Your privacy matters to us - learn how we protect your personal data
Last updated: June 24th, 2025
This privacy policy explains how Oh Dear collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and Belgian data protection law.
The data controller responsible for your personal data is:
Immutable VOF
Hemelshoek 277
2590, Berlaar, Belgium
VAT number: BE 0699.594.682
Email: [email protected]
We collect and process the following categories of personal data:
We process your personal data based on the following legal grounds:
We use your personal data to:
We may share your personal data with:
We ensure adequate protection through Data Processing Agreements (DPAs) with all third-party processors.
Some of our service providers may be located outside the European Economic Area (EEA). When transferring data internationally, we ensure adequate protection through:
We retain your personal data only as long as necessary:
As a data subject, you have the following rights:
You can request access to your personal data and information about how we process it.
You can request correction of inaccurate or incomplete personal data.
You can request deletion of your personal data when it's no longer necessary or you withdraw consent.
You can request limitation of processing in certain circumstances.
You can request your data in a structured, machine-readable format to transfer to another service.
You can object to processing based on legitimate interests or for direct marketing purposes.
Where processing is based on consent, you can withdraw it at any time.
To exercise any of your rights, please contact us at [email protected] or use our contact form. We will respond within one month of receiving your request.
You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit/Autorité de protection des données) if you believe we have not handled your personal data properly.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
In case of a personal data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, as required by GDPR.
We do not use tracking cookies. We do use cookies for technical purposes such as session management.
We may update this privacy policy from time to time. We will notify you of significant changes by email or through our service. The current version is always available on our website.
If you have any questions about this privacy policy or our data practices, please contact us:
For customers who process personal data through our services, our Data Processing Agreement (DPA) is available here.