Legal
Privacy Policy
Last updated: 24 February 2026
1. Data Controller
The data controller responsible for processing your personal data is:
- Company: Swiftly Developed
- Registration number: BE 0778 405 303
- Address: Borsbeeksebrug 34, 2600 Antwerpen, Belgium
- Email: privacy@swiftly-developed.com
Swiftly Developed is established in Belgium and is subject to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Belgian Data Protection Act of 30 July 2018, and the ePrivacy Directive 2002/58/EC as transposed into Belgian law.
2. What Personal Data We Collect
We collect and process the following categories of personal data depending on your interaction with our services:
2.1 Website Visitors
- Technical data: IP address (anonymized where possible), browser type and version, operating system, device type, screen resolution, and referring URL
- Usage data: Pages visited, time and date of visit, time spent on pages, click patterns, and scroll depth (collected via Google Analytics only with your consent)
- Cookie data: Your cookie consent preferences (stored in your browser’s localStorage)
2.2 Newsletter Subscribers
- Contact data: Email address, and optionally your name
- Subscription data: Date and time of subscription, consent record
2.3 Clients and Business Contacts
- Identity data: Name, job title, company name
- Contact data: Email address, phone number, business address
- Financial data: Invoicing details, VAT number, payment information (processed through our payment service provider)
- Communication data: Records of correspondence via email, contact forms, or video calls
2.4 Recruitment Portal Users
- Account data: Email address, password (encrypted), user role
- Session data: Session identifiers stored via HTTP-only cookies (4-hour expiry)
3. Legal Bases for Processing
Under Article 6 of the GDPR, we process your personal data based on the following legal grounds:
3.1 Consent (Art. 6(1)(a) GDPR)
- Setting non-essential cookies (analytics, marketing) on your device
- Sending you our newsletter
- Processing data through third-party embedded content (GoHighLevel forms)
You have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
3.2 Contract Performance (Art. 6(1)(b) GDPR)
- Processing client data necessary to deliver our services
- Managing project communications and deliverables
- Processing payments and invoicing
3.3 Legitimate Interests (Art. 6(1)(f) GDPR)
- Operating and maintaining our website (essential cookies and technical infrastructure)
- Improving our services based on aggregated, anonymized analytics data
- Ensuring network and information security
- Internal administration and record-keeping
3.4 Legal Obligation (Art. 6(1)(c) GDPR)
- Retaining invoicing and financial records as required by Belgian tax and accounting law (minimum 7 years)
- Responding to lawful requests from regulatory authorities
4. How We Use Your Data
We use your personal data for the following purposes:
- To provide and maintain our website and services
- To respond to your enquiries and communications
- To send you our newsletter (only with your explicit consent)
- To analyze website usage and improve our content and services (only with your consent)
- To manage client relationships, projects, and invoicing
- To comply with our legal and regulatory obligations
- To protect our legitimate business interests and enforce our terms
5. Data Sharing and Third-Party Processors
We share your personal data with the following categories of third parties, acting as data processors on our behalf or as independent controllers:
5.1 Data Processors
- Google LLC (United States) — Google Analytics for website analytics. Data processing is governed by Google’s Data Processing Amendment. Google Privacy Policy
- HighLevel Inc. (GoHighLevel) (United States) — Newsletter form hosting and email delivery. GoHighLevel Privacy Policy
- Hosting provider — Our website is hosted on cloud infrastructure within the European Union where technically feasible
5.2 When We May Disclose Data
We may disclose your data:
- When required by law, court order, or regulatory authority
- To protect our rights, privacy, safety, or property
- In connection with a merger, acquisition, or sale of business assets (with prior notice where required)
We do not sell your personal data to any third party.
6. International Data Transfers
Some of our third-party processors are located outside the European Economic Area (EEA), primarily in the United States. When transferring personal data to countries outside the EEA, we ensure adequate protection through:
- EU-U.S. Data Privacy Framework: Where the recipient is certified under the EU-U.S. Data Privacy Framework
- Standard Contractual Clauses (SCCs): As adopted by the European Commission, ensuring contractual safeguards for data transfers
- Adequacy decisions: Where the European Commission has determined that a country provides an adequate level of data protection
You may request a copy of the relevant safeguards by contacting us at privacy@swiftly-developed.com.
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Website analytics data: Retained for 14 months (Google Analytics default), then automatically deleted
- Newsletter subscription data: Retained until you unsubscribe or withdraw consent
- Client and invoicing data: Retained for a minimum of 7 years after the end of the business relationship, as required by Belgian accounting and tax law (Wetboek van Economisch Recht, Art. III.86)
- Communication records: Retained for the duration of the business relationship plus 3 years
- Cookie consent preferences: Stored in your browser until you clear your data or change your preferences
- Session cookies: Expire automatically after 4 hours
When personal data is no longer required, we securely delete or anonymize it.
8. Your Rights Under GDPR
Under the GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15): You have the right to obtain confirmation of whether your personal data is being processed and to receive a copy of that data.
- Right to rectification (Art. 16): You have the right to request correction of inaccurate personal data or completion of incomplete data.
- Right to erasure (Art. 17): You have the right to request deletion of your personal data where there is no compelling reason for its continued processing (“right to be forgotten”).
- Right to restriction of processing (Art. 18): You have the right to request restriction of processing in certain circumstances.
- Right to data portability (Art. 20): You have the right to receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller.
- Right to object (Art. 21): You have the right to object to processing based on legitimate interests. We will cease processing unless we have compelling legitimate grounds.
- Right to withdraw consent (Art. 7): Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
- Right not to be subject to automated decision-making (Art. 22): You have the right not to be subject to decisions based solely on automated processing, including profiling. We do not engage in automated decision-making.
To exercise any of these rights, please contact us at privacy@swiftly-developed.com. We will respond to your request within 30 days, as required by Article 12(3) GDPR.
9. Right to Lodge a Complaint
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données):
- Name: Gegevensbeschermingsautoriteit (GBA)
- Address: Drukpersstraat 35, 1000 Brussels, Belgium
- Phone: +32 (0)2 274 48 00
- Email: contact@apd-gba.be
- Website: www.gegevensbeschermingsautoriteit.be
You may also lodge a complaint with the supervisory authority in the EU Member State of your habitual residence or place of work.
10. Cookies
For detailed information about the cookies we use, the purposes they serve, and how to manage your preferences, please refer to our Cookie Policy.
11. Security Measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include:
- Encryption of data in transit (TLS/HTTPS)
- HTTP-only and Secure flags on session cookies
- SameSite cookie attributes to prevent cross-site request forgery
- Regular security reviews of our infrastructure and codebase
- Access controls limiting data access to authorised personnel
12. Children’s Privacy
Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@swiftly-developed.com and we will take steps to delete such information.
13. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to know: You can request information about the categories and specific pieces of personal data we have collected about you.
- Right to delete: You can request deletion of your personal data, subject to certain exceptions.
- Right to opt-out of sale/sharing: You can opt out of the sale or sharing of your personal information. We do not sell personal data. You can exercise this right via the “Do Not Sell or Share My Personal Information” toggle in our cookie preferences.
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise these rights, contact us at privacy@swiftly-developed.com or use the cookie preferences available on our website.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last updated” date at the top of this page.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
- Email: privacy@swiftly-developed.com
- Company: Swiftly Developed
- Registration number: BE 0778 405 303
- Address: Borsbeeksebrug 34, 2600 Antwerpen, Belgium