← Back

Portpass' Privacy Policy

Date of last revision: September 2025

Your privacy is Peripass' – the provider of the Portpass – top priority and therefore we have drawn up a transparent and detailed privacy policy ("Privacy Policy").

This Privacy Policy applies to all processing activities of Portpass (as defined below) as the data controller, inter alia, to (i) our Website, (ii) our Platform and (iii) all relations between Portpass, its Customers, and its Users.

Please read this Privacy Policy together with our other supporting & legal documents. Portpass may update this Privacy Policy in the future: the latest version can always be found on our Website or Platform.

1. About this Privacy Policy

Portpass may collect, store, and process personal data related to you ("your Personal Data") as a result of actions such as visiting our Website (www.Portpass.be), recent interactions with us, or your commercial relationship with Portpass. This Privacy Policy describes (i) how we collect, treat and store your Personal Data; (ii) the rights you can exercise in relation to your Personal Data; and (iii) the measures we take to protect it and to secure your Personal Data.

Portpass respects your privacy and we always strive to act in accordance with the applicable privacy legislation, such as (non-exhaustive): (i) the General Data Protection Regulation 2016/679 of April 27, 2016 ("GDPR"); (ii) the ePrivacy Directive 2002/58/EC of 12 July 2002, including future amendments and revisions thereof; and/or (iii) (future) national legislation regarding the implementation of the GDPR (together: "Privacy Legislation").

2. Portpass as data controller

We are Peripass NV, a private limited company, incorporated and existing under the laws of Belgium, with registered office at Bellevue 3, Bus 101 – 9050 Gent, Belgium, and with enterprise number 0715.784.576 ("Peripass", "Portpass" or "we | us").

Portpass is the developer and provider of the Portpass application as described and represented via the Website ("Platform") and the corresponding online service of Portpass ("Service") and is the owner of the Website.

In light of Privacy Legislation, Portpass will act as the data controller of your Personal Data for the purposes described in this Privacy Policy. This entails that we are in control of (and therefore responsible for) your Personal Data.

3. Portpass' processing activities

Which Personal Data we collect, store and otherwise process and the purpose for which we process this data may differ depending on your relation with Portpass. In particular, we identify five different scenarios:

  • You are browsing on our Website;

  • You (wish to) receive updates and newsletters related to Portpass services and products or are included in our sales and marketing initiatives;

  • You receive necessary information on updates regarding our Platform;

  • You are seeking a commercial relationship with Portpass;

  • You are | your company is a partner, customer or supplier of Portpass;

  • You are a Portpass Holder and you have an active profile in the Portpass Application;

3.1 You are browsing on our Website

Contacting Portpass via the Website

Purpose: To answer any questions you may have and/or to initiate a conversation

Personal Data:

  • First name

  • Last name

  • Email address

  • Voluntarily provided information

Legal basis: Consent

Retention period: As long as relevant in the context of your inquiry

Placing cookies on your end-device

When browsing on our Website and Platform, we may also collect your Personal Data through cookies stored on your device(s) in order to optimize the functioning of the Website and Platform. Cookies are solely placed for the purpose of running the website and preventing cross-site request forgery.

3.2 You (wish to) receive newsletters, including sales and marketing campaigns

Portpass' newsletter

Purpose: Providing more information on (new features of) the Portpass Platform, our Service or related products/services. This also includes sales and marketing campaigns.

Personal Data:

  • First name

  • Last name

  • Email address

  • Company

Legal basis: Consent; Legitimate interest in case of prospecting after establishing a relationship

Retention period: Until you have objected to the processing of your Personal Data or have withdrawn your consent for this purpose

3.3 Customer communication in relation to our application

Informing customers of updates

Purpose: Keeping customers informed of any updates regarding our Services or Platform

Personal Data:

  • First and last name

  • Company

  • Email address

  • Job title

Legal basis: Legitimate interest

Retention period: Until you object to the processing of your Personal Data or one (1) year following the termination of the commercial relationship between the Customer and Portpass

Asking for feedback to improve our services, application

Purpose: Portpass may ask for your feedback directly or through surveys to improve our Services or Platform

Personal Data:

  • First name

  • Last name

  • Email address

  • Telephone number

  • Company

  • Job title

  • Any feedback that is provided

Legal basis: Legitimate interest

Retention period: Until one (1) year following the termination of the commercial relationship between the Customer and Portpass

(Technical) support

Purpose: Providing support to customers that encounter issues in the Platform

Personal Data:

  • First name

  • Last name

  • Telephone number

  • Email address

  • Voluntarily provided information

Legal basis: Necessary for the performance of the agreement

Retention period: Until one (1) year following the termination of the commercial relationship between the Customer and Portpass

