Our Privacy Policy
Last modified: Fri 23 Jan 2026.
First of all, we are excited that you are interested in our products and services. This privacy statement describes how we use the Personal Data you provide us with.
We may ask you to share certain Personal Data with us, including but not limited to your first name, last name and e-mail address (identification data).
For certain specific obligations you may be required to provide us with additional data, such as billing or payment data. We only collect Personal Data that is necessary to inform you about our products and services, to execute an agreement with you and to contact you.
For this purpose, we base ourselves on the processing grounds of the agreement, the legal obligation, our legitimate interest and, in some cases, your consent (see also section 2).
The processing of your Personal Data is subject to this privacy statement. For questions and/or comments, please contact info@chapter-two.io.
By providing your Personal Data, you acknowledge that it will be processed in accordance with this Privacy Notice.
“Controller” has the meaning as defined in the General Data Protection Regulation 2016/679. Chapter Two will be qualified as the Controller, which determines the purposes and means of the processing of Personal Data.
“Chapter Two” is the tradename/company name of Chapter Two BV, a limited liability company organized and existing under the laws of Belgium, having its registered office at 2018 Antwerp (Belgium), Korte Vanruusbroecstraat 6 / 301 and registered in the Register of Companies under number 1017.785.168.
“Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any information relating to an identified or identifiable natural person (also called the “data subject”).
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which processes Personal Data on behalf of the Controller. “Website” means the website of Chapter Two: (www.chapter-two.io).
Prospect data
In relation to providing our products, services and our activities we collect and process the identification and contact data of our prospects. The data may be processed for the purposes of responding to inquiries, pre-contractual communication, client management once an agreement is concluded, and business-related communication. The legal grounds for this processing are taking steps at your request prior to entering into an agreement, compliance with a legal obligation to which we are subject, our legitimate interest and, in some cases, your consent.
Other data
In addition to prospect and client data, we may process Personal Data of website visitors and prospects who contact us via the Website or other communication channels. The purposes of this processing are responding to inquiries, providing information about our services, and business communication. The legal grounds for this processing are our legitimate interest and, where applicable, taking steps at your request prior to entering into an agreement.
Specifically, we may use the Personal Data we collect for the following purposes:
• to identify you as a user of the Website;
• to provide you with information about our projects and services;
• to provide you with our services and execute any agreements;
• to process and respond to any complaints or requests;
• to help us in evaluating, correcting and improving the Website and any related products or services of us;
• for direct marketing purposes, limited to business-related communications;
• for internal reasons, including business administration and filing purposes.
Every time you submit Personal Data, we shall handle this information in accordance with the stipulations of this privacy statement and the legal obligations within the scope of the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.
We establish reasonable measures and procedures to secure and protect the Personal Data we collect through the Website or via electronic correspondence. This way, we undertake, as far as can reasonably be expected, to prevent illegal processing of Personal Data and unintentional loss or removal of your Personal Data.
We seek to optimize the security of your Personal Data by limiting the access to your Personal Data to persons on a “need-to-know” basis.
Collection of data
We collect your Personal Data – without being exhaustive – in the following cases:
• when you submit Personal Data via the Website through the contact form provided;
• when you enter into an agreement with us;
• when you call, email or correspond with us in another way than via the Website.
We avoid the collection of Personal Data which are not relevant for the purposes as set out in section 2.
We may combine the Personal Data we collect with information obtained through our direct communications with you or from publicly available sources, where relevant and lawful.
Retention of data
Personal Data will be stored and processed by us for the duration that is required in relation to the purposes of the processing.
Client data will be removed from our systems 7 years after the termination of the agreement or project involved, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).
Other data will not be stored longer than 2 years after the last useful contact with you, except in the case of your consent to retain this data for a longer period of time.
We will not transfer Personal Data to third parties outside the European Economic Area, except to subcontractors or associates who retain the Personal Data in accordance with the European Commission's Standard Contractual Clauses and thereby provide an adequate level of security for the processing of Personal Data.
For the operation of our Website and services, we make use of third-party service providers such as hosting and backend infrastructure providers (including providers for website hosting, databases and communication services). These service providers may process Personal Data on our behalf as processors and may be located outside the European Economic Area. Where applicable, such transfers are safeguarded by Standard Contractual Clauses approved by the European Commission.
Furthermore, we will not transfer Personal Data to third parties inside the European Economic Area without your permission, except:
• when such transfer is necessary to permit associates, agents or subcontractors to provide a service or accomplish a task in our name (including but not limited to providing marketing support, conducting market research or providing client services);
• if it is required by applicable laws and regulations.
Any transfer of Personal Data to one of the third parties mentioned in the list above, is in accordance with the stipulations of the General Data Protection Regulation 2016/679.
