Privacy Policy


1. General

Last updated: 5 May 2026

This Privacy Policy describes how Chapps NV, with its registered office at 1600 Sint-Pieters-Leeuw, Hoogstraat 152B and its operating office at 1000 Brussels, Picardstraat 7 box 100, company number BE0599.297.776 (“Chapps”, “we”, “us”), processes personal data in the context of its activities as a B2B SaaS provider.

We process personal data in two capacities:

We place great importance on the protection of personal data and process such data exclusively in accordance with the European General Data Protection Regulation (GDPR).


2. Who does this data policy apply to?

This policy applies to:

This policy does not apply to legal entities, but only to natural persons.


3. Our role: data controller vs. data processor

3.1 When Chapps acts as a data controller

We process personal data in our own name and for our own purposes, including:

3.2 When Chapps acts as a data processor

When our customers enter personal data into our SaaS applications (such as inspection platforms), we process this data solely on behalf of, and in accordance with the instructions of, the customer. In such cases:

We never process this data for our own purposes.


4. What personal data do we process?

Depending on the point of contact, the services involved, and our role, we may process the following categories of personal data:

4.1 Data from website visitors

4.2 Data from leads, customers, and partners

4.3 Data from users of our SaaS applications

4.4 Data entered by customers into our applications

This may include, among others:

In this context, we act solely as a data processor.


5. Purposes and legal bases for processing

We process personal data on the following legal bases:

5.1 Performance of a contract

5.2 Legitimate interest

5.3 Consent

5.4 Legal obligation


6. Disclosure to third parties

We only share personal data with parties that need such data to deliver our services, including:

We enter into data processing agreements with all of these parties.

We transfer personal data outside the EEA only when strictly necessary and with the application of legally appropriate safeguards (such as Standard Contractual Clauses).

A complete list of sub-processors is available upon request.


7. Security measures

We implement appropriate technical and organisational measures to protect personal data, including:


8. Retention periods

We do not retain personal data longer than necessary.

Examples:


9. Rights of data subjects

Data subjects have the following rights:

When Chapps acts as a data processor, requests must be submitted directly to the data controller (the customer). Chapps will assist the customer in handling such requests.

Requests can be submitted via:
privacy@chapps.com


10. Cookies

Our website uses cookies for:

A detailed description is provided in our cookie policy.


11. Data breaches

Chapps maintains an internal data breach protocol.
In the event of an incident:

  1. we record the incident;
  2. we assess the impact and associated risks;
  3. we inform the customer if we are acting as a data processor;
  4. we notify the Data Protection Authority when legally required.

12. Supervisory authority

Data Protection Authority (GBA Belgium)
Drukpersstraat 35
1000 Brussels
Belgium, EU

Telephone: +32 (0)2 274 48 00
Email: contact@apd-gba.be


13. Changes to this privacy policy

We may amend this privacy policy from time to time.
The date noted under Section 1 – General (“Last updated”) indicates when the document was most recently revised.


14. Contact details

Chapps NV

Registered office:
Hoogstraat 152B
1600 Sint-Pieters-Leeuw
Belgium, EU

Operational office:
Spaces Gare Maritime
Picardstraat 7 box 100
1000 Brussels
Belgium, EU

Email:
privacy@chapps.com