Loading

Privacy Policy

Forge Studio — Protecting your personal data

1. Introduction and Data Controller

This Privacy Policy explains how Forge Studio collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Belgian law.

Data Controller

  • Entity: Forge Studio
  • Location: Liège, Belgium
  • Email: hello@forgestudio.be
  • Phone: +32 470 00 00 00

2. Personal Data Collected

Data Types

Forge Studio collects the following data based on context:

  • Contact Data: Name, first name, email address, phone number
  • Professional Data: Company, industry, position
  • Project Data: Briefing, business objectives, budget
  • Technical Data: IP address, browser, device, access logs
  • Analytics Data: Browsing behavior (pages visited, visit duration)
  • Payment Data: Billing details (processed by Stripe or other providers)

Collection Methods

  • Contact forms on the website
  • Email and telephone communications
  • Cookies and tracking technologies
  • Navigation analytics (Google Analytics)
  • Data voluntarily provided in quote requests

3. Legal Basis for Processing

Forge Studio processes your data based on the following legal grounds:

  • Consent (Art. 6.1.a): With your explicit consent (newsletters, cookies)
  • Contract (Art. 6.1.b): To execute a web creation contract
  • Legal Obligation (Art. 6.1.c): Belgian tax and accounting requirements
  • Legitimate Interests (Art. 6.1.f): Service improvement, website security

4. Processing Purposes

Your data is processed for the following purposes:

  • Respond to quote and information requests
  • Execute and manage your web creation contract
  • Send marketing communications (with consent)
  • Improve services through site usage analysis
  • Ensure security and prevent fraud
  • Meet legal and accounting obligations
  • Contact you regarding technical issues

5. Data Retention Period

  • Contact Data: 3 years after contract end (accounting requirements)
  • Project Data: Contract duration + 5 years (legal archives)
  • Analytical Cookies: Maximum 13 months
  • Server Access Logs: Maximum 30 days
  • Payment Data: Processed by third-party providers (e.g., Stripe) per their policies

6. Sharing Your Data with Third Parties

Forge Studio never sells your personal data. We share it in the following cases:

Essential Service Providers

  • Netlify: Web hosting (technical data only)
  • Google Analytics: Audience analysis (anonymized)
  • Google Fonts: Web font provision
  • Stripe/PayPal: Payment processing (if applicable)

Legal Obligation

  • Tax and accounting authorities (Belgian law)
  • Judicial authorities if legally requested

No International Transfer

Data is primarily retained in Europe (EU/EEA). Transfers to the USA (Google, Netlify) are governed by Standard Contractual Clauses and Adequacy Decisions.

7. Your GDPR Rights

Right to Access (Art. 15)

You have the right to request what personal data we hold about you.

Right to Rectification (Art. 16)

You can request correction of inaccurate or incomplete data.

Right to Erasure (Art. 17)

You can request deletion of your data, unless we have a legal obligation to retain it (accounting obligations, ongoing disputes).

Right to Limit Processing (Art. 18)

You can request to limit the processing of your data.

Right to Data Portability (Art. 20)

You can request your data in a structured and readable format (e.g., CSV).

Right to Object (Art. 21)

You can object to your data being processed for direct marketing.

Right Not to Be Subject to Automated Decision (Art. 22)

You have the right to contest a decision made solely by automated means.

How to Exercise Your Rights

To exercise these rights, contact us by email at hello@forgestudio.be with:

  • Your full name
  • Your email address
  • A clear description of your request
  • A copy of an ID document (if necessary)

We will respond within 30 days in accordance with GDPR regulations.

8. Cookies and Tracking Technologies

Cookie Types

  • Essential Cookies: Necessary for website function (session, security) — Required
  • Analytical Cookies: Google Analytics to understand site usage — Consent required
  • Third-Party Cookies: YouTube, Google Fonts, CDN — Consent required

Cookie Management

You can disable cookies via your browser settings. Note that some essential cookies cannot be disabled without affecting site functionality.

9. Data Security

Forge Studio implements the following measures to protect your data:

  • SSL/TLS encryption (HTTPS) on all forms
  • No storage of passwords in plain text
  • Firewalls and attack protections
  • Restricted data access (authentication)
  • Secure hosting by Netlify (ISO 27001 certified data center)
  • OWASP security standards compliance

10. Validity Period and Changes

This Privacy Policy is valid from January 1, 2026. Forge Studio reserves the right to modify it. Changes will be notified by email (if applicable) or displayed on the website.

11. Data Protection Officer (DPO)

For any questions about data protection, contact Forge Studio directly: hello@forgestudio.be

12. Complaint to a Supervisory Authority

If you believe your rights are not being respected, you can file a complaint with:

13. Consent for External Services

By using our site, you implicitly accept:

  • Use of Google Analytics for audience analysis
  • Integration of Google Fonts and external CDNs
  • Functional and analytical cookies

You can withdraw your consent at any time.

Last updated: January 2026