Privacy statement
This privacy policy (“Privacy Policy”) sets out how we collect, manage, store and otherwise process your personal data through the website www.retrievermedia.be, any of its subdomains, or any other part of the Retriever platform (the “Platform”). By continuing to use the Platform, you agree to the terms of this Privacy Policy.
Data controller
The entity acting as data controller within the meaning of the General Data Protection Regulation (“GDPR”) for the processing operations described in this Privacy Policy is:
Retriever Media Informatie B.V. (“we” or “us”)
Retriever Belgium
Louizalaan 54 / Avenue Louise
B-1050 Brussels
Tel: +32 (0) 2 893 00 52
BE 0775.989.310
When do we collect your data?
We process your personal data if:
- Your employer creates an account for you on the Platform;
- You activate or use your account via the Platform;
- You visit our website, or use any other part of the Platform; and
- You subscribe, or are subscribed, to our newsletter.
In addition, we collect data that is generated automatically during your use of the Platform. Besides ‘logging’ your activities, we also use cookies to analyse your use of our Platform. For more information on our use of cookies, see the “Cookies” section and our separate cookie statement.
What personal data do we process?
If you use the Platform, we process data via standard server logs. This data consists of your:
- IP (Internet Protocol) address;
- Username (which is the same as your email address);
- Browser type;
- Operating system;
- Other data, such as the type of search query, the search results, the files you load and/or download, the Platform domains you visit and the date and time at which you perform these actions;
- Technical access data that we record for security and abuse-prevention purposes, including the network (ASN) from which you access the Platform, access patterns and usage volumes (see also “Protection of the Platform against automated access”).
If you register, or are registered, for the Platform, we process the following data about you, among others:
- Name;
- Email address;
- Business telephone number;
- Mobile telephone number;
- Employer;
- Job title;
- Relevant previous positions;
- LinkedIn account.
If you subscribe, or are subscribed, to our newsletter, we process the following data about you:
- Name;
- (Business) email address;
- Employer (if you have shared this with us).
What are the purposes of collecting your data?
We process predetermined data for the following purposes:
- Enabling you to use the Platform. For this we process at least your email address;
- Informing you in the event of a service incident. For this we process at least your email address and/or telephone number;
- Usage reports to employers. For this we process at least your first and last name and email address;
- Preventing and combating misuse of the Platform. For this we process at least your IP address, name, email address and the date and time of your interaction with the Platform;
- Developing, maintaining and improving the Platform and its user experience. For this we process, among other things, your IP address, email address and data about your browsing behaviour, such as your search queries, search results, browser settings, the files you have viewed and/or downloaded and the use of references (hyperlinks);
- Tailoring the Platform to your preferences as far as possible. For this we process at least your IP address and email address;
- Promoting our Platform. For this we process at least your email address;
- Complying with our legal obligations, such as the obligation to retain certain personal data or to provide it to third parties or the authorities (only if we are legally required to do so). For this we process at least your name;
- Subscribing to our newsletter. For this we process at least your email address;
- Protecting the Platform and the underlying database against automated access, systematic extraction and unlawful re-use. For this we process at least your IP address, ASN, access patterns, usage volumes and export activity, and we apply client-specific watermarks to exported data;
- Displaying interactive maps (Media Maps) within the Platform. When the map loads, your IP address is transmitted to Google (see “Maps and Street View”).
On what legal bases are the processing operations based?
Under the GDPR, personal data may only be processed if there is a legal basis for it, as set out in Article 6 GDPR. For the processing carried out for the above purposes we rely on the following legal bases:
- Performance of the contract: purposes 1, 2, 3 and 6;
- A legal obligation: purpose 8;
- The legitimate interests of Retriever: purposes 4, 5, 7, 10 and 11. For purpose 10 (protection against automated access and extraction) our legitimate interest lies in protecting the database, which is protected as a database under the Belgian Act of 31 August 1998 (transposing Directive 96/9/EC); this processing is limited to what is necessary to detect violations and is balanced against your rights;
- Informed consent: purpose 9.
Protection of the Platform against automated access
The Platform is intended for manual use by authorised users. To protect the database against automated access (such as AI agents, bots, scrapers or crawlers) and against systematic extraction, we apply technical measures including per-user rate limiting, anomaly detection on access patterns, and client-specific watermarking of exported data. Watermarks enable us to identify the source of any unlawfully extracted or redistributed data. This logging does not constitute monitoring of individual employee performance and is not used for that purpose.
