Legal

Privacy Policy

Which personal data PimLayer collects, why we do so, how we protect it and which rights you have under the GDPR.

Last updated: 13 November 2025

PimLayer BV (“PimLayer”, “we”, “us”) attaches great importance to the protection of your personal data. In this Privacy Policy we explain which data we collect, why we do so, how we handle it and which rights you have under the GDPR and Belgian privacy legislation.

By using our website or becoming a customer of PimLayer, you agree to this Privacy Policy.

1. Who is responsible for the processing?

PimLayer BV, Emiel Clauslaan 21a, 9800 Deinze, Belgium. VAT BE 0793.569.173. info@pimlayer.be, +32 (0)9 391 87 52.

PimLayer is the controller responsible for the processing of your personal data.

2. Which personal data do we process?

We process only data that is necessary for our services.

2.1. Data you provide yourself

First and last name, company name, email address, phone number, address details, and information you enter through forms (demo requests, contact, support).

2.2. Automatically collected data

When you visit our website: IP address, browser and device data, session data, pages visited and cookie data (see our Cookie Policy).

2.3. Data we process as a PimLayer customer

When you use our PIM platform we may process: user accounts, login and security logs, product data processed within the system, contact details of employees who have access, and API requests and technical logs. This data is never used for any purpose other than providing our services.

3. Why do we process personal data?

3.1. To be able to deliver our services

Creating and managing user accounts, providing support and technical assistance, invoicing and administrative processing, and improving and securing the platform.

3.2. For communication

Sending service emails, answering questions or support requests, and customer communication and onboarding.

3.3. Marketing and commercial purposes

Only with consent where required: newsletters, campaigns, and website analytics and optimisation.

Tax and accounting obligations, and compliance with the GDPR guidelines.

Under the GDPR we process data on the basis of: the performance of a contract (if you are a customer or request a demo), a legal obligation, a legitimate interest (for example security or analysis of website usage), and your consent (for example newsletters and marketing cookies).

5. With whom do we share personal data?

We share your data only with trusted parties that are necessary for our operations.

5.1. Internal employees

Only employees who need your data are granted access.

5.2. External service providers

For example hosting providers, CRM and support tools, invoicing partners, and analytics and marketing tools (subject to consent). We conclude a data processing agreement (DPA) with all processors.

Only if legally required. We never sell or trade personal data to third parties.

6. Retention periods

We do not retain personal data longer than necessary: user accounts for as long as the collaboration lasts, invoicing data for 7 years (legal obligation), marketing data until you unsubscribe, website logs for a maximum of 12 months, and contract data up to 5 years after the end of the collaboration.

7. How do we secure your data?

PimLayer takes technical and organisational measures to protect personal data, including: encryption of data, secure connections (HTTPS, SSL), firewalls and intrusion detection, role-based access control, regular back-ups, logging and monitoring, and strict internal privacy procedures.

8. Your rights under the GDPR

You have the right to: request access to your personal data, request correction of inaccurate data, request erasure (“right to be forgotten”), object to processing, request restriction of processing, request data transfer (data portability), and withdraw your consent (for example marketing). You can exercise your rights through info@pimlayer.be. We respond within 30 days.

9. International transfers

PimLayer processes data primarily within the EU. If data is nevertheless stored outside the EU (for example by cloud providers), we always ensure an adequacy decision, Standard Contractual Clauses (SCCs), or equivalent levels of protection under the GDPR.

10. Minors

Our services are not directed at children younger than 16 years. We do not process personal data of minors without the consent of parents or legal representatives.

11. Changes to this privacy policy

We may amend this Privacy Policy when legislation, technology or our operations change. The most recent version is always available through our website.

12. Contact

Do you have questions about this Privacy Policy or about your personal data? PimLayer BV, Emiel Clauslaan 21a, 9800 Deinze, Belgium. VAT BE 0793.569.173. info@pimlayer.be, +32 (0)9 391 87 52.