We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned in section 2 and that these third parties have undertaken the necessary technical and organizational measures to protect the data involved.
We will have data processing agreements in place with the aforementioned third parties and, if applicable, Standard Contractual Clauses as provided by the European Commission, in order to ensure the security of the Personal Data.
By virtue of both Belgian and European legislation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send a written request to (info@chapter-two.io). We may request additional information to verify your identity where necessary.
We will provide you with information within 1 (one) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of 3 (three) months, in which case you will be informed about the reasons for such delay within 1 (one) month of the original request.
The right of access to Personal Data
You have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected.
The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing before the withdrawal.
The right to complain to a supervisory authority
You can file a complaint with the Data Protection Authority (“Gegevensbeschermingsautoriteit”) by sending an e-mail to contact@apd-gba.be or by sending a written request to the Data Protection Authority with registered address located at 1000 Brussels, Drukpersstraat 35.
The Website may contain links to other websites which are not controlled by us. Although we will do our utmost to make sure that the links lead exclusively to websites that have corresponding security and confidentiality standards, we are not responsible for the protection and confidentiality of data, among Personal Data which you submit on other websites, after you have left the Website.
The Website may include links that allow you to communicate with us via third-party communication platforms, such as Telegram. When you use these links, your interaction is subject to the privacy policies and data processing practices of the respective platform. We do not control how such third parties process your Personal Data and recommend that you review their privacy notices before engaging.
We emphasize to proceed carefully and consult the privacy statement which applies on the website concerned before submitting Personal Data on other websites.
We have the right to change this privacy statement at any time by publishing a new version on our Website.
We recommend to consult the Website on a regular basis in order to verify that you agree to any changes made to this privacy statement.
In any event, we can inform you of any changes to this privacy statement by e-mail.
The Website currently only uses strictly necessary cookies required for its basic technical functioning. We do not use analytics, tracking or marketing cookies at this time. If this changes in the future, this Privacy Notice will be updated accordingly and, where required by law, your consent will be requested.
Certain technical data (such as server logs) may be processed transiently for security and performance purposes and are not used for tracking or profiling.
First of all, we are excited that you are interested in our products and services. This privacy statement describes how we use the Personal Data you provide us with.
We may ask you to share certain Personal Data with us, including but not limited to your first name, last name and e-mail address (identification data).
For certain specific obligations you may be required to provide us with additional data, such as billing or payment data. We only collect Personal Data that is necessary to inform you about our products and services, to execute an agreement with you and to contact you.
For this purpose, we base ourselves on the processing grounds of the agreement, the legal obligation, our legitimate interest and, in some cases, your consent (see also section 2).
The processing of your Personal Data is subject to this privacy statement. For questions and/or comments, please contact info@chapter-two.io.
By providing your Personal Data, you acknowledge that it will be processed in accordance with this Privacy Notice.
1. Definitions
“Controller” has the meaning as defined in the General Data Protection Regulation 2016/679. Chapter Two will be qualified as the Controller, which determines the purposes and means of the processing of Personal Data.
“Chapter Two” is the tradename/company name of Chapter Two BV, a limited liability company organized and existing under the laws of Belgium, having its registered office at 2018 Antwerp (Belgium), Korte Vanruusbroecstraat 6 / 301 and registered in the Register of Companies under number 1017.785.168.
“Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any information relating to an identified or identifiable natural person (also called the “data subject”).
“Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which processes Personal Data on behalf of the Controller. “Website” means the website of Chapter Two: (www.chapter-two.io).
2. Purposes and legal grounds
Prospect data
In relation to providing our products, services and our activities we collect and process the identification and contact data of our prospects. The data may be processed for the purposes of responding to inquiries, pre-contractual communication, client management once an agreement is concluded, and business-related communication. The legal grounds for this processing are taking steps at your request prior to entering into an agreement, compliance with a legal obligation to which we are subject, our legitimate interest and, in some cases, your consent.
Other data
In addition to prospect and client data, we may process Personal Data of website visitors and prospects who contact us via the Website or other communication channels. The purposes of this processing are responding to inquiries, providing information about our services, and business communication. The legal grounds for this processing are our legitimate interest and, where applicable, taking steps at your request prior to entering into an agreement.
Specifically, we may use the Personal Data we collect for the following purposes:
• to identify you as a user of the Website;
• to provide you with information about our projects and services;
• to provide you with our services and execute any agreements;
• to process and respond to any complaints or requests;
• to help us in evaluating, correcting and improving the Website and any related products or services of us;
• for direct marketing purposes, limited to business-related communications;
• for internal reasons, including business administration and filing purposes.