Maps and Street View
Certain parts of the Platform display interactive maps via Google Maps Platform, including map, satellite and Street View views. When a map loads, map tiles, geocoding and Street View imagery are provided by Google and your IP address is transmitted to Google. Google may set cookies in this process. Google’s privacy policy applies to this processing by Google (https://policies.google.com/privacy). Street View imagery may contain third-party personal data (such as faces or licence plates); this is processed by Google and blurred where applicable.
Your rights: access, rectification, portability, objection, restriction and erasure
Under the GDPR you have the right to access, rectification, portability and erasure of the personal data we collect and store about you through the Platform. You must submit your request for access, rectification, portability, objection, restriction or erasure of data to us, stating your name, contact details and email address. Once we have been able to verify your identity, we will in principle respond to your request within 30 days.
You can contact us by calling +32 (0) 2 893 00 52, or by sending an email to info@retrievermedia.be, if you:
- Wish to be informed about the personal data we process about you;
- Wish to exercise the rights mentioned above;
- Have any other question relating to our Privacy Policy.
You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données, gegevensbeschermingsautoriteit.be) if you believe that we are not processing your personal data correctly.
Who may receive and use your data?
Your data is used by our employees and the employees of affiliated entities and subcontractors when you use the Platform, as set out in this Privacy Policy. We ensure that our employees only have access to your data to the extent necessary to perform their tasks.
We use the following categories of recipients/processors: hosting and storage providers, Google (analytics via Google Analytics and map display via Google Maps Platform), and email/newsletter providers. We conclude data processing agreements with processors in accordance with Article 28 GDPR.
Publishers and operators
Participating publishers and operators have the right to view the data of the contact persons they have provided that we use in the media tool. Publishers can log in to their service page and view, and if desired amend, the data of their employees. If we share your personal data with third parties (such as subcontractors or other service providers) we require those parties to process your personal data confidentially and securely and to use the data solely to provide us with the agreed products or services.
Retriever subscribers
Companies and relations (employers) with a subscription have the right to view the contact details and log files we keep of their own employees. In certain cases we may be legally required to transfer personal data to third parties or authorities.
Referral to other websites
You may be referred to other websites via a hyperlink or other reference on the Platform. This Privacy Policy does not apply to those websites. Please read the privacy policy of those websites carefully, as it may differ from this Privacy Policy. Websites referred to include: X, LinkedIn, Facebook/Instagram.
How do we store your data?
Your personal data may be stored outside the Netherlands and/or outside the European Economic Area (“EEA”), as we use third parties for storage and other IT services. We are committed to using only third parties that respect your privacy, and when we use and conclude agreements with providers of such services we commit to binding them to the applicable data protection legislation. Where data is processed outside the EEA (for example by Google), we ensure appropriate safeguards in accordance with Chapter V GDPR, such as the European Commission’s standard contractual clauses or an adequacy decision (including the EU-US Data Privacy Framework).
Security and retention period
We ensure that your data is adequately secured so that it is protected against unauthorised use, unauthorised access, alteration and unlawful destruction. Your data is retained for as long as necessary for the purposes indicated above or insofar as necessary for compliance with legal obligations and for resolving any disputes.
Access logs and monitoring data processed to protect the Platform (purpose 10) are in principle retained for twelve (12) months, after which they are deleted or anonymised, unless longer retention is necessary to substantiate or handle a specific violation.
Data breach notification
A data breach is a vulnerability in the security of personal data that leads to (a risk of) accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
If we become aware of a data breach within our systems, we will immediately take all necessary actions to prevent the breach from continuing. We will also assess the severity of the breach, based in part on:
- The likelihood that your data has actually been leaked;
- The duration of the breach;
- The categories of compromised data that may have been leaked;
- The impact on you if the data were to be made public.
Based on the severity of the breach, we will decide whether notification to the Belgian Data Protection Authority and possibly to you is necessary.
Cookies
As mentioned above, one of the techniques we use to collect personal data is the use of cookies; small files containing information about your use of the Platform, the purpose of which is to analyse trends and use of, among other things, the website, as well as to improve the user experience of the Platform.
We use Google Analytics to measure and analyse user information. This information includes data on the most visited pages, the average duration of each visit to the Platform, which browser is most used, etc. The information is not used to identify individual users of the Platform.
We use functional cookies to ensure that the Platform works properly and to provide you with a pleasant user experience.
We use social media such as X and LinkedIn on the Platform. These social media providers may also use cookies, for example to measure your ‘click behaviour’. To find out more, please visit the websites of the respective social media providers.
Privacy Statement Retriever Media Informatie B.V. – retrievermedia.be – version 22 June 2026