Legal

Privacy Policy

Last updated: April 19, 2026

1. Who we are

Niova is an IT compliance and cybersecurity advisory firm based in Belgium. We provide services to Belgian and EU-based businesses, primarily in the KMO/PME segment.

You can reach us at info@niova.be for any privacy-related questions.

2. What data we collect and why

When you submit our NIS2 intake form, we collect the following personal data:

Your name and work email address — to contact you and deliver your assessment
Your phone number (optional) — to reach you if needed
Your company name, sector, and size — to tailor your NIS2 assessment to your specific context
Any additional context you provide — to improve the accuracy of our advice

Legal basis: Article 6(1)(b) GDPR — processing is necessary for steps taken at your request prior to entering into a contract. Where you provide additional optional information, we rely on Article 6(1)(f) — our legitimate interest in delivering a relevant, personalised service.

3. How we use your data

We use the information you provide solely to prepare and deliver your NIS2 assessment and related communications. We do not use your data for advertising, profiling, or any purpose unrelated to the service you requested.

4. How long we keep your data

We retain your personal data for a maximum of 12 months after your last interaction with Niova. If you become a client, we retain engagement records for up to 5 years for legal and accounting purposes. You may request deletion at any time — see Section 7 below.

5. Third-party services we use

We use the following third-party services to operate this website:

Web3Forms (web3forms.com) — processes form submissions and forwards them to our inbox. Web3Forms acts as a data processor under Article 28 GDPR and operates under a Data Processing Agreement. Your submission data is not stored permanently by Web3Forms after delivery.

Google Fonts (fonts.googleapis.com) — serves the typefaces used on this website. Your browser makes a request to Google's servers to load these fonts, which may include your IP address. Google's privacy policy applies: policies.google.com/privacy.

6. Cookies and tracking

This website does not use advertising cookies, analytics tools (such as Google Analytics), or tracking pixels of any kind. No cookie consent banner is shown because no non-essential cookies are set.

7. Your rights under GDPR

As a data subject under GDPR (Articles 15–22), you have the right to:

Access a copy of the personal data we hold about you
Correct any inaccurate or incomplete data
Request deletion of your personal data ("right to be forgotten")
Object to or restrict processing in certain circumstances
Receive your data in a portable format
Lodge a complaint with the Belgian Data Protection Authority (GBA / APD) at gegevensbeschermingsautoriteit.be

To exercise any of these rights, contact us at info@niova.be. We will respond within 30 days.

8. Data security

As a cybersecurity advisory firm, we apply appropriate technical and organisational measures to protect your personal data. Form submissions are transmitted over HTTPS and handled via GDPR-compliant processors.

9. Changes to this policy

We may update this privacy policy from time to time. The most current version is always available at niova.be/privacy.html. The date at the top of this page reflects the last update.

10. Contact

For any questions about this privacy policy or your personal data, contact us at info@niova.be.

Niova · Belgium