Privacy policy

Who are we?

D2D3 S.A., whose registered office is located at Route de Hannut, No. 531, 5024 Namur, and registered in the trade and companies register under number BE0869.794.149 (hereinafter: “D2D3”) is a company specializing in new communication and information technologies and provides its customers with data management tools, particularly cartographic tools. These tools are intended for internal use (only at the customer’s premises). Where provided for, and with the authorization of D2D3, part of the service may be made publicly available. This is particularly the case with the “Public Domain Occupancy Management (GODP)” application.

The data you provide when you visit our website and when you enter into a contractual relationship with us for the purpose of using our services and solutions is mainly personal data. This data is processed by D2D3 in its capacity as data controller and in accordance with this data protection policy.
However, when it comes to the data you provide to create an account on one of our publicly accessible platforms for multiple customers (e.g., GODP), this data is processed jointly by D2D3 and the partner with whom D2D3 collaborates to set up this platform. In this case, the partner and D2D3 are jointly responsible for the processing, as they jointly determine the purposes and means of the processing. In this case, D2D3 and the partner in question have entered into a joint processing agreement in accordance with Article 26 of the GDPR.

Finally, D2D3, via the D2D3 Application Suite (SA D2D3) and through its interfaces and functionalities, is required to process personal data concerning the user of these solutions. This data, which you provide when you use the solutions as a user, is processed by D2D3 solely in its capacity as a processor. In fact, D2D3 merely makes these solutions available to you on behalf of the partner and, as such, processes data in its name and on its behalf. The partner then acts as the data controller because it determines the purposes and means of the processing. In accordance with the provisions of the GDPR, D2D3 and the partner are bound by a subcontracting agreement that defines the respective obligations and rights of each party.

In any event, D2D3 is committed to respecting your privacy and your rights with regard to the protection of personal data. D2D3 processes your data in compliance with applicable data protection regulations, including European Regulation 2016/679 of April 27 on the protection of individuals with regard to the processing of personal data ( “GDPR”) and the Belgian law of July 30, 2018 on the protection of individuals with regard to the processing of personal data.

The purpose of this policy is to explain clearly and transparently how D2D3 processes your personal data when you use the website and the data management tools offered.

 

Why do we process your data?

Browsing our website
When you visit our website, certain technical data is automatically collected, such as your IP address, the type of browser you use, or information about your device. This data is necessary for the proper functioning of the website and is processed for this purpose.
The use of certain cookies may also involve the processing of personal data. For more information, please see our cookie policy. 

Communicating with you
Categories of data – This includes your first name, last name, job title, email address, phone number, and any other information you may provide us during our exchanges.
Purpose – We process this data when you contact us via the tab provided for this purpose on our website, or by email, in order to communicate with you and answer your questions.
Legal basis – If you are already a customer or if your request concerns our services, the processing is based on the performance of our contract or pre-contractual measures.
If you contact us for any other reason via our contact form, without any direct link to a contractual relationship, the processing is based on our legitimate interest in responding to messages received.
Recipients of the data – Your data may also be processed by our website host or other IT service providers for purposes strictly necessary to comply with the instructions we give them. They act as processors in this regard.
Duration – The data is kept for 1 year after our last contact.

 

Provision of our services and creation of an account on our platform
Categories of data – This may include:

  • Identification data (last name, first name, email address, address, telephone number, organization, company number, last name, first name, and role of the contact person)
  • Connection data (IP address, username, password, status, and access, etc.)

Purpose of processing – Creating an account on our platform gives you access to all our solutions and the many features made available to you by D2D3 or its partner.
Finally, the data you provide us with is also processed in order to respond to your request and communicate with you about it.

Legal basis – The provision of this data is necessary for the provision of the requested service. Therefore, this data is essential for the performance of our contract. Without it, we cannot carry out our mission.

Recipients of the data – Your data may also be processed by our website host or other IT service providers for purposes strictly necessary to comply with the instructions we give them. They act as processors in this regard.
The data used to create your accounts is also processed by the client with whom D2D3 collaborates to set up the platform in question. This client is jointly responsible for the processing.

Retention period – The data you entrust to us is retained for 10 years after the end of our assignment for tax and accounting reasons, but also for liability reasons.

In general, data will be retained for a period consistent with our legal and regulatory obligations.

 

Management of our contractual relationship

Data categories – This may include your first and last name, home address or place of residence, telephone number, email address, organization, billing information, etc.
Purpose – Your contact details are used for the purpose of invoicing our services and collecting payment, or notifying you of any changes to the Contract or Data Protection Policy (in particular new purposes).
Legal basis – The personal data processed is essential for the performance of the agreement and legal obligations. Without it, we cannot carry out our mission.
Recipients of the data – It is transmitted to the tax and social security authorities, our social secretariat, and our accountant. It may be transmitted to our legal advisor or a bailiff in the event of legal recovery.
Your data may also be processed by our website host or other IT service providers for purposes strictly necessary to comply with the instructions we give them. They act as subcontractors in this regard.
Duration – The data you entrust to us is kept for 10 years after the end of our mission for tax and accounting reasons, but also for liability reasons.

