Information about data protection

Everything you need to know about data protection within the framework of the General Data Protection Regulation (GDPR).

Fundamental concepts | What does Doccle do | Your possibilities

Back to general page about GDPR

Some fundamental concepts

When “processing” personal data, three parties act:

The data controller
Sometimes also referred to as the “controller”. This is the party that request the processing of your data. In most cases, this is an organisation that exchanges documents with you through Doccle.
The data processor
This is the party that actually performs an action with the data, at the request of a data controller.
The person concerned
That is you as a Doccler, together with all other Doccle users.

The data controllers are the companies for which you have a “connection” via Doccle. You do this, for example, to receive invoices or other documents from the company, or to make payments to them. When adding such a connection, you as a Doccler give explicit permission to process your data. After all, without this data these companies and organisations are unable to provide you their services via Doccle.

The data controllers are responsible for taking the technical and organisational measures that are necessary for demonstrably carrying out the data processing in accordance with GDPR. The obligations of controllers concern principles such as lawfulness, reasonableness, transparency, purpose limitation, data minimisation and accuracy, as well as fulfilment of your rights.

The data controller determines the purposes and means for processing personal data, while the data processor processes the data by order of this controller.

Doccle only has the function of data controller if you upload documents yourself, create and manage your profile, use your eID or itsme, make payments through Doccle, conclude a SEPA direct debit, electronically sign or make a Scan & Pay payment via our mobile app. In that case Doccle processes your data based on your implicit consent. Find out more about these processing operations here.

The specific nature of the Doccle service provision means that we are data processor as well as data controllers in certain cases.

What do we do with the general data protection regulation?

We require ourselves, and all organisations that make use of the platform, to provide sufficient guarantees. We are determined that adequate technical and organisational measures are taken to ensure processing complies with the requirements of the GDPR legislation.

The working areas that are subject to GDPR

Expertise in the field of data security (technical and human awareness)
Clear agreements in the area of data processing
Processing operations must take place according to instructions that have been laid down clearly
Confidentiality obligations of staff
Clear agreements with our sub-processors
Security of services
Availability, integrity and resilience of all parties
Tests, audit rights and rights of perusal
Encryption of data that is in transit or are on a server
Access checks (logical and physical)
Vulnerabilities management, incident management
Inherent product and code security
Procedures with regard to removal of data
Procedures with regard to user rights
Mechanisms regarding an adequate protection level when transferring data to a different country
Standards and Certifications: we promote obtaining Certifications such as ISO/IEC/ 27001:2013

Your possibilities as a Doccle user

We ourselves make a “Data protection officer” available for all Docclers. You can always contact this officer on: dpo@doccle.be.

We encourage all Docclers to ask questions or submit notifications on the security of their data, as each notification is a test for our security policy and the measures that we take and apply on a daily basis.

Transparency is of important value for us, and therefore you as a Doccler can retrieve, correct or remove quite a lot of information. If, in addition, you have other questions, you can always leave behind a questionnaire. You can fill this in by logging in and clicking through to “settings – data processing operations and privacy”, in that way we are sure that you are truly the person you claim to be. We make every effort to process the questions as soon as possible, and never exceed the legal term of thirty days.

We subject every question to careful verification. If the question concerns a processing operation of one or multiple organisations that make use of the platform, we will contact these organisations in order to provide you with a suitable answer.

Securely manage your online administration yourself!

Is this your first time on Doccle? Create a new account.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
AWSALBCORS	7 days	This cookie is managed by Amazon Web Services and is used for load balancing.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Marketing" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
doccle_lang	1 year	This cookie saves your language preference on the website.
oswald_session_id	1 day	This cookie helps our chatbot Doccy to manage your session.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-33052368-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Marketing

Marketing cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Information about data protection

Some fundamental concepts

What do we do with the general data protection regulation?

Your possibilities as a Doccle user

Related topics:

Securely manage your online administration yourself!

Doccle

Our policy

Blog

Getting Started