Nooba Logo
  • Home
  • About
  • Add your event
  • Pricing
  • Login
Login

Privacy

Privacy Policy of NOOBA SRL

Last updated: June 18, 2026

1. Purpose and scope

1.1. This privacy policy (hereinafter the "Policy") describes the manner in which NOOBA SRL (hereinafter "NOOBA", "we", "us" or "our") collects, uses, stores, protects and, where applicable, transfers the personal data of users and visitors of the website accessible at www.nooba.be (hereinafter the "Site"), as well as of persons who use the services offered by NOOBA, in particular personalized event recommendations (hereinafter the "Service").

1.2. NOOBA processes personal data in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the "GDPR"), the Belgian Act of 30 July 2018 on the protection of natural persons with regard to the processing of personal data (hereinafter the "Privacy Act"), as well as Directive 2002/58/EC as transposed into Belgian law, in particular by the Act of 13 June 2005 on electronic communications.

1.3. By using the Site or the Service, you acknowledge that you have read this Policy. However, this does not in itself constitute consent to processing, which relies on the legal bases detailed in Article 4.

2. Identity and contact details of the data controller

2.1. The data controller is NOOBA SRL, having its registered office at Avenue du Pesage 17, box 1, 1050 Ixelles, registered with the Crossroads Bank for Enterprises under number BE 1024.327.621, reachable by email at contact@nooba.be and by telephone at +32 (0)497 33 10 54.

2.2. NOOBA is not required to appoint a data protection officer within the meaning of Article 37 GDPR, as its activities do not fall within the cases of mandatory designation. The internal contact point for any question relating to the protection of personal data is Mr. Ilan Rossler, acting as CEO, reachable at contact@nooba.be.

3. Categories of personal data processed

3.1. NOOBA processes only the personal data necessary for the purposes described in Article 4. The categories of data processed are as follows.

3.2. Identification data: surname, first name and postal address.

3.3. Contact data: email address and telephone number.

3.4. Data relating to use of the Service: preferences expressed by the user, history of consulted recommendations and interactions with proposed events, and data useful for personalizing recommendations.

3.5. Browsing data and technical data: IP address, type of device and browser, date, time and duration of the visit, pages viewed, source of the visit, as well as identifiers deposited by cookies and similar technologies. Details of these processing activities are set out in the cookie policy available on the Site.

3.6. NOOBA does not collect or process any special category of data within the meaning of Article 9 GDPR (including health data, political opinions, religious beliefs, biometric data or sexual orientation), nor any data relating to criminal convictions or offences within the meaning of Article 10 GDPR.

4. Purposes and legal bases of processing

4.1. In accordance with Article 5.1.b) GDPR, each processing activity implemented by NOOBA pursues a specific, explicit and legitimate purpose and relies on a legal basis provided for in Article 6 GDPR. The processing activities are grouped below into three categories, each linked to a single legal basis.

4.2. Processing based on performance of the contract or pre-contractual measures

Purpose: creation and management of the user account, provision of the Service including the generation of personalized event recommendations tailored to the user's preferences, user support and assistance, management of requests submitted via contact forms, monitoring of Service quality and resolution of technical incidents.

Legal basis: performance of the contract concluded with the user or implementation of pre-contractual measures taken at the user's request (Article 6.1.b) GDPR).

4.3. Processing based on compliance with a legal obligation

Purpose: administrative, accounting and tax management relating to NOOBA's operations, including the issuance and retention of accounting documents, compliance with accounting, tax and social obligations, security of processing within the meaning of Article 32 GDPR and, where applicable, notification of personal data breaches to the Data Protection Authority and to the data subjects.

Legal basis: compliance with a legal obligation to which NOOBA is subject (Article 6.1.c) GDPR).

4.4. Processing based on consent

Purpose: sending marketing and promotional communications relating to events, new features and NOOBA's services, by email, SMS or any other electronic means; in-depth audience analysis of the Site and performance measurement; placement and reading of cookies and trackers that are not strictly necessary for the operation of the Site, in particular for non-essential audience measurement, enhanced personalization or prospecting.

Legal basis: prior, free, specific, informed and unambiguous consent of the data subject (Article 6.1.a) GDPR and, for non-strictly-necessary cookies, Article 129 of the Belgian Act of 13 June 2005 on electronic communications). Consent may be withdrawn at any time, without affecting the lawfulness of processing carried out beforehand, by email to contact@nooba.be, via the unsubscribe link included in each communication or through the cookie-management module.

5. Recipients of the data

5.1. Personal data are processed exclusively within NOOBA by persons who need them to perform their duties. NOOBA does not share user data with third parties for commercial purposes.

5.2. Data may, however, be communicated to administrative, tax, social or judicial authorities where Belgian or European law so requires, in response to a judicial requisition or a request from a competent authority, or where this proves necessary for the establishment, exercise or defence of a legal claim.

6. Transfers outside the European Economic Area

6.1. NOOBA does not transfer any personal data outside the European Economic Area.

6.2. If, in the future, a transfer to a third country were to be implemented, it would be framed in accordance with Articles 44 to 49 GDPR, either through an adequacy decision of the European Commission or through the implementation of standard contractual clauses adopted by the European Commission, where appropriate supplemented by additional technical, organizational or contractual measures.

7. Retention periods

7.1. Personal data are not kept beyond the period necessary in light of the purpose for which they are processed and the applicable legal obligations.

7.2. User account data and data relating to use of the Service are retained for the entire duration of the contractual relationship, then for five years from the closure of the account or the last active use of the Service, for the purpose of managing any claims and proof, in accordance with the limitation periods applicable under Belgian law.

7.3. Accounting documents, invoices and supporting documents are retained for seven years in accordance with Article 315 of the Belgian Income Tax Code 1992 and the applicable accounting legislation.

7.4. Data processed on the basis of consent for marketing communications are kept until consent is withdrawn or the right to object is exercised, increased by a reasonable technical period