Axionis Cyber SRL takes data protection seriously. This policy explains what data is collected on axionis-cyber.com, why, for how long it is retained, and how to exercise your rights under the General Data Protection Regulation (GDPR).
01 Controller
| Controller | Axionis Cyber SRL |
|---|---|
| Registered office | Rue Harkay (MLL) 411, 4400 Flémalle, Belgium |
| Company number | BE 0737.142.410 |
| GDPR contact | Paul.levrard@axionis-cyber.com |
Axionis Cyber SRL is not required to appoint a Data Protection Officer (DPO) as it does not fall under any of the three mandatory categories of Article 37 GDPR. GDPR requests are handled directly by the controller.
02 Data collected
The site only collects data strictly necessary for its operation:
Via the contact form
- Name — voluntarily entered by the user
- Email address — voluntarily entered by the user
- Message content — voluntarily entered by the user
Automatic technical data
- IP address — used by Google reCAPTCHA to fight spam and bots
- Technical browsing data (browser type, language) — sent to reCAPTCHA for its operation
No audience-measurement tool (Google Analytics, Matomo or similar) is used on this site.
03 Purposes & legal basis
| Processing | Legal basis (Art. 6 GDPR) |
|---|---|
| Response to enquiries via the contact form | Legitimate interest (Art. 6.1.f) — replying to a user-initiated request |
| Subsequent commercial follow-up (after exchange) | Legitimate interest — pre-contractual relationship |
| Site protection against abuse (reCAPTCHA) | Legitimate interest (Art. 6.1.f) — form security |
04 Recipients & processors
Data is never sold and not transferred to third parties for external prospecting. It is accessible only to Paul LEVRARD, managing director of Axionis Cyber SRL.
The following technical processors are involved:
- OVH SAS (France) — site and contact form hosting. Data remains stored within the European Union.
- Microsoft Ireland Operations Ltd — provision of Microsoft 365 / Outlook used to receive and process form messages. Microsoft offers contractual guarantees in line with GDPR and the EU-US Data Privacy Framework.
- Google Ireland Ltd — provision of reCAPTCHA v3 to protect the contact form against automated abuse.
No transfer of data outside the European Union occurs beyond the contractual guarantees offered by these processors.
05 Retention
| Data type | Retention period |
|---|---|
| Messages received via the form | 3 years from last contact, in line with the Belgian DPA's recommendations for B2B commercial prospecting |
| reCAPTCHA technical data | According to Google's policy (usually a few months) — Axionis Cyber does not store this data directly |
| Web server logs (OVH) | According to OVH's policy, generally a few weeks for security purposes |
At the end of these periods, data is deleted or anonymised.
06 Cookies & trackers
The site does not use any advertising or audience-measurement cookies. Only the Google reCAPTCHA service, integrated to protect the contact form, may set technical cookies when the form is submitted.
reCAPTCHA v3 (Google)
reCAPTCHA works by analysing visitor behaviour to distinguish humans from bots. Its use involves the placement of cookies by Google and the transmission of technical data (IP address, browsing data) to Google's servers. This processing is governed by:
- Google's privacy policy
- Google's terms of service
The use of reCAPTCHA relies on Axionis Cyber's legitimate interest in protecting its form against abuse. If you do not want this data to be transmitted to Google, do not use the form — you can contact us directly by email or phone.
07 Security
As a cybersecurity consultancy, Axionis Cyber SRL applies reasonable technical and organisational measures to its own site:
- Encryption of exchanges via HTTPS (SSL/TLS certificate)
- Form protection via reCAPTCHA v3
- Access to received messages restricted to the sole controller
- Strong passwords and multi-factor authentication on third-party services (OVH, Microsoft 365)
08 Your rights
Under Articles 15 to 22 GDPR, you have the following rights over your data:
- Right of access — confirm that your data is being processed and obtain a copy
- Right to rectification — have inaccurate data corrected
- Right to erasure ("right to be forgotten") — request deletion of your data
- Right to restriction — request temporary suspension of a processing operation
- Right to portability — receive your data in a structured format
- Right to object — object to processing based on legitimate interest
To exercise these rights, write to Paul.levrard@axionis-cyber.com with details of your request. A response will be provided within one month. No proof of identity is required unless there is reasonable doubt about your identity.
09 Right to complain
If you believe your rights are not respected, you may lodge a complaint with the competent supervisory authority:
Rue de la Presse 35, 1000 Brussels
Phone: +32 (0)2 274 48 00
Email: contact@apd-gba.be
Website: www.autoriteprotectiondonnees.be
10 Changes to this policy
This policy may be updated to reflect legal, technical or organisational developments. The last update date is shown at the top of the document. Any substantial change will be announced on the home page.