Privacy Policy

1. Data Controller

2. Personal Data We Collect

When you use our Service Desk system, we collect and process the following personal data:

Account Information:

• Full name (first and last name)
• Email address
• Username
• Company name (if applicable)
• Phone number (optional)
• User role (customer, support, or administrator)

Support Ticket Data:

• Ticket descriptions and content
• Comments and communications
• File attachments (screenshots, documents, etc.)
• Ticket status, priority, and category
• Timestamps of ticket creation and updates

Technical Data:

• IP address
• Browser type and version
• Login timestamps and session data
• System usage logs

3. Purpose and Lawful Basis of Processing

We process your personal data for the following purposes:

4. Cookies and Session Management

We use cookies and similar technologies to enable the Service Desk to function properly:

Essential Cookies:

• Session Cookie: Maintains your login session and keeps you logged in as you navigate the system.
• Remember Me Cookie: Allows you to stay logged in between visits (if you check "Remember Me").
• Cookie Consent: Stores your cookie preferences.

These essential cookies are necessary for the Service Desk to function and cannot be disabled. For more information, please see our Cookie Policy or manage your preferences on our Cookie Settings page.

5. Data Sharing

We do not sell or rent your personal data to third parties. Your data may be shared only in the following circumstances:

• Within your company: If you belong to a company account, other users in your company can view tickets created by company members.
• With support staff: Our support agents and administrators have access to your tickets and account information to provide assistance.
• Service providers: We may share data with trusted service providers (such as hosting providers) who are contractually bound to protect your data in compliance with GDPR.
• Legal requirements: We may disclose your data if required by law or to protect our rights.

6. Data Retention

We retain your personal data for the following periods:

• Active accounts: As long as your account remains active and for the duration needed to provide support services.
• Closed tickets: Ticket data is retained for a minimum period as required by law and for audit purposes.
• Inactive accounts: Accounts inactive for more than 3 years may be deleted after notification.
• Log data: Security and access logs are retained for up to 12 months.

After these retention periods, your data will be securely deleted or anonymized.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

• Encrypted connections (HTTPS/TLS)
• Password hashing and secure authentication
• Role-based access control
• Regular security updates and patches
• Access logging and monitoring
• Regular security assessments

9. Right to Lodge a Complaint

If you believe that we are not handling your personal data in compliance with GDPR, you have the right to lodge a complaint with your local Data Protection Authority.

In Belgium, this is the Gegevensbeschermingsautoriteit (GBA):
www.gegevensbeschermingsautoriteit.be

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you via email or through the Service Desk. We recommend reviewing this page periodically.

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us: