Code Agency

Privacy policy

How we handle the personal data you share with us, and the rights you have over it.

This policy explains what personal data Code Agency collects through this website, why we collect it, how long we keep it, and the rights you have. We keep data collection to the minimum needed to answer your questions and run the site.

Who we are

Code Agency is the controller responsible for your personal data. You can reach us at:

Code Agency
Officenter Business Center, Europalaan 11, 3900 Pelt, Belgium
VAT BE 0538.737.307
privacy@codeagency.be · +32 11 917 912

What we collect and why

We collect personal data in three situations, and never more than we need.

When you contact us or open a helpdesk request

Our contact and helpdesk forms ask for your name, e-mail address, and message, and optionally your phone number, company, address, and one or more file attachments. We use this information only to understand and handle your request — to answer a question, prepare a quote, or resolve a support issue.

Submissions are stored in our own Odoo business system, which runs on our own infrastructure, as a CRM lead (contact form) or a helpdesk ticket (helpdesk form). Any file you attach is processed in memory to forward it to that system and is never written to disk on the web server.

When you consent to analytics

We would like to understand, in aggregate, how the site is used so we can improve it. To do that we use PostHog, a product-analytics tool that we run ourselves on our own infrastructure in the EU — analytics data is not sent to any third party. Analytics only load after you give explicit consent through our cookie banner (the “measurement” category). If you do not consent, no analytics scripts run and no analytics cookies are set at all. Your consent choice is stored locally in your browser so we can remember it; you can change it at any time.

When your browser reaches our servers

Like almost every website, our servers keep short-lived technical logs (for example your IP address, the pages requested, and your browser type) as requests come in. We use these only to keep the site secure, available, and working correctly.

Legal bases

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

  • Contact and helpdesk forms — taking steps at your request prior to entering into a contract, and our legitimate interest in responding to enquiries (Article 6(1)(b) and 6(1)(f)).
  • Analytics — your consent, which you can withdraw at any time (Article 6(1)(a)).
  • Server and security logs — our legitimate interest in keeping the site secure and reliable (Article 6(1)(f)).

How long we keep it

We keep the data from leads and helpdesk tickets for as long as we need it to handle your request and to maintain our business relationship with you, after which we delete or anonymise it. Where a request turns into a project or contract, related records may be kept longer to meet our legal and accounting obligations. Technical server logs are short-lived and rotated regularly.

Who we share it with

We do not sell your personal data and we do not use it for third-party advertising. We share it only with the service providers needed to run the site:

  • Bunny.net— content delivery network that serves the site’s static assets (images, scripts, styles), acting as our processor.
  • Newsletter — if you subscribe, we store your e-mail address in our own ERP to send you the newsletter. Legal basis: your explicit consent (the opt-in checkbox). Every mail contains a one-click unsubscribe link, and unsubscribing removes you from the list immediately.
  • YouTube — embedded videos on our videos pages, in privacy-enhanced mode (youtube-nocookie.com): nothing is stored until you press play.
  • Cal.com — scheduling, only if you book a meeting through our booking page: the details you enter there (name, e-mail, chosen slot) are processed by Cal.com to confirm the appointment, acting as our processor. The booking calendar loads from Cal.com only after you choose a meeting type.

Our Odoo system and our analytics run on infrastructure we operate ourselves in EU data centres — the data in your leads, tickets and analytics is never handed to a third-party service. Where data-centre and infrastructure suppliers are involved, they act only under our instructions and have no access to your data for their own purposes.

International transfers

Analytics data stays within the EU, on infrastructure we operate ourselves. Our own infrastructure runs in both the EU and the US; where personal data is processed in a US region, we rely on appropriate safeguards for that transfer. We are happy to provide more detail on request.

Your rights

You have the right to access the personal data we hold about you, and to have it corrected or erased. You can also ask us to restrict or object to certain processing, request a copy of your data in a portable format, and withdraw any consent you have given (which does not affect processing carried out before you withdrew it). To exercise any of these rights, contact us at privacy@codeagency.be.

Complaints

If you believe we have mishandled your personal data, we would like the chance to put it right, so please contact us first. You also have the right to lodge a complaint with the Belgian supervisory authority, the Data Protection Authority (Gegevensbeschermingsautoriteit), gegevensbeschermingsautoriteit.be.

How to reach us

For any question about this policy or your personal data, email privacy@codeagency.be or call +32 11 917 912.


Last updated: 3 July 2026.