3.4 You are seeking a commercial relationship with Portpass

General communication with Portpass

Purpose: If you are interested in Portpass's services, we can provide more information

Personal Data:

  • First name

  • Last name

  • Email address

  • Company/organization

  • Role/position

  • Voluntarily provided information

Legal basis: Legitimate interest

Retention period: Until one (1) year following your contact with Portpass

3.5 You are | your company is a partner, customer or supplier of Portpass

General communication and providing of services

Purpose: To communicate with you in the scope of our commercial relationship

Personal Data:

  • First name

  • Last name

  • Email address

  • Telephone number

  • Company/organization

  • Role/position

  • Voluntarily provided information

Legal basis: Necessary for the performance of the agreement

Retention period: For the duration of your commercial relationship with Portpass and in accordance with any (data processing) agreements concluded with Portpass. Data retention periods can also be influenced by our legal obligations related to our purchases and/or sales.

Billing

Purpose: To pay your invoices for the services provided (incl. corresponding communication)

Personal Data:

  • First name

  • Last name

  • Email address

  • Telephone number

  • Address

  • Company/organization

  • Role/position

  • Bank account number (IBAN)

  • VAT number

Legal basis: Necessary for the performance of the agreement

Retention period: For 10 years starting from the first January 1st following the invoice

3.6 You are a Portpass Holder and you have an active profile in the Portpass Application

Purpose: To pay your invoices for the services provided (incl. corresponding communication)

Personal Data:

  • First name

  • Last name

  • Email address

  • Telephone number

  • Company/organization

  • Role/position

  • Address

  • VAT number

  • Driver's license

  • Account information

Legal basis: Legitimate interest

Retention period: Until 1 year after the expiration of an active Portpass

4. Legal basis for processing

You can find more information on the applicable legal basis for each of the identified processing activities in Section 3 above.

In case the legal basis for processing happens to be legitimate interest, Portpass shall always (i) assess whether this is in proportion with the purpose for which your Personal Data was collected and used; and, (ii) take your reasonable expectations into account and ensure a balance with your fundamental rights and freedoms. If we cannot guarantee this, we will stop storing / using your Personal Data or we will determine a new legal ground.

5. Retention period

You can find more information on the retention period of your Personal Data for each of the identified processing activities in Section 3 above.

We do not process your Personal Data any longer than is necessary for the purposes set forth in this Privacy Policy. We do store your Personal Data as long as your account is active or when the processing of your Personal Data is necessary to allow you to make use of our Platform. If you want to receive a more detailed description of our different data retention periods, you can always contact privacy@portpass.com.

6. Sharing of personal data to third parties

Portpass shall not disclose your Personal Data to other third parties, unless it is necessary to achieve the purposes described in this Privacy Policy. In this respect, (some of) your Personal Data may be disclosed to hosting companies (hosting our online platforms), technology / marketing tool companies (helping us manage our customers and deliver messages) and analytics companies (helping us improve your experience on our Platform) ("Sub-processors").

Of course, we have made sure that the necessary agreements or similar legal binding acts are in place to ensure that these third parties treat your Personal Data in accordance with the Privacy Legislation (e.g. Article 28 GDPR).

In addition, Portpass may disclose your Personal Data:

  • To the competent authorities: for instance (i) if Portpass is obliged to do so under the law or under legal or future legal proceedings, and (ii) to safeguard and defend our rights;

  • In M&A context: meaning, if Portpass or the majority of its assets, is taken over by a third party, in which case your Personal Data – which Portpass has collected – may be one of the transferred assets.

Portpass shall not transfer, sell, hire out or pass on your Personal Data to third parties for purposes outside the purposes listed in this Privacy Policy, such as, but not limited to marketing purposes, except when it (i) has obtained your permission to this end and (ii) has completed a data processing agreement with the third party in question, which contains the necessary guarantees regarding confidentiality and privacy compliance of your Personal Data.

7. Transfers of personal data to third countries

In case any of the above-mentioned Sub-processors or other recipients are located in a country outside the European Economic Area, Portpass will ensure that one or more of the listed EU-approved safeguards are in place:

  • European Commission adequacy decision;

  • Data transfer agreement (cfr. the Standard Contractual Clauses or "SCC's" as provided in the European Commission Implementing Decision (EU) 2021/914 of 4 June 2021, including the performance of a transfer impact assessment);

  • Binding corporate rules; or

  • Certification mechanisms.

Every transfer to a third country, not recognized by an adequacy decision, is subject to an assessment by Portpass to determine if there is anything in the law and/or practices in force of said third country that may infringe on the effectiveness of the appropriate safeguards in place (as identified above).

