Privacy Statement

Privacy Statement (GDPR - Belgium - Netherlands below)

Who I am

I'm Erik Van Horen, behind Clear Mirror. I'm based in Belgium, and I'm the data controller responsible for your information.

My business address

Brantegemstraat 5, 9450 Haaltert, Belgium

What data I collect and why

When you contact me, book a call, or sign up for anything, I may collect:

  • Your name and email address

  • Your phone number (if you share it)

  • Anything else you choose to tell me

I use this data only to:

  • Reply to your messages

  • Schedule calls or sessions

  • Send you information you've asked for

  • Keep basic records of our professional relationship

Legal basis (GDPR)

I process your data based on:

  • Your consent (when you reach out to me)

  • Legitimate interest (following up with someone who contacted me)

  • Legal obligation (if Belgian or EU law requires me to keep records)

Who I share it with

Almost no one. I don't sell, rent, or trade your data.

I may share it only:

  • With your explicit permission

  • With trusted tools I use (email, calendar, etc.) that are GDPR-compliant

  • If required by Belgian or EU law

Where your data lives

Your data is stored in secure, password-protected systems. I use tools that comply with GDPR and respect Belgian privacy standards. Data is stored within the EU whenever possible.

How long I keep it

  • If we're working together: I keep your data for the duration of our work plus 3 years after our last contact, for administrative and legal purposes (as is standard in Belgium).

  • If we just exchanged a message or two: I'll delete your data within 12 months unless we decide to work together.

  • You can ask me to delete your data anytime (see below).

Your rights under GDPR (Belgium)

You have the right to:

  • Ask me what data I have on you (access)

  • Ask me to fix incorrect data (rectification)

  • Ask me to delete your data (erasure / "right to be forgotten")

  • Ask me to limit how I use your data (restriction)

  • Get a copy of your data in a usable format (portability)

  • Object to how I use your data (objection)

  • Withdraw your consent at any time

All of these are free. Just ask.

Supervisory authority (Belgium)

If you feel I've mishandled your data, you have the right to file a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données).

Website: www.dataprotectionauthority.be
Tel: +32 (0)2 274 48 00
Email: contact@apd-gba.be

But honestly? Just talk to me first. I'll do my best to make it right.

Third-party tools I use

[Please fill in your actual tools here — examples:]

  • Email: Easy Host, Ghent, Belgium

  • Calendar: Google Calendar

  • Website hosting: SiteBuilder at Easy Host, Ghent, Belgium

  • Document storage: OffLine Toshiba Data Storage Unit

All of these are GDPR-compliant.

Data breaches

If your data is ever compromised in a breach, I'll notify you and the Belgian Data Protection Authority within 72 hours of becoming aware.

Children

My services are for adults, leaders and organizations. I don't knowingly collect data from anyone under 18.

Changes to this policy

If I update this, I'll change the date below. Check back if you're curious.

Additional Information for the Netherlands

If you're based in the Netherlands, the same GDPR rules apply, but here are a few extra things you should know.

My status under Dutch law

I am a sole proprietor (eenmanszaak) based in Belgium. For clients in the Netherlands, I act as a data controller under the same GDPR framework. I do not have a registered office in the Netherlands, but I fully comply with Dutch GDPR enforcement.

Supervisory authority for the Netherlands

If you're in the Netherlands and feel I've mishandled your data, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Website: www.autoriteitpersoonsgegevens.nl
Tel: +31 (0)88 180 52 50
Email: info@autoriteitpersoonsgegevens.nl

That said, please reach out to me first. I'd much rather fix the issue directly.

Cross-border data processing

Since I'm based in Belgium and you may be in the Netherlands, your data may cross the border. That's fine under GDPR, as both countries are within the EU. Your data stays within the EU and is protected the same way everywhere.

Dutch-specific rights

Under Dutch law, you have the same GDPR rights listed above, plus a few clarifications:

  • Right to data portability: I will provide your data in a common, machine-readable format (like .csv or .txt) if you request it.

  • Right to restriction: If you dispute the accuracy of your data, I will limit its use while we sort it out.

  • Right to object: You can object to me using your data for direct marketing at any time. (I don't do spam anyway.)

Language

If you prefer to communicate in Dutch, that's absolutely fine. Je kunt me gewoon in het Nederlands aanspreken.

Contact for Dutch clients

For questions specific to the Netherlands, you can reach me at the same email address: erik@clearmirror.be

Contact me

Want access to your data? Want me to delete it? Just have a question?

Email me at: erik@clearmirror.be

Or use the contact form on my website.

Date of this policy: 23rd April 2026