3. The confidentiality of your Personal Data
Every time you submit Personal Data, we shall handle this information in accordance with the stipulations of this privacy statement and the legal obligations within the scope of the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.
We establish reasonable measures and procedures to secure and protect the Personal Data we collect through the Website or via electronic correspondence. This way, we undertake, as far as can reasonably be expected, to prevent illegal processing of Personal Data and unintentional loss or removal of your Personal Data.
We seek to optimize the security of your Personal Data by limiting the access to your Personal Data to persons on a “need-to-know” basis.
4. How do we collect your Personal Data and for how long is it kept?
Collection of data
We collect your Personal Data – without being exhaustive – in the following cases:
• when you submit Personal Data via the Website through the contact form provided;
• when you enter into an agreement with us;
• when you call, email or correspond with us in another way than via the Website.
We avoid the collection of Personal Data which are not relevant for the purposes as set out in section 2.
We may combine the Personal Data we collect with information obtained through our direct communications with you or from publicly available sources, where relevant and lawful.
Retention of data
Personal Data will be stored and processed by us for the duration that is required in relation to the purposes of the processing.
Client data will be removed from our systems 7 years after the termination of the agreement or project involved, except for the Personal Data that we have to store for a longer duration based on specific legal obligations or in case of pending litigation(s).
Other data will not be stored longer than 2 years after the last useful contact with you, except in the case of your consent to retain this data for a longer period of time.
5. Transfer of Personal Data
We will not transfer Personal Data to third parties outside the European Economic Area, except to subcontractors or associates who retain the Personal Data in accordance with the European Commission's Standard Contractual Clauses and thereby provide an adequate level of security for the processing of Personal Data.
For the operation of our Website and services, we make use of third-party service providers such as hosting and backend infrastructure providers (including providers for website hosting, databases and communication services). These service providers may process Personal Data on our behalf as processors and may be located outside the European Economic Area. Where applicable, such transfers are safeguarded by Standard Contractual Clauses approved by the European Commission.
Furthermore, we will not transfer Personal Data to third parties inside the European Economic Area without your permission, except:
• when such transfer is necessary to permit associates, agents or subcontractors to provide a service or accomplish a task in our name (including but not limited to providing marketing support, conducting market research or providing client services);
• if it is required by applicable laws and regulations.
Any transfer of Personal Data to one of the third parties mentioned in the list above, is in accordance with the stipulations of the General Data Protection Regulation 2016/679.
We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned in section 2 and that these third parties have undertaken the necessary technical and organizational measures to protect the data involved.
We will have data processing agreements in place with the aforementioned third parties and, if applicable, Standard Contractual Clauses as provided by the European Commission, in order to ensure the security of the Personal Data.
6. Rights of the data subject
By virtue of both Belgian and European legislation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send a written request to (info@chapter-two.io). We may request additional information to verify your identity where necessary.
We will provide you with information within 1 (one) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of 3 (three) months, in which case you will be informed about the reasons for such delay within 1 (one) month of the original request.
The right of access to Personal Data
You have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected.
The right to withdraw consent
To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, withdrawal will not affect the lawfulness of processing before the withdrawal.
The right to complain to a supervisory authority
You can file a complaint with the Data Protection Authority (“Gegevensbeschermingsautoriteit”) by sending an e-mail to contact@apd-gba.be or by sending a written request to the Data Protection Authority with registered address located at 1000 Brussels, Drukpersstraat 35.
7. Third-party links
The Website may contain links to other websites which are not controlled by us. Although we will do our utmost to make sure that the links lead exclusively to websites that have corresponding security and confidentiality standards, we are not responsible for the protection and confidentiality of data, among Personal Data which you submit on other websites, after you have left the Website.
The Website may include links that allow you to communicate with us via third-party communication platforms, such as Telegram. When you use these links, your interaction is subject to the privacy policies and data processing practices of the respective platform. We do not control how such third parties process your Personal Data and recommend that you review their privacy notices before engaging.
We emphasize to proceed carefully and consult the privacy statement which applies on the website concerned before submitting Personal Data on other websites.
8. Amendments
We have the right to change this privacy statement at any time by publishing a new version on our Website.
We recommend to consult the Website on a regular basis in order to verify that you agree to any changes made to this privacy statement.
In any event, we can inform you of any changes to this privacy statement by e-mail.
9. Cookies
The Website currently only uses strictly necessary cookies required for its basic technical functioning. We do not use analytics, tracking or marketing cookies at this time. If this changes in the future, this Privacy Notice will be updated accordingly and, where required by law, your consent will be requested.
Certain technical data (such as server logs) may be processed transiently for security and performance purposes and are not used for tracking or profiling.