise number: 1007857714
- VAT: BTW BE 1007.857.714
- Email: info@monsieurdata.be
For any question about this policy or your personal data, email info@monsieurdata.be.
2. What data I collect, why, and on what legal basis
a. Running and securing the website
When you visit, my hosting provider processes technical data (such as your IP address, browser type and the pages requested) in server logs to deliver the site and keep it secure. Legal basis: my legitimate interest (Art. 6(1)(f) GDPR) in operating a secure, functioning website.
b. Cookies and analytics
With your consent, I use analytics cookies to understand how the site is used (which pages are visited, how visitors navigate) so I can improve it. These tools may set cookies and process pseudonymous identifiers and approximate location. Nothing non-essential runs until you opt in via the cookie banner. Legal basis: your consent (Art. 6(1)(a) GDPR and Art. 129 of the Belgian Electronic Communications Act). You can withdraw consent at any time via "Cookie preferences" in the footer. See the Cookie Policy for the full list.
One of these analytics tools, Microsoft Clarity, also provides session replay and heatmaps. With your consent, it records pseudonymised interaction data, such as mouse movement, clicks, scrolls and taps, plus a reconstruction of the pages you view, so I can see where the site is confusing and improve it. Text you read and anything you type into form fields are masked by default, so the recordings do not capture your input. Like all analytics here, Clarity runs only after you opt in and you can withdraw consent at any time. Legal basis: your consent (Art. 6(1)(a) GDPR).
c. Contacting me and booking a call
If you email me or book an intro call via a cal.com link, I process the details you provide (such as your name, email address, company and message, and any scheduling details) to respond and arrange the call. Legal basis: your consent and/or steps taken at your request prior to entering a contract (Art. 6(1)(b) GDPR). Bookings are handled on cal.com's own platform under their privacy terms.
d. Recording your consent choice
When you make a cookie choice, I store a record of it (your choice, a timestamp and the policy version) so I can honour it and demonstrate compliance. Legal basis: compliance with a legal obligation and my legitimate interest in accountability (Art. 6(1)(c) and (f) GDPR).
3. Cookies and similar technologies
The site uses a consent banner (Consent Mode v2) so that non-essential cookies load only after you opt in. Full details, categories and durations are in the Cookie Policy.
4. Who I share data with
I do not sell your personal data. I rely on a small number of trusted service providers (processors) who act on my instructions:
| Provider | Role | Location | Safeguard |
|---|---|---|---|
| Google (Google Tag Manager, Google Analytics) | Tag management and, once enabled, website analytics. | EU / United States | EU-US Data Privacy Framework + Standard Contractual Clauses |
| Microsoft Clarity (Microsoft Corporation) | Product analytics with session replay and heatmaps: records pseudonymised interaction data (clicks, scrolls, mouse movement, page structure) to show how the site is used. Text and form-field contents are masked by default. Runs only after you accept analytics. | EU / United States | EU-US Data Privacy Framework + Standard Contractual Clauses |
| GitHub Pages (GitHub, Inc. / Microsoft) | Website hosting and delivery; processes IP addresses in server logs for security and delivery. | United States | EU-US Data Privacy Framework + Standard Contractual Clauses |
| Cal.com | Scheduling of intro calls when you book via a cal.com link (handled on cal.com's own pages). | United States | Standard Contractual Clauses |
5. International data transfers
Some providers are located in the United States. Where personal data is transferred outside the EEA, it is protected by appropriate safeguards: the EU-US Data Privacy Framework where the provider is certified, and/or the European Commission's Standard Contractual Clauses. You can request a copy of the relevant safeguards via the contact details above.
6. How long I keep data
- Server/security logs: kept only as long as needed for security and diagnostics by the host.
- Analytics data: retained according to the analytics tool's settings (typically up to 14 months for event data; Microsoft Clarity session recordings are kept for a short rolling period, around 30 days).
- Consent records: kept for the duration of your choice and a reasonable period afterwards as proof of consent.
- Emails and booking correspondence: kept as long as needed to handle your request and for any follow-up, then deleted.
7. Your rights
Under the GDPR (and UK GDPR) you have the right to:
- Access the personal data I hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten");
- Restrict or object to processing;
- Data portability;
- Withdraw consent at any time (without affecting prior processing); and
- Lodge a complaint with a supervisory authority.
To exercise any of these, email info@monsieurdata.be. You can also complain to the Belgian Gegevensbeschermingsautoriteit / Autorité de protection des données (GBA/APD), or, if you are in the UK, the Information Commissioner's Office (ICO).
8. Children
This site is aimed at businesses and is not directed at children. I do not knowingly collect data from children under 16.
9. Changes to this policy
I may update this policy as the site or the law changes. The "last updated" date above reflects the current version; material changes that affect cookies will prompt the consent banner again.