Privacy policy

Last updated: 13/04/2026

1. Data controller

Sekalis

Address: [Registered office address to be completed]
Email: contact@sekalis.be
Phone: [Phone number to be completed]
Company number: [BCE number to be completed upon registration]

Sekalis, as the data controller, is committed to protecting the privacy of its platform users, in accordance with the General Data Protection Regulation (GDPR - EU Regulation 2016/679) and the Belgian Act of 30 July 2018 on the protection of natural persons with regard to the processing of personal data.

Data Protection Officer (DPO)

For any questions regarding the protection of your personal data, you can contact our DPO at: privacy@sekalis.be

2. Personal data collected

Registration data

  • First and last name
  • Email address
  • Password (stored in encrypted form)

Billing data

  • Payment information (processed exclusively by Stripe, never stored on our servers)
  • Subscription and invoice history

Service-related data

  • Content of generated websites (text, images, configurations)
  • Professional email accounts (address, configuration)
  • Registered domains (DNS configuration)
  • Data from contact forms received through generated websites

Technical data

  • IP address
  • Browsing data (pages visited, session duration)
  • Browser type and operating system
  • Activity logs (actions performed on the platform)

3. Purpose of processing

Your personal data is processed for the following purposes:

  • Contract performance: creation and management of your account, provision of subscribed services (website, email, security)
  • Billing: management of subscriptions, payments and invoices via Stripe
  • Communication: sending service-related notifications (security alerts, confirmations, DNS reminders)
  • Service improvement: usage analysis to improve the platform
  • Security: fraud detection and prevention, security audits
  • Legal obligation: retention of billing data in accordance with Belgian legislation

4. Legal basis for processing

The processing of your data is based on the following legal grounds:

  • Contract performance (Article 6.1.b GDPR): data necessary for the provision of our services
  • Consent (Article 6.1.a GDPR): for non-essential cookies and marketing communications (where applicable)
  • Legitimate interest (Article 6.1.f GDPR): for improving our services and platform security
  • Legal obligation (Article 6.1.c GDPR): for the retention of billing data

5. Data retention period

  • Account data: retained for the duration of your subscription, then deleted within 30 days after account closure, unless a legal obligation requires otherwise
  • Billing data: retained for 7 years in accordance with Belgian accounting obligations
  • Generated websites: deleted within 30 days after subscription termination
  • Activity logs: retained for 12 months
  • Contact data: retained for 3 years after the last contact

6. Your rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: obtain confirmation that your data is being processed and receive a copy
  • Right to rectification: have your inaccurate or incomplete data corrected
  • Right to erasure: request the deletion of your data under the conditions provided by the GDPR
  • Right to restriction: request the restriction of the processing of your data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to the processing of your data for reasons relating to your particular situation
  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing

To exercise these rights, contact us at privacy@sekalis.be. We will respond within 30 days.

If you believe that the processing of your data constitutes a violation of the GDPR, you have the right to lodge a complaint with the Data Protection Authority (DPA):

Data Protection Authority

Rue de la Presse, 35
1000 Brussels, Belgium
www.autoriteprotectiondonnees.be
Email: contact@apd-gba.be

7. Cookies

Sekalis uses cookies to ensure the proper functioning of the platform.

Essential cookies (mandatory)

  • Session cookie: maintaining your authenticated connection (duration: session)
  • CSRF cookie: protection against cross-site request forgery attacks (duration: session)
  • Consent cookie: remembering your cookie preferences (duration: 12 months)

Third-party cookies

  • Stripe: cookies necessary for secure payment processing

You can manage your cookie preferences through your browser settings. Disabling essential cookies may prevent the platform from functioning normally.

8. Sub-processors and data transfers

We use the following sub-processors to deliver our services:

Stripe (payments)

  • Company: Stripe Payments Europe, Ltd. (Dublin, Ireland)
  • Purpose: payment processing and subscription management
  • Data: payment information, email, name
  • Location: European Union
  • Policy: stripe.com/privacy

OVH (hosting, email, domains)

  • Company: OVH SAS (Roubaix, France)
  • Purpose: web hosting, provisioning of Exchange email accounts, domain registration
  • Data: website content, email accounts, SIP login data
  • Location: European Union (France)
  • Policy: ovhcloud.com/fr/personal-data-protection

Anthropic (artificial intelligence)

  • Company: Anthropic, PBC (San Francisco, United States)
  • Purpose: generation of textual content and logos for websites
  • Data: business descriptions and industry information provided during website creation (no personally identifiable data is transmitted)
  • Location: United States (transfer governed by European Commission standard contractual clauses)
  • Policy: anthropic.com/privacy

Pexels (images)

  • Company: Pexels (Canva Pty Ltd)
  • Purpose: providing royalty-free photos for generated websites
  • Data: no personal data transmitted (image search queries only)
  • Policy: pexels.com/privacy-policy

Brevo (email campaigns)

  • Company: Brevo (formerly Sendinblue), Sendinblue SAS, Paris, France
  • Purpose: sending email campaigns and newsletters to our users' contacts
  • Data: email address, first name and last name of newsletter contacts
  • Location: European Union (France)
  • Policy: brevo.com/legal/privacypolicy

9. Data security

Sekalis implements appropriate technical and organisational measures to protect your personal data against unauthorised access, modification, disclosure or destruction:

  • Password encryption (bcrypt hashing)
  • Encryption of sensitive data in the database (email and SIP passwords)
  • HTTPS connections (TLS)
  • CSRF protection on all forms
  • HTTP security headers (Content-Security-Policy, X-Frame-Options, etc.)
  • Request rate limiting
  • Mandatory email verification

10. Changes to this policy

Sekalis reserves the right to modify this privacy policy at any time. In the event of a substantial change, users will be notified by email or via a notification on the platform. The date of the last update is indicated at the top of this page.

By continuing to use the platform after changes are published, you accept the updated privacy policy.

Questions about your personal data?

Our DPO is at your disposal to answer all your questions.

privacy@sekalis.be