1. Purpose of the privacy policy

The purpose of this privacy policy is to inform users of our site about the personal data we will collect as well as the following information, where applicable:

1. The personal data we will collect
2. Use of the collected data
3. Who has access to the collected data
4. The rights of site users
5. The site's cookie policy

This privacy policy operates in conjunction with the general terms of use of our site.

2. Applicable laws

In accordance with the General Data Protection Regulation (GDPR), this privacy policy complies with the following regulations.

Personal data must be:

1. processed lawfully, fairly and in a transparent manner in relation to the data subject (lawfulness, fairness and transparency);
2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (purpose limitation);
3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimization);
4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (storage limitation);
6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (integrity and confidentiality).

Processing shall be lawful only if and to the extent that at least one of the following applies:

1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
3. processing is necessary for compliance with a legal obligation to which the controller is subject;
4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

For residents of the State of California, this privacy policy aims to comply with the California Consumer Privacy Act (CCPA). If there are any inconsistencies between this document and the CCPA, the state's legislation shall apply. If we find any inconsistencies, we will amend our policy to comply with the relevant law.

3. Consent

Users agree that by using our site, they consent to:

1. the terms set out in this privacy policy and
2. the collection, use and retention of the data listed in this policy.

4. Personal data we collect

Data collected non-automatically

We may also collect the following data when you perform certain functions on our site:

1. Email

This data may be collected using the following methods:

• Waitlist form

Please note that we only collect data that helps us achieve the purpose set out in this privacy policy. We will not collect additional data without informing you first.

5. How we use personal data

Personal data collected on our site will only be used for the purposes specified in this policy or indicated on the relevant pages of our site. We will not use your data beyond what we disclose. The data we collect when the user performs certain functions may be used for the following purposes:

1. Communication
2. Internal statistics

6. With whom we share personal data

Employees

We may disclose user data to any member of our organization who reasonably needs access to user data to achieve the purposes set out in this policy.

Third parties

We may share user data with the following third parties:

• None

We may share user data with third parties for the following purposes:

• None

Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.

Other disclosures

We undertake not to sell or share your data with third parties, except in the following cases:

1. if required by law;
2. if it is required for any legal proceeding;
3. to prove or protect our legal rights;
4. to buyers or potential buyers of this company in the event that we seek to sell the company.

If you follow hyperlinks from our site to another site, please note that we are not responsible and have no control over their privacy policies and practices.

7. How long we store personal data

We do not keep user data for any longer than is necessary to achieve the purposes for which it is collected.

8. How we protect your personal data

In order to protect your security and privacy, we use various encrypted protocols such as, but not limited to: TLS/SSL, SSH, HTTPS, hashing, etc.

All data stored in our system is well secured and only accessible to our employees.

Your information is stored on secure, password-protected servers that are physically protected and located exclusively in the European Union.

While we take all reasonable precautions to ensure that our user data is secure and that users are protected, there remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.

9. Minors

The GDPR specifies that people under the age of 15 are considered minors for the purposes of data collection. Minors must have the consent of a legal representative for their data to be collected, processed and used.

10. You rights as a user

Under the GDPR, users have the following rights as data subjects:

1. right of access;
2. right to rectification;
3. right to erasure;
4. right to restrict processing;
5. right to data portability;
6. right to object.

You can find more information about these rights in Chapter 3 (Art. 12-23) of the GDPR.

11. Cookies policy

A cookie is a small file, stored on a user's hard drive by the website. Its purpose is to collect data relating to the user's browsing habits.

• We do not use cookies on our site.

12. How to modify, delete or challenge collected data

If you wish to have your information deleted or modified in any way, please contact our privacy officer here:

• Arthur Wallendorff
• howdy@bytebakers.dev
• +32 (0) 4 86 88 69 17

13. Changes

This privacy policy may be modified from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. We recommend that our users check our policy from time to time to ensure that they are informed of any updates. If necessary, we may notify users by email of changes to this policy.

14. Contact

If you have any questions for us, please feel free to contact us using the following information:

• ByteBakers
• howdy@bytebakers.dev
• +32 (0) 486 88 69 17
• ByteBakers
• Rue de la Colonne, 1A, 1080 Bruxelles

Effective Date: 01/09/2024 (day/month/year)