Where required on the basis of aforementioned assessment, Portpass shall identify and implement appropriate supplementary measures to govern any data transfer to such international organization or a third country without an adequacy decision to ensure the level of data protection as required by EU law.

Furthermore, Portpass shall take all reasonable efforts to implement sufficient guarantees and measures to protect the Personal Data and ensure the effectiveness of the protection of the SCC's, binding corporate rules and/or certification mechanisms.

8. Your privacy rights

The Privacy Legislation (e.g. GDPR) grants certain rights over your Personal Data in relation to Portpass. You can exercise these rights by contacting us at privacy@portpass.com. In light of the processing of your Personal Data, you enjoy the following privacy rights:

Access: you can ask for confirmation of whether or not Personal Data that relates to you is being processed. If so, you can ask us to give you copies of your Personal Data in structured and commonly used, machine-readable format;

Rectification: you can ask us to correct | complete any information you believe is inaccurate | incomplete;

Erasure: you can ask us to erase your Personal Data, under certain conditions. Please be aware that in this context certain services will no longer be accessible and/or can no longer be provided;

Objection: you can object to us processing your Personal Data, without any justification and/or the transmission of your Personal Data to third parties. We are not legally obliged to comply with your request if we can prove that we have compelling legitimate grounds which override your interests, rights and freedoms. When your Personal Data is used for direct marketing purposes, you have an absolute right to object to this processing activity.

Restriction of processing: you can ask us to temporarily restrict or "freeze" the processing of your Personal Data, e.g. when it is disputed whether your Personal Data was processed lawfully.

Data portability: you can ask us to transfer your Personal Data to another organization, or directly to you in a commonly used structured format readable by automatic device, under certain conditions.

Updates | Newsletters. If you no longer wish to receive any of our communications, you can object to these direct marketing communications by contacting us via email at privacy@portpass.com or unsubscribing by clicking the link in the footer of the email. Upon receipt of your objection, we will stop processing your Personal Data for Portpass's communications.

When submitting a request to exercise your rights, Portpass may ask for additional information to identify yourself.

If processing your request requires unreasonable measures (e.g. it is technically or organisationally almost impossible or extremely costly) then Portpass can charge you reasonable compensation in light of the administrative costs involved in fulfilling the request. Portpass can also refuse to process requests that are excessive, particularly due to their repetitive nature.

9. Security of personal data

The security and safety of your Personal Data is Portpass's top priority. Portpass implements a variety of technical and organizational security measures designed to protect your Personal Data from (i) unauthorized access or disclosure and (ii) loss, abuse or alteration. However, Portpass is not in a position to guarantee absolute security.

The security of your account will also partly depend on the confidentiality and complexity of your password. You may not disclose to or share with any third parties your account. Portpass therefore strongly advises you, if you observe that someone has accessed your account or if your account is at risk of being hacked, to immediately change your password and contact us at privacy@portpass.com.

Portpass uses its best efforts to protect the confidentiality and security of your Personal Data. In case Personal Data breaches, Portpass undertakes to notify the Data Protection Authority without delay and, if possible, not later than 72 hours after becoming aware of such Personal Data breach (if required by the Privacy Legislation).

Portpass shall in no event be liable for any direct or indirect damages that result from a wrong or illegal handling by third parties.

10. Updates

We reserve the right to modify this Privacy Policy at any time. Any changes to the Privacy Policy will be published on the Platform and on the Website. In case of significant changes to the Privacy Policy that results in Portpass using your Personal Data in a manner materially different from that stated at the time of the collection, we will provide you with a notice on the Platform and/or send you an email notification.

11. Notifications and questions

Notifications under this Privacy Policy (such as exercising your data subject rights) and/or questions or complaints about the implementation of this Privacy Policy should be directed at privacy@portpass.com.

12. Complaints

You are not satisfied with the manner in which we collect, store or otherwise treat or secure your Personal Data? We are sorry to hear that and are prepared to take all measures to remedy this situation. Please do contact us as specified above.

You also have the right to lodge a complaint with the authorized supervisory authority (i.e. the Belgian Data Protection Authority or the data protection authority of (i) your residence or (ii) your workplace) should you consider that the processing of your Personal Data infringes the Privacy Legislation. You can send an email to the Belgian Data Protection Authority at contact@apd-gba.be or contact them via regular mail at Drukpersstraat 35, 1000 Brussels, Belgium. You can also call the Belgian Data Protection Authority: +32 (0)2 274 48 00.

If you would like to receive more information on how to contact them, please visit this webpage: https://www.gegevensbeschermingsautoriteit.be/contact.

Peripass NV | BE-0715.784.576
Bellevue 3, Bus 101 – 9050 Gent, Belgium
W: www.portpass.com | E: privacy@portpass.com