Privacy Policy
Effective date: 2026-04-10 | Last updated: 2026-04-09
1. Data Controller
| Legal entity | NeatNerds BV |
| Registered address | Rue de la Morépire 2, 6887 Saint-Médard, Herbeumont, Belgium |
| Contact | query@neatnerds.be |
| Data Protection Contact | dpo@neatnerds.be |
| KBO/BCE number | BE 1014.727.589 |
NeatNerds BV ("NeatNerds", "we", "us") is the data controller for personal data processed in connection with our software products and services. This Privacy Policy applies to all NeatNerds software products and the neatnerds.be website.
2. Legal Basis (GDPR Art. 6)
We process personal data on the following legal bases:
| Purpose | Legal basis | GDPR Article |
|---|---|---|
| Licence key activation | Contract performance | Art. 6(1)(b) |
| Email support | Legitimate interest | Art. 6(1)(f) |
| Error reports (opt-in) | Consent | Art. 6(1)(a) |
| Invoice processing | Legal obligation | Art. 6(1)(c) |
| Website analytics | Legitimate interest | Art. 6(1)(f) |
3. What Data We Collect
3.1 Software Products (Desktop CLI)
Our desktop software (nncc, auditor-mcp, openvox-mcp, neatspec) is designed to operate locally without network access. By default:
- No telemetry is collected
- No data is transmitted to NeatNerds servers
- No accounts are required for open-source features
- All processing occurs on your local machine
When you opt in to the following features, limited data is transmitted:
| Feature | Data collected | Purpose | Retention |
|---|---|---|---|
| Licence activation | Licence key, machine fingerprint | Validate licence | Duration of licence |
| Error reporting | Stack trace, OS version, nncc version | Bug fixes | 90 days |
| Content pack sync | Account ID, installed packs | Deliver updates | Duration of subscription |
3.2 Website (neatnerds.be)
| Data | Purpose | Retention |
|---|---|---|
| Server access logs | Security, debugging | 30 days |
| Contact form submissions | Respond to inquiries | Until resolved + 1 year |
We do not use third-party tracking pixels, advertising networks, or social media trackers on neatnerds.be. Website analytics, if enabled, use a self-hosted solution (no data leaves our infrastructure).
3.3 Email Communication
| Data | Purpose | Retention |
|---|---|---|
| Email address, name | Customer communication | Duration of relationship + legal retention |
| Support ticket content | Provide support | 3 years (Belgian commercial law) |
3.4 Commercial Transactions
| Data | Purpose | Retention |
|---|---|---|
| Billing name, address | Invoicing | 7 years (Belgian tax law — Art. 60 TVW) |
| Payment details | Process payments (via Merchant-of-Record) | Not stored by NeatNerds |
Payment processing is handled by a third-party Merchant-of-Record. We do not store credit card numbers, bank account details, or other payment instruments.
4. Data Sharing
We share personal data only in the following circumstances:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Merchant-of-Record (payment processor) | Payment processing | DPA, EU-based or adequacy decision |
| Accountant (AccountingTeam, PIA group) | Legal accounting obligations | Belgian professional secrecy |
| ClearFacts (software platform) | Document exchange with accountant | DPA, EU-based |
| Belgian tax authorities (SPF Finances) | Tax compliance | Legal obligation |
We do not sell, rent, or trade personal data. We do not share data with advertising networks, data brokers, or AI training pipelines.
5. International Transfers
All data processing occurs within the European Economic Area (EEA). If a future sub-processor requires data transfer outside the EEA, we will ensure adequate safeguards (Standard Contractual Clauses or adequacy decision per GDPR Art. 46).
6. Data Security
We implement appropriate technical and organisational measures:
- Encryption at rest: All server storage uses full-disk encryption
- Encryption in transit: TLS 1.3 for all network communication
- Access control: Principle of least privilege, SSH key authentication
- Infrastructure: Self-hosted on owned hardware in Belgium
- Monitoring: InSpec compliance profiles verify security configuration
- Incident response: Security incidents documented and notified per GDPR Art. 33/34
7. Your Rights (GDPR Art. 15-22)
You have the following rights regarding your personal data:
| Right | Description | How to exercise |
|---|---|---|
| Access (Art. 15) | Obtain a copy of your data | Email dpo@neatnerds.be |
| Rectification (Art. 16) | Correct inaccurate data | Email dpo@neatnerds.be |
| Erasure (Art. 17) | Request deletion | Email dpo@neatnerds.be |
| Restriction (Art. 18) | Limit processing | Email dpo@neatnerds.be |
| Portability (Art. 20) | Receive data in machine-readable format | Email dpo@neatnerds.be |
| Objection (Art. 21) | Object to legitimate-interest processing | Email dpo@neatnerds.be |
| Withdraw consent | Revoke previously given consent | Email dpo@neatnerds.be |
We will respond to rights requests within 30 days (GDPR Art. 12(3)).
8. Data Protection Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with:
Autorité de protection des données / Gegevensbeschermingsautoriteit
Rue de la Presse 35, 1000 Brussels, Belgium
https://www.autoriteprotectiondonnees.be
contact@apd-gba.be
9. Children's Data
Our software products are not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact dpo@neatnerds.be for immediate deletion.
10. Cookie Policy
neatnerds.be uses only strictly necessary cookies (session management). We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner is required for strictly necessary cookies per the ePrivacy Directive (Art. 5(3)).
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be published at the same location. Significant changes will be communicated via our website or email to registered users.
12. Contact
For privacy-related inquiries or to exercise your rights:
- Data Protection Contact: dpo@neatnerds.be
- General inquiries: query@neatnerds.be
- Address: NeatNerds BV, Rue de la Morépire 2, 6887 Saint-Médard, Belgium