Privacy policy

1. Introduction

ActInside ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what personal data we collect when you visit actinside.io or interact with us, why we collect it, how long we keep it, and what rights you have under the EU General Data Protection Regulation (GDPR) and Belgian law. This Privacy Policy applies to our website only. If you become a customer of the ActInside product, additional processing of personal data may take place under a separate Data Processing Agreement.

2. Data Controller

The data controller is: ActInside Ruweschuurstraat 33, 8730 Beernem, Belgium Email: info@actinside.io We have not appointed a Data Protection Officer, as our processing activities do not meet the thresholds under Article 37 GDPR. For any privacy questions, contact us at info@actinside.io.

3. What personal data we collect and why
3.1 When you contact us

If you submit our contact form or send us an email, we collect the personal data you provide — typically your name, business email, company, role, and the content of your message. We use this data to respond to your inquiry and, where relevant, to follow up about our services. Legal basis: legitimate interest (Art. 6(1)(f) GDPR) in responding to business inquiries, and pre-contractual measures (Art. 6(1)(b)) where applicable. Retention: up to 24 months after our last interaction, unless a commercial relationship is established.

3.2 When you book a meeting with us

If you book a call with us via Calendly (e.g. by clicking "Book a call" on our website), Calendly collects your name, email address, scheduled meeting time, and any additional information you choose to provide. We use this data to organize and follow up on the meeting. When you click the booking link, you are redirected to Calendly's own service, which is operated by Calendly LLC. Calendly processes your data as our processor for the purpose of scheduling the meeting, and as a controller for its own service operation. We receive the booking details via Calendly's notification system. Legal basis: legitimate interest (Art. 6(1)(f) GDPR) and pre-contractual measures (Art. 6(1)(b) GDPR) in responding to business inquiries. Retention: up to 24 months after the meeting, unless a commercial relationship is established.

3.3 When you visit our website

We use Google Analytics 4 to understand how visitors use our site — which pages are viewed, how visitors arrive, and basic device and browser information. Google Analytics only loads after you give consent through our cookie banner. Legal basis: consent (Art. 6(1)(a) GDPR). Retention: up to 14 months. See our Cookie Policy for the full list of cookies and how to manage them.

3.4 Technical operation

Our hosting provider (Framer) processes basic technical data — including IP address, browser type, and request logs — to deliver the site and protect it against abuse. Legal basis: legitimate interest (Art. 6(1)(f) GDPR) in operating a secure and available website. Retention: typically up to 12 months in server logs.

4. Who has access to your personal data

We share personal data only with service providers acting on our behalf as processors: - Framer B.V. (the Netherlands) — website hosting - Google Ireland Limited — analytics, only with your consent - Calendly LLC (United States) — meeting scheduling, when you book a call with us We do not sell your personal data and do not share it for third-party advertising. We may disclose personal data where required by law, court order, or a request from a competent authority.

5. International transfers

Some of our processors (notably Google and Calendly) may transfer personal data outside the European Economic Area, including to the United States. Such transfers are protected by: - the EU-U.S. Data Privacy Framework (where the processor is certified); and/or - Standard Contractual Clauses approved by the European Commission, supplemented by appropriate technical and organizational measures. You can request more information about the safeguards in place by contacting info@actinside.io.

6. Your rights under the GDPR

You have the right to:
- Access the personal data we hold about you - Rectification of inaccurate or incomplete data
- Erasure ("right to be forgotten")
- Restriction of processing
- Object to processing based on legitimate interests
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time, without affecting the lawfulness of prior processing
- Lodge a complaint with a supervisory authority
The lead supervisory authority for ActInside is the Belgian Data Protection Authority: Gegevensbeschermingsautoriteit (GBA / APD) Drukpersstraat 35, 1000 Brussels, Belgium contact@apd-gba.be www.gegevensbeschermingsautoriteit.be To exercise any of these rights, contact us at info@actinside.io. We respond within one month. For complex requests we may extend this by a further two months, in which case we will inform you.

7. Security

We apply reasonable technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure. These include encryption in transit (HTTPS), access controls on our internal tools, written processor agreements with all third parties handling personal data, and regular review of our practices. If we become aware of a personal data breach affecting your personal data, we will notify the Belgian Data Protection Authority within 72 hours of becoming aware of it, as required under Article 33 GDPR. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly, in accordance with Article 34 GDPR.

8. Automated decision-making

We do not subject visitors to this website to automated decision-making producing legal or similarly significant effects on them within the meaning of Article 22 GDPR. Note on our product: if you become a customer of ActInside's AI-powered business intelligence platform, the platform may produce automated insights, recommendations, and prioritizations based on data you connect to it. The terms governing that processing are set out in your customer agreement and Data Processing Agreement, not in this Privacy Policy.

9. Children

This website is intended for business users. We do not knowingly collect personal data from individuals under 16. If you believe a child has provided personal data to us, please contact info@actinside.io and we will delete it.

10. Changes to this Privacy Policy

We may update this Privacy Policy when our services, tools, or legal obligations change. The "Last updated" date at the top reflects the current version. Material changes will be highlighted on this page.

11. Contact

For any questions about this Privacy Policy or how we handle your personal data: ActInside, Ruweschuurstraat 33, 8730 Beernem, Belgium info@actinside.io