Promotion of our services
Data categories – Your contact details (last name, first name, postal address, email address) may be used in connection with the promotion of our services.
Purpose of processing – We process this data in order to send you communications that may be of interest to you (development of new tools or new features).
This allows us to keep you informed about our features, services, and news.
Legal basis
If you are already a customer or user of our services, our legitimate interest in promoting our services justifies our carrying out operations to provide information about or promote our company’s services. As a result, you may receive emails, advertisements, or notifications containing commercial information about our new products and services.
If you are not a customer or user of our services, your data is processed because you have consented to this processing for the purpose of receiving the Newsletter.
Data recipients – Your contact details may be passed on to the email service provider used by D2D3.
Retention period – We retain your contact details for this purpose until you ask us to stop.

 

You can notify us at any time that you no longer wish to receive advertisements. Simply send us an email at privacy@d2d3.com or click on the unsubscribe link at the bottom of any electronic communication we send you for this purpose.

Exercising your rights
Purposes – When you exercise your rights under the GDPR and as described in this data protection policy (right of access, rectification, etc.), we retain the data strictly necessary to prove that we have responded to your requests.
Legal basis – We retain this data so that we can prove that we have processed your request correctly, if we are asked to do so at a later date (e.g. by a supervisory authority). This retention is based on our legitimate interest in being able to demonstrate that we comply with our data protection obligations.
Categories of data – This includes your surname, first name, request, and evidence relating to the processing of the request.
Recipient of the data – This data is not passed on to any third parties, except in the event of a request from a competent supervisory authority.
Duration – We retain your data for this purpose for as long as we may be held liable for non-compliance with requests, i.e. for a maximum period of 10 years.

Social networks
Data categories – This may include data related to your account, data related to content sharing, or communications you have with other people.
Purposes – The data you provide when visiting our social media pages is or may be processed jointly by the social media network and the administrator of that page for the following purposes:

  • collecting certain data using cookies;
  • improving the social media network’s advertising system;
  • obtaining audience statistics for the page.

This data will only be processed by the page administrator in the context of their legitimate interest in obtaining statistics on visitors to their page in order to promote their page appropriately. Audience statistics compiled by the social network are only transmitted to the page administrator in anonymized form.
Recipients of the data – Communication of this data to our employees, subsidiaries, suppliers, external service providers, or consultants may be necessary for the fulfillment of this purpose.
Retention period – This data is or may be processed for as long as the page exists and you visit it.
The personal data use policies of each social network can be found by clicking on the following links: LinkedIn

Statistics
We may also process your data in order to extrapolate statistics on the use of the service and improve it. Only page visit data is collected for this purpose. In this configuration, D2D3 simply counts the number of visits to each page but is not able to identify the internet user or user visiting the page, nor even to identify whether the same visitor visits the same page several times.
Consequently, this does not constitute the processing of personal data, as visitors are neither identified nor identifiable.

Modification
This policy may, at any time, for various reasons, be subject to corrections, additions, or modifications. The most current version can be consulted at any time on our website. We invite you to consult it regularly.

Third-party websites
Our website contains hyperlinks to third-party websites and information about them (e.g., parking lot 4411 and e-Guichets services). We have no control over these sites and are not responsible for their privacy policies, which we invite you to consult.

Location of your data
Your personal data is, in principle, stored exclusively on servers located within the European Union.
All data from D2D3’s data systems is currently stored by OVH in a storage center based within the European Union.

Security
In order to guarantee the security of your data, D2D3 takes all necessary precautions, whether physical, logical, administrative, or organizational, with regard to the nature of your data and the risks presented by the various processing operations, to preserve the security of the data and prevent it from being distorted, damaged, or accessed by unauthorized third parties.
To this end, we use SSL encryption for data transmission between terminals and our service providers’ servers, and we supervise and manage access to your information within D2D3.

What are your rights?
As a natural person, you have several rights regarding your personal data, including:
Right to information – This right is exercised through this document. If the data processed includes your employees’ data, you are responsible for ensuring that they are made aware of this document.
Right of access and rectification – You have the right to access your data and have it rectified if necessary.
Right to object – You may object to the processing of your data that we carry out on the basis of our legitimate interest.
Withdrawal of consent – When data is processed with your consent, you may withdraw your consent at any time, without affecting past processing.
Right to erasure and restriction – You may obtain the erasure of your data or the restriction of processing under the conditions set out in Articles 17 and 18 of the General Data Protection Regulation.
Right to portability – The data you have provided to us may be communicated to you or transmitted to a third party of your choice in electronic format.
For more information about your rights:
https://www.autoriteprotectiondonnees.be/citoyen/vie-privee/quels-sont-mes-droits-

Who should you contact?
The data controller, D2D3 S.A., whose registered office is located at Route de Hannut 531, 5024 Namur, is available to answer any questions you may have and to respond to any requests relating to the rights set out above (Tel. +32(0)81 21 06 10; email: privacy@d2d3.com).
If you would like further information or wish to lodge a complaint, you can contact the Data Protection Authority (Rue de la Presse, 35 – 1000 Brussels, Tel. +32 2 274 48 00
https://www.autoriteprotectiondonnees.be/citoyen/agir/introduire-une-plainte

Last update: June 4, 2025