Back

Data Protection — GDPR

Last updated: February 2026

1. Your rights in detail

In accordance with the General Data Protection Regulation (GDPR — EU Regulation 2016/679), you have the following rights:

  • Right of access (Article 15): you may request a copy of all personal data we hold about you, as well as information about how it is processed.
  • Right to rectification (Article 16): you may request the correction of inaccurate or incomplete personal data.
  • Right to erasure (Article 17): you may request the deletion of your personal data when it is no longer necessary or when you withdraw your consent.
  • Right to restriction of processing (Article 18): you may request the restriction of the processing of your data in certain circumstances.
  • Right to data portability (Article 20): you may request to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to object (Article 21): you may object to the processing of your data on grounds relating to your particular situation.

2. How to exercise your rights

To exercise any of your rights, you may:

  • Contact your company administrator, who can process your request directly through the OperSite platform.
  • Send us an email at: BellafSoftware@gmail.com

We commit to responding to your request within a maximum of 30 days from receipt. If the request is complex, this period may be extended by two months, in which case you will be informed.

For security reasons, we may need to verify your identity before processing your request.

3. Data controller and processor

Data controller: the client company that uses OperSite to manage its cleaning interventions. It is the entity that determines the purposes and means of processing your data.

Data processor: BellafSoftware (publisher of OperSite) acts as a data processor within the meaning of Article 28 of the GDPR. We process data only on the instructions of the client company and within the framework of the service contract.

4. Security measures

We implement the following technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Irreversible hashing of passwords
  • Role-based access control (Admin, Manager, Worker)
  • Secure authentication via Supabase Auth
  • Logging of access and modifications
  • Hosting on certified infrastructure (Google Cloud, Supabase)

5. Data transfer outside the EU

All data is hosted within the European Union. No personal data is transferred outside the EU.

  • Database: Supabase — EU region
  • Web application: Firebase App Hosting — europe-west4 region (Netherlands)
  • File storage: Supabase Storage — EU region

6. Supervisory authority — DPA

If you believe that the processing of your personal data constitutes a violation of the GDPR, you have the right to file a complaint with the DPA (Data Protection Authority), the Belgian supervisory authority.

  • Address: Rue de la Presse 35, 1000 Brussels
  • Phone: +32 (0)2 274 48 00
  • Website: www.autoriteprotectiondonnees.be

7. DPO contact

For any questions regarding the protection of your personal data or to exercise your rights, you may contact our team at: BellafSoftware@gmail.com

Also refer to our privacy policy for more details on how your data is processed.