Michael Oetjen, as a
self-employed individual, is the data controller for personal data processing
in the context of its activities as a prepress consultant.
For resold software, as a commercial intermediary, we facilitate the
acquisition of licenses, but personal data related to the use of the software
is processed directly by the publisher according to its own privacy policies.
We do not act as a processor — we have no access, no control, and no legal
obligation regarding these treatments.
Contact details:
Quartier du Mayeur 67
5377 Somme-Leuze
Belgium
Business Registration Number / VAT ID: BE 1029.821.284]
+32 472 56 14 19
michael@oetjen.online
Michael Oetjen respects your privacy and ensures that the personal information you provide us remains confidential, in accordance with the General Data Protection Regulation (GDPR - Regulation (EU) 2016/679) and applicable Belgian legislation, including the Act of 11 December 2007 concerning the protection of privacy in the processing of personal data in the electronic communications sector.
In this privacy policy, you can read what data we collect when you use our services and/or products, why we collect this data, and how we use it. We also explain your rights, who has access to your data, and how long we retain it (in accordance with the information obligations set out in Articles 13 and 14 of the GDPR, which require, in particular, the mention of data categories, recipients, retention periods and legal bases). If, after reading this policy, you still have questions about our privacy policy, you can send them to michael@oetjen.online.
Michael Oetjen collects and processes your data for the purposes described below. In this regard, we use both the data you provide us (e.g. via email or during meetings) and data we generate ourselves (e.g. mission reports).
We retain personal data only for as long as necessary for the intended purposes or for the period prescribed by Belgian law (principle of data minimisation — Article 5(1)(e) of the GDPR).
To carry out the consulting missions you entrust us with, we need to process the contact details of individuals within your company, as well as all information necessary for the successful execution of the project. All such information will be included in a client file.
· Data processed: Name, first name, position, professional email address, phone number, company address, meeting notes, digital meeting recordings, and any work documents transmitted in the context of the mission.
· Retention period: We retain these files for the entire duration of the contractual relationship, then for a period of 10 years after the end of the mission, to cover our civil liability (statute of limitations under Belgian law).
To manage billing for our services and maintain our accounting, we must process your financial and administrative information. This processing is a legal obligation.
· Data processed: VAT number, bank account number, name and first name of the contact person, company email address, company postal address, billing address, payment history, purchase orders, correspondence language.
· Retention period: Invoices and accounting documents are retained for 7 years following the relevant fiscal year, in accordance with Belgian tax law. For legal prudence, some data may be archived for up to 10 years.
When you contact us via our website form or by email for an information request or quote, we process your data to respond.
· Data processed: Name, first name, email address, phone number, content of your message.
· Retention period: If your request leads to a contract, the data is merged into the client file (see point 1). If the request does not lead to a contract, we delete these exchanges 1 year after the closure of the request.
Processing of this data is based on our legitimate interest in responding to your request (Art. 6(1)(f) GDPR), or on contract execution if a commercial relationship is established.
We may process the contact details of professional contacts (obtained at events, via LinkedIn, third-party recommendations, publicly available online information, or business card exchanges) to inform you of our services or maintain our professional network, based on our legitimate interest.
· Data processed: Name, first name, position, company, professional email address, phone number.
· Retention period: These data are actively retained for 3 years after our last contact. You have the right to object to this processing at any time (right to withdraw / right to object — Article 21 of the GDPR).
We have conducted a legitimate interest assessment for this processing, balancing our commercial interests with your fundamental rights and freedoms. You may request cessation of this processing at any time via michael@oetjen.online.
As a reseller of prepress software, we process data necessary for the use of the software we resell (e.g., print files, configuration settings, usage logs) within the scope of the mission entrusted to us by the client. These data are processed by the software publishers according to their own privacy policies. We act as a commercial intermediary, with no access, control, or legal obligation regarding the data processing carried out by publishers. We are neither the data controller nor a processor for these treatments.
· Data processed: Name, first name, position, professional email address, phone number, company address, technical data related to software (e.g., files, settings, logs, user IDs).
· Retention period: Data are retained for the duration necessary to carry out the mission and to satisfy legal obligations. Work documents, files, or emails may be archived for a maximum of ten years for evidentiary purposes, unless a legal provision imposes a different deadline.
Michael Oetjen processes personal data on the following legal bases (Article 6 of the GDPR):
·
Necessary for the performance of a
contract (Article 6(1)(b)):
o For managing consulting missions entrusted to us.
o For the resale of software licenses, we act as a commercial intermediary, and
the processing of data related to the use of the software is carried out by the
publisher according to its own purposes.
·
Necessary to comply with a legal
obligation (Article 6(1)(c)):
o Accounting, invoicing, and tax obligations.
·
Consent (Article 6(1)(a)):
o When you explicitly subscribe to our newsletter or mailing list to be
informed of updates and future developments.
Consent must be freely given, specific, informed, and unambiguous. It cannot be presumed. A separate, explicit checkbox is required.
·
Necessary for our legitimate interest
in conducting business (Article 6(1)(f)):
o B2B prospecting: To contact new professional prospects potentially interested
in our services.
o To ensure the security of our network and IT systems.
