Log in

Get Hejj free

Get Hejj free

Privacy policy

privacy policy

Hejj BV (“Hejj”, “we”, “us”), with registered office at [insert address], Belgium, and company number [insert], is committed to protecting your privacy. This Privacy Statement explains how we process your personal data when you use our website (https://hejj.io), our Platform (the Hejj SaaS application), or otherwise interact with us.

This Statement is drafted in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection legislation.

  1. Who is responsible for your data?

Hejj acts as the data controller when processing your personal data as a website visitor, prospective client, or user of our Platform. For customer data entered into the Platform by our clients, Hejj acts as a data processor (see our Data Processing Agreement).

Contact details:
Hejj BV
[Insert full address]
BE [insert company number]
Email: privacy@hejj.io

  1. What categories of personal data do we process?

We may collect and process the following categories of personal data:

  • Identification data: first name, last name, email address, phone number, job title, company name

  • Account data: login credentials (encrypted), user role, activity logs

  • Platform content: feedback, performance reviews, comments, survey answers

  • Technical data: IP address, browser type, device data, operating system

  • Usage data: pages visited, login times, feature usage, interaction metrics

  • Communication data: emails, chat messages, support tickets

We do not collect special categories of personal data (e.g. race, health, religion) unless explicitly submitted by the user. We request clients not to use our Platform to process sensitive data unnecessarily.

  1. How do we collect your data?

Your data is collected through the following means:

  • When you or your employer creates an account on the Hejj Platform

  • When you use the Platform to give or receive feedback, complete check-ins or reviews

  • When you contact us via our website, email, or customer support

  • When you sign up for a newsletter or other communication

  • Through cookies and similar technologies on our website (see our Cookie Policy)

  1. Why do we process your data and on what legal basis?

We process your personal data for the following purposes:

Purpose: Provide access to the Hejj Platform and features
Legal basis: Contractual necessity

Purpose: Manage customer relationships and support
Legal basis: Legitimate interest

Purpose: Respond to inquiries and demo requests
Legal basis: Legitimate interest

Purpose: Improve our product and user experience
Legal basis: Legitimate interest

Purpose: Send newsletters or marketing communications
Legal basis: Consent (where required)

Purpose: Ensure Platform security and fraud prevention
Legal basis: Legal obligation / legitimate interest

Purpose: Comply with legal obligations (e.g., tax, accounting)
Legal basis: Legal obligation

  1. With whom do we share your data?

We may share your data with:

  • Sub-processors who help us deliver the Platform (e.g., hosting providers, analytics tools, email delivery services)

  • Professional advisors (e.g., legal, financial) if required

  • Authorities if legally obligated to do so (e.g., for fraud detection or tax compliance)

A list of sub-processors is available upon request.

We do not sell or rent your personal data to third parties.

  1. Do we transfer your data outside the EEA?

Some of our sub-processors may be located outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  1. How long do we keep your data?

We do not retain personal data longer than necessary for the purposes described. Retention periods include:

Data type: Account and platform data
Retention period: Duration of the contract + up to 6 months

Data type: Customer support data
Retention period: 2 years after resolution

Data type: Analytics & usage data
Retention period: Up to 26 months (unless aggregated)

Data type: Legal documentation (e.g. invoices)
Retention period: 7 years (tax complicance)

You may request earlier deletion, unless we are legally obliged to retain the data

  1. WHAT RIGHTS DO YOU HAVE?

Under GDPR, you have the following rights:

  • Right of access: obtain confirmation and a copy of your data

  • Right to rectification: correct inaccurate or incomplete data

  • Right to erasure: request deletion of your data in certain cases

  • Right to restrict processing: limit how we use your data

  • Right to data portability: receive your data in a usable format

  • Right to object: to processing based on legitimate interests

  • Right to withdraw consent: at any time for processing based on consent

You can exercise these rights by contacting privacy@hejj.io.

You also have the right to lodge a complaint with the Belgian Data Protection Authority (https://www.gegevensbeschermingsautoriteit.be/).

  1. How do we protect your data?

We implement appropriate technical and organizational measures, including: - Encrypted data transmission (TLS) - Secure hosting in EU-based data centers - Role-based access control and audit logging - Regular backups and monitoring - Staff access on a need-to-know basis only

  1. USE OF COOKIES

We use cookies and similar technologies for: - Website analytics (e.g., Google Analytics) - Language preferences - Session management and authentication

You can manage your cookie preferences via our Cookie Policy.

  1. Updates to this privacy policy

We may update this Privacy Statement to reflect changes in law or our services. The latest version is always available on our website. Material changes will be communicated where legally required.

Contact

For any questions regarding this Privacy Statement, please contact:
privacy@hejj.io

Hejj.io BV - 17/01/2026