Privacy Policy
Last updated: February 24, 2026
1. Data controller
The data controller for personal data collected through the website dad.pinc.be is:
Pinc Consulting SRL Av. Louise 65/11 1050 Brussels, Belgium Company number (BCE/KBO): 0742.706.135 Email: dad@pinc.be
2. Data we collect
2.1 Data collected automatically (website visitors)
When you visit our website, we automatically collect:
- IP address (anonymized)
- Browser type and version
- Operating system
- Pages visited and duration of the visit
- Referring website
This data is collected through cookies and analytics tools in order to improve our website and services.
2.2 Data provided voluntarily
When you use our services, we may collect:
- Email address: when creating an account or ordering a service
- First and last name: when creating an account
- Billing information: company name, address, VAT number, for payment processing
- Website URLs: the addresses of websites you submit for an accessibility audit
2.3 Data collected via Paddle (payments)
When you purchase a paid service, the payment is processed by Paddle.com Market Limited, acting as Merchant of Record. In this context, Paddle collects and processes:
- Payment information (credit card, PayPal, or other payment method)
- Billing address
- Email address
- Country and tax information (for VAT calculation)
We do not have access to your full payment details (for example, your credit card number). Paddle only provides us with the information necessary to deliver our services: your name, email address, country, and order details.
The processing of your payment data by Paddle is governed by Paddle’s privacy policy.
2.4 Audit data published in the directory
The DAD directory contains the results of accessibility audits of publicly accessible websites. This data includes:
- The URL of the audited website
- The accessibility score
- A summary of detected violations
- The date of the last audit
This information is derived from the technical analysis of publicly accessible websites and does not constitute personal data within the meaning of the GDPR.
3. Purposes of processing
We process your data for the following purposes:
| Purpose | Legal basis (GDPR) |
|---|---|
| Provision of our services (audits, statements, reports) | Performance of a contract (Art. 6(1)(b)) |
| Management of your user account | Performance of a contract (Art. 6(1)(b)) |
| Processing of orders and billing via Paddle | Performance of a contract (Art. 6(1)(b)) |
| Retention of billing data | Legal obligation (Art. 6(1)(c)) |
| Improvement of our website and services | Legitimate interest (Art. 6(1)(f)) |
| Sending service-related communications | Legitimate interest (Art. 6(1)(f)) |
| Sending marketing communications (only with your consent) | Consent (Art. 6(1)(a)) |
| Publication of audit results in the public directory | Legitimate interest (Art. 6(1)(f)) |
4. Data sharing
We never sell your personal data. We may share your data with:
- Paddle.com Market Limited (Merchant of Record): for payment processing, billing, and tax collection. Paddle acts as an independent data controller for payment data. See Paddle’s privacy policy.
- Service providers: hosting, analytics tools, to the extent necessary for the provision of our services
- Public authorities: where required by law
- Public directory: audit results (URLs, scores, violations) are published in the DAD directory, which is publicly accessible
All our service providers are based in the European Union or provide an adequate level of protection in accordance with the GDPR.
5. Data retention
| Type of data | Retention period |
|---|---|
| Account data | Duration of the account + 12 months after deletion |
| Billing data | 7 years (Belgian legal requirement) |
| Payment data (held by Paddle) | In accordance with Paddle’s retention policy |
| Audit data in the directory | Retained indefinitely in the public directory |
| Browsing data (cookies) | Maximum 13 months |
| Marketing communications | Until withdrawal of consent |
6. Cookies
Our website uses cookies for the following purposes:
| Type of cookie | Purpose | Duration |
|---|---|---|
| Strictly necessary cookies | Website operation, authentication, language preferences | Session or 12 months maximum |
| Analytical cookies | Audience measurement and website improvement | 13 months maximum |
| Marketing cookies | Only with your explicit consent | 13 months maximum |
You can manage your cookie preferences at any time through the cookie banner or your browser settings. Refusing analytical and marketing cookies does not affect the functioning of the website.
7. International data transfers
Your data is primarily hosted within the European Union. Paddle, as Merchant of Record based in the United Kingdom, may process certain data in the United Kingdom, a country that benefits from an adequacy decision by the European Commission.
If transfers to other countries are necessary, they are safeguarded by appropriate measures in accordance with the GDPR (standard contractual clauses, adequacy decisions).
8. Your rights
Under the GDPR, you have the following rights:
- Right of access: obtain a copy of the personal data we hold about you
- Right to rectification: correct inaccurate or incomplete data
- Right to erasure: request the deletion of your personal data
- Right to restriction: request the restriction of the processing of your data
- Right to data portability: receive your data in a structured, machine-readable format
- Right to object: object to processing based on legitimate interest
- Right to withdraw consent: withdraw your consent at any time, without affecting the lawfulness of prior processing
To exercise these rights regarding the data we hold, contact us at: dad@pinc.be
To exercise your rights regarding payment data held by Paddle, please refer to Paddle’s privacy policy or contact Paddle directly.
We will respond to your request within 30 days.
9. Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit (HTTPS/TLS)
- Encryption of data at rest
- Strict access controls
- Hosting within the European Union
10. About the public directory
The DAD directory publishes accessibility audit results for publicly accessible websites. This publication is based on our legitimate interest in promoting transparency and improving digital accessibility.
If you are the owner of a website listed in the directory and wish to:
- Update your score: run a free scan at any time
- Claim your listing: contact us to add information
- Report an inaccuracy: contact us at dad@pinc.be
11. Complaints
If you believe that the processing of your data does not comply with the GDPR, you may file a complaint with the Belgian Data Protection Authority:
Belgian Data Protection Authority (DPA) Rue de la Presse / Drukpersstraat 35 1000 Brussels, Belgium https://www.dataprotectionauthority.be contact@apd-gba.be
12. Changes
We reserve the right to modify this privacy policy at any time. The date of the last update is indicated at the top of this page. In the event of a substantial change, we will notify you by email or through a visible notice on our website.