When personal data is processed on the basis of consent, you always have the right to withdraw that consent (Article 7(3) GDPR).
Michael Oetjen does not sell your personal data to third parties. We only share your data with third parties for:
· Accounting and tax management (accountant/fiduciary);
· Hosting of documents related to the mission, website, and emails;
· Use of management software (invoicing, CRM);
· Execution of specific missions requiring the involvement of partner subcontractors.
Third parties we engage are bound to respect the confidentiality of your data (Article 28 GDPR). We ensure they have implemented necessary protective measures.
Some of our providers (e.g., for cloud hosting or emailing) may be located outside the European Economic Area (notably in the United States or Canada).
·
For transfers to Canada, we rely on the European Commission’s
adequacy decision recognising an equivalent level of protection (Article 45
GDPR) —
https://www.autoriteprotectiondonnees.be/professionnel/themes/flux-internationaux-de-donnees/transferts-en-dehors-de-l-ue---avec-protection-adequate
· For transfers to the United States, we only engage providers certified under the Data Privacy Framework (DPF) or having signed Standard Contractual Clauses (SCCs) ensuring the security of your data (Article 46 GDPR).
For resold software, personal data is processed directly by the publisher, according to its own privacy policies. We have not signed any Data Processing Agreement (DPA) with publishers, as we do not act as a processor. Note: Publishers may use your data for commercial purposes (e.g., usage analysis, service personalization) according to their own policies. We do not control these processing activities.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR. These measures include, in particular, data encryption and regular system updates.
For the software we resell, data security is ensured by the publishers according to their own security policies. We have no control over these processing activities, as we do not act as a processor.
We do not process sensitive personal data (e.g., racial or ethnic origin, political opinions, religious beliefs, health, sexual life, biometric data, etc.) in the course of our activities. If this were to change, we would inform the concerned individuals and implement enhanced protective measures.
In accordance with Article 37 of the GDPR, we have not appointed a Data Protection Officer (DPO), as our activities do not fall under mandatory DPO designation (e.g., large-scale processing of sensitive data, systematic monitoring, etc.).
Currently, our website is designed to operate with minimal data collection.
What is a cookie? A "cookie" is a small file sent by our server and placed on your computer’s hard drive. Information stored on these cookies can only be read by us and only during your visit to the website.
Our current policy: In its current version, our website does not use tracking or advertising cookies. It may, however, use strictly necessary or technical cookies, indispensable for the proper functioning of navigation (e.g., to secure the site or retain your language preference). These cookies do not require your prior consent under Belgian law.
This processing falls under the ePrivacy Directive ("cookie
directive"), complementary to the GDPR. Strictly necessary cookies are
exempt from consent but must be mentioned in this declaration.
In accordance with Belgian Act of 11 December 2007 concerning the protection of
privacy in the electronic communications sector, we comply with cookie and
consent obligations.
You can consult the Belgian law on the Belgian Official Gazette:
https://www.ejustice.just.fgov.be/eli/loi/2007/12/11/2007022641/justel
Future evolution: If we were to use non-essential cookies (such as Google Analytics analytics cookies or advertising pixels) in the future to improve your experience, we would implement a consent banner allowing you to accept or reject these cookies upon your arrival on the site, in accordance with the requirements of the Data Protection Authority and the ePrivacy Directive.
You have the right to access the personal data we retain about you (right of access — Article 15 GDPR) and to rectify (or have rectified) them if they are inaccurate or incomplete (right to rectification — Article 16 GDPR). You may also request the erasure of your personal data (right to erasure — Article 17 GDPR), the restriction of their processing (right to restriction — Article 18 GDPR), and object to their processing (in whole or in part) by us or any of our subcontractors (right to object — Article 21 GDPR).
You also have the right to request a copy (in a structured, commonly used and machine-readable format) of your personal data and to have them transferred to another party (right to data portability — Article 20 GDPR).
You have the right to object free of charge to any processing of your personal data for direct marketing purposes (prospecting) (Article 21(2) GDPR) — without justification required, this right is automatic.
To exercise the above rights, simply send an email to michael@oetjen.online.
To avoid abuse, we may request proof of your identity (possibly with a photo ID made invisible).
For data processed by the software publishers we resell, you must contact the publisher directly, as we have no access to this data and do not act as either the controller or processor for these processing activities.
We are not responsible for any loss, errors, incompatibilities, or failures related to the software we resell. These responsibilities lie with the software publishers.
Do you have questions or complaints regarding the data that concerns you and the protection of your privacy? Contact us using the contact details mentioned at the top of this privacy policy.
You always have the right to file a complaint with the Data
Protection Authority (right to lodge a complaint — Article 77 GDPR):
contact@apd-gba.be, +32
(0)2 274 48 00, www.autoriteprotectiondonnees.be, Rue de la Presse 35, 1000
Brussels.
You can consult the full text of the GDPR on the European Union
website:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
Michael Oetjen may modify this privacy policy. Any such modification will be communicated on our website. This privacy policy was last updated on: January 3rd, 2026.