Privacy Policy

Last updated: March 29, 2026

Antwerpen Braider ("we", "us", or "our") is a mobile braiding service operating across Belgium. We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Belgian law.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have. By using our website (antwerpenbraider.com) or booking our services, you acknowledge this policy.

1. Data Controller

The data controller responsible for your personal data is:

Antwerpen Braider

Mobile Braiding Service — Belgium

Email: home@antwerpenbraider.com

Website: antwerpenbraider.com

2. Personal Data We Collect

We collect the following categories of personal data:

a) Booking & Contact Information

  • Full name
  • Email address
  • Phone number
  • Service address / location (for mobile appointments)
  • Preferred appointment date and time
  • Selected braiding service and style
  • Special requests or notes

b) Payment Information

  • Payment method type (card, Bancontact, etc.)
  • Transaction reference and status
  • Billing details (as required by Stripe)

We do not store full card numbers. All payment processing is handled securely by Stripe, which is PCI-DSS compliant.

c) Communication Data

  • Messages submitted via our contact form
  • Email and SMS communication history
  • Notification preferences (email / SMS opt-in)

d) Technical & Usage Data

  • IP address and browser type
  • Pages visited and time spent on site
  • Referral source
  • Device type and operating system

This data is collected via Google Analytics (anonymised where possible) and standard server logs.

3. Legal Basis for Processing

We process your personal data on the following legal grounds under GDPR Article 6:

PurposeLegal Basis
Processing and managing your bookingContract performance (Art. 6(1)(b))
Processing payment via StripeContract performance (Art. 6(1)(b))
Sending booking confirmations and reminders by email/SMSContract performance (Art. 6(1)(b))
Responding to contact form enquiriesLegitimate interest (Art. 6(1)(f))
Sending marketing emails or newslettersConsent (Art. 6(1)(a))
Website analytics and performance monitoringLegitimate interest (Art. 6(1)(f))
Compliance with legal obligationsLegal obligation (Art. 6(1)(c))

4. How We Use Your Data

  • To confirm, manage, and fulfil your braiding appointment
  • To process your payment securely via Stripe
  • To send you booking confirmation, appointment reminders, and follow-up messages via email and/or SMS
  • To respond to your enquiries submitted via our contact form
  • To manage cancellations, rescheduling, and refunds
  • To improve our website and services through analytics
  • To send you promotional communications (only with your consent)
  • To comply with applicable legal and tax obligations

5. Third-Party Service Providers

We share your data only with trusted third parties who help us deliver our services. All processors are bound by data processing agreements:

Stripe

Payment processing

USA / EU (SCCs in place)

Privacy Policy ↗
Supabase

Database and authentication hosting

EU

Privacy Policy ↗
Resend

Transactional email delivery

USA (SCCs in place)

Privacy Policy ↗
Twilio

SMS notifications and reminders

USA (SCCs in place)

Privacy Policy ↗
Google Analytics

Website usage analytics (anonymised)

USA (SCCs in place)

Privacy Policy ↗
Google Maps

Location and distance calculation for mobile service

USA (SCCs in place)

Privacy Policy ↗

We do not sell your personal data to any third party.

6. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

  • Booking records: Retained for 7 years to comply with Belgian accounting and tax law
  • Payment records: Retained for 7 years as required by law
  • Contact form messages: Retained for 2 years from the date of submission
  • Marketing consent records: Retained until you withdraw consent
  • Analytics data: Aggregated and anonymised; retained for up to 26 months

After the applicable retention period, your data is securely deleted or anonymised.

7. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Ask us to correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data ("right to be forgotten"), subject to legal obligations.

Right to Restriction

Ask us to restrict processing of your data in certain circumstances.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

Right to Lodge a Complaint

File a complaint with the Belgian Data Protection Authority (GBA/APD).

To exercise any of these rights, please contact us at home@antwerpenbraider.com. We will respond within 30 days.

Belgian Data Protection Authority (GBA/APD): www.dataprotectionauthority.be

8. Cookies

Our website uses cookies and similar tracking technologies. We use:

  • Essential cookies: Required for the website to function (e.g., session management, payment security). Cannot be disabled.
  • Analytics cookies: Google Analytics cookies to understand how visitors use our site. These are anonymised where possible.
  • Preference cookies: To remember your language and notification preferences.

You can manage or disable non-essential cookies through your browser settings. Disabling analytics cookies will not affect your ability to book our services.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:

  • HTTPS encryption for all data transmitted via our website
  • Secure, access-controlled database hosted on Supabase (EU region)
  • PCI-DSS compliant payment processing via Stripe
  • Role-based access controls for administrative data
  • Regular security reviews and updates

In the event of a data breach that poses a risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

10. International Data Transfers

Some of our service providers (Stripe, Resend, Twilio, Google) are based outside the European Economic Area (EEA). Where data is transferred to countries not deemed adequate by the European Commission, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

11. Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

Bookings for children's braiding services must be made by a parent or legal guardian.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us:

Antwerpen Braider

Email: home@antwerpenbraider.com

Website: antwerpenbraider.com/contact

← Back to HomeTerms of Service →