Privacy and cookie policy

Before we get started

Webclew BV ("us", "we", or "our") operates a domain monitoring platform ("Platform") to help companies collect personal data online in a safe and compliant way. This privacy notice explains how we use personal data when you use our Platform and visit our ("Website").

Less is more

We hope our products and expertise speak for themselves. We don't add any marketing-related tracking on our website. We do want to offer an easy way to contact us. We also want to have a sense of the number of visitors on our website.

Which data do we collect and why?

As a data controller under GDPR, we can only process your personal data when we have a lawful basis such as:

  • Consent: you make an active and informed choice to give us access to your data;
  • Contract: you share data so we can enter into and perform a contract;
  • Legitimate interest: you can reasonably expect us to use your data with clear benefits to us and limited privacy impact for you (e.g., Platform security);
  • Legal obligation: we have to access your data to comply with the law.

The following table summarizes which types of data (what?), we collect for which purposes (why?) in which event (when?).

WhyWhatWhen youBased on
Collect anonymous statistics about Platform and Website usageIP address and user agentVisit our websiteUse our PlatformOur legitimate interest
Offer a chatbox (Crisp)IP address and user agent, First-party cookies, Chat messagesVisit our websiteYour consent
Detect bugs and monitor performanceIP address and user agentUse our PlatformOur legitimate interest
Authenticate usersEmail address, PasswordUse our PlatformOur contract with you
Enter into a contractEmail address, Invoice detailEnroll for Platform servicesOur contract with you

When do we share data with third parties?

While we intend to limit sharing data with third parties, we have to do so to run our Platform and company. Third parties include:

  • Data processors: service providers operating on our behalf (detailed next);
  • Accountant: for invoicing and corporate tax obligations;
  • Public authorities: when we are obliged to report to them.

We have carefully selected data processors based on their technical capabilities and data protection measures. The following table gives an overview of each party.

Entity nameActivitiesData scopePrivacy policy
Digital oceanCloud Service ProviderUnited StatesLink
Fathom AnalyticsPlatform usage analyticsCanadaLink
SentryApplication monitoring for technical troubleshootingUnited StatesLink
CrispMessaging platform for customersFranceLink

Do we Transfer of personal data outside the EEA?

The short answer is we don't.

When personal data is transferred outside the European Economic Area, GDPR requires data exporters to provide specific safeguards to make sure that the protection of personal data travels with the data.

While we do work with AWS for cloud services, we do not store any personal data in the cloud. Other processors are based in Europe.

What are your rights?

GPDR offers you the following rights towards us. Any request will be handled within 30 days.

  • Access to verify which personal data is being processed by Ads & Data
  • Rectification to correct incorrect or incomplete personal data such as an outdated e-mail address.
  • Erasure to erasure to delete your personal data unless we are legally required to process these (e.g., contact information on invoices)
  • Restriction to stop processing your personal data in specific circumstances
  • Objection to the further usage of your data such as direct marketing
  • Data portability to transfer your data to another organization

Do you want to exercise your rights? Please reach out to

Please also note you can file a complaint to our supervising data protection authority. Data Protection Authority, Drukpersstraat 35, 1000 Brussels, Belgium,,, tel: +32 2 427 48 00.

Of course, we hope to get in touch before to resolve any complaints so you don't have to take this step.

How to reach us?

Do you have any questions about what this privacy policy did or did not cover? Please reach us through

This Data Processing Agreement ("DPA") supplement and form an integral part of the Webclew BV Terms and Conditions.

The terms of this DPA apply only when:

  • we process personal data on behalf of you as a Client ("Client Data") using the Platform;
  • such personal data are subject to the data protection laws of (a) the European Union, (b) the European Economic Area, (c) Switzerland; and/or (d) the United Kingdom; and
  • you use the platform with an active account in line with our Terms and Conditions.

Any capitalized terms not defined in this DPA will have the meaning as set out in our Terms and Conditions. All terms that coincide with terms used in the GDPR, have the meaning assigned to them in the GDPR.

We ensure that any processing of personal data by a sub-processor is governed by terms that are not less protective than the obligations and limitations as those set out in this DPA. We currently use the sub-processors listed in Appendix 1.

You authorize us to:

  • work with the sub-processors listed in Appendix 1; and
  • change an existing sub-processor or add a new one.

We will notify you four weeks before making any changes to sub-processors in Appendix 1. You are entitled to object to such a change by terminating the Agreement.

Duration and termination

We process Client Data for the duration of the Agreement, unless otherwise agreed in writing.

Deletion of Data

We will return or delete Client Data upon your request up to 90 days after the end of the Agreement.


We shall only be liable under this DPA if we (i) did not comply with its specific obligations under the GDPR, or (ii) acted outside or in violation of the lawful instructions of the Controller

In any case, the provisions of the Agreement concerning liability shall also apply to this DPA and any services provided by us hereunder.

Other provisions

The provisions of the Terms and Conditions concerning changes, completeness of the agreement, severability, applicable law and competent court are applicable to this DPA.

Appendix 1

The following sub-processors are used to operate the Services:

Entity nameActivitiesData scopePrivacy policy
Digital oceanCloud Service ProviderUnited StatesLink
Fathom AnalyticsPlatform usage analyticsCanadaLink
SentryApplication monitoring for technical troubleshootingUnited StatesLink
CrispMessaging platform for customersFranceLink