Underside

GDPR Policy

Version in force as of March 10, 2026 for the site ai.underside.be.

1. Data controller

Underside — 5 Avenue Georges Lemaitre, 6041 Charleroi, Belgium.
VAT: BE0471.729.212
Privacy contact: info@underside.be

2. Data collected

  • Data voluntarily submitted through forms or email: name, company, email, message.
  • Minimal technical browsing data: visited pages, date/time, user agent, and truncated or pseudonymized IP address depending on configured analytics tools.
  • The site does not perform automated decision-making that produces legal effects on visitors.

3. Purposes and legal bases

  • Respond to contact and diagnostic requests (performance of pre-contractual measures).
  • Ensure the site's security, integrity, and proper functioning (legitimate interest).
  • Measure audience proportionately and guide editorial improvements (legitimate interest, or consent where required by your cookie setup).

4. Recipients and processors

Data may be processed by technical providers (hosting, emailing, analytics, CRM), only under a GDPR-compliant data processing agreement. Access is limited to strict operational need.

5. Retention periods

  • Contact requests: up to 24 months after the last active exchange.
  • Technical log data: a short retention period proportional to security and operations requirements.
  • Data required for legal obligations: retention period imposed by applicable regulation.

6. Your rights

You have rights of access, rectification, erasure, restriction, objection, and portability (under GDPR conditions). Vous pouvez exercer ces droits via info@underside.be. You may also lodge a complaint with the competent supervisory authority.

7. Cookies and trackers

If non-essential cookies are used (analytics, marketing, preferences), explicit consent must be requested before placement. Strictly necessary cookies for site operation may be placed without prior consent.

8. Security and international transfers

  • Appropriate technical and organizational measures: access control, encryption in transit, logging, and backups.
  • Any transfer outside the EEA is framed by appropriate safeguards (standard contractual clauses, adequacy decision, or equivalent mechanism).