Privacy Policy
Last updated: March 2026
Resonatum respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what personal data we collect, the purposes for which we process it, how long we retain it, and what rights you have — in full compliance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applicable European privacy law.
The entity responsible for the processing of your personal data is: Resonatum
contact@resonatum.com
1. Information We Collect
We collect personal data only when you actively provide it to us. We do not collect data passively without your knowledge, except for anonymous analytics as described below.
Data collected when you contact us:
Your name
Your email address
Your phone number (if provided)
The content of your message or enquiry
Data collected automatically when you visit our website:
Anonymous usage data via Google Analytics: pages visited, time spent on the site, general geographic location (country/city level), browser type, and device type
No personally identifiable information is collected through analytics
Cookies placed on your device as described in our Cookie Policy (see Section 8 below and our full Cookie Policy at resonatum.be/cookies).
2. Purposes and Legal Bases for Processing
We process your personal data strictly for the following purposes and on the following legal bases under Article 6 GDPR:
Responding to your enquiry Legal basis: Article 6(1)(b) — pre-contractual steps at your request.
Following up on your interest in our services Legal basis: Article 6(1)(f) — legitimate interest of Resonatum to communicate with prospective clients.
Delivering agreed services once a project begins Legal basis: Article 6(1)(b) — performance of a contract.
Improving our website through anonymous analytics Legal basis: Article 6(1)(f) — legitimate interest of Resonatum to understand and improve website performance.
Processing cookies necessary for the website to function Legal basis: Article 6(1)(f) — legitimate interest for functional cookies. For any non-essential cookies, we rely on your consent where required under Belgian ePrivacy law.
Compliance with legal and financial obligations Legal basis: Article 6(1)(c) — legal obligation.
We do not use your personal data for automated decision-making or profiling as defined under Article 22 GDPR.
3. Retention Periods
We retain your personal data only for as long as necessary for the purpose for which it was collected:
Contact enquiries that do not lead to a project: Up to 12 months from the date of last contact, after which your data is deleted.
Contact enquiries that lead to a project: For the duration of the project and up to 7 years thereafter, in compliance with Belgian accounting and tax law.
Google Analytics data: Retained for 14 months, in accordance with our Google Analytics configuration..
4. Recipients of Your Personal Data
We do not sell, rent, lease, or trade your personal data to any third party. We may share your data with the following trusted service providers, solely to the extent necessary for the operation of our services:
Google LLC (Google Analytics) — for anonymous website analytics. Google is certified under the EU-US Data Privacy Framework, providing adequate safeguards for data transfers to the United States. For more information, see Google's Privacy Policy.
Framer B.V. (Netherlands) — our website is hosted on Framer's infrastructure. Contact form submissions are processed via Framer's servers. Framer acts as a data processor under a Data Processing Agreement.
Meta Platforms (WhatsApp) — if you contact us via WhatsApp, your communication is subject to Meta's privacy policy. We do not control or have access to WhatsApp's data infrastructure.
All third-party service providers are required to process your data securely, confidentially, and only for the specific purposes for which it was shared.
5. International Data Transfers
Some of our service providers (notably Google) are based outside the European Economic Area (EEA). Where data is transferred outside the EEA, Resonatum ensures that appropriate safeguards are in place, including:
The EU-US Data Privacy Framework (for Google LLC)
Standard Contractual Clauses (SCCs) approved by the European Commission
6. Cookies & Tracking
We use cookies on this website. Cookies are small text files stored on your device that help the website function correctly and allow us to understand how it is used.
We use two types of cookies:
Functional cookies — strictly necessary for the website to operate. These cannot be disabled and do not collect personally identifiable information.
Analytics cookies — anonymous cookies provided by Google Analytics that help us understand how visitors use our website. The data collected cannot be used to identify you personally.
We do not currently use advertising or marketing cookies. If this changes in the future, this Privacy Policy and our Cookie Policy will be updated accordingly, and a cookie consent banner will be implemented before any such cookies are activated.
For full details of the cookies we use, their purpose, and how to manage or disable them, please refer to our Cookie Policy at resonatum.be/cookies.
7. Your Rights
As a data subject under the GDPR, you have the following rights with respect to your personal data:
Right of access (Art. 15) — You may request a copy of the personal data we hold about you.
Right to rectification (Art. 16) — You may ask us to correct any inaccurate or incomplete personal data.
Right to erasure (Art. 17) — You may request the deletion of your personal data, subject to any overriding legal obligations we may have to retain it.
Right to restriction of processing (Art. 18) — You may ask us to limit how we use your data in certain circumstances.
Right to data portability (Art. 20) — You may request to receive your personal data in a structured, machine-readable format.
Right to object (Art. 21) — You may object to processing based on our legitimate interests. We will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests.
Right to withdraw consent — Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at contact@resonatum.be. We will respond within 30 days of receiving your request. In complex cases, this period may be extended by a further 60 days, in which case we will notify you.
8. Data Security
Resonatum implements appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:
HTTPS encryption across the entire website
Restricted access to personal data on a need-to-know basis
Use of trusted, GDPR-compliant service providers
No method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The most recent version will always be available on this page. We recommend reviewing this policy periodically. The date of the most recent update is indicated at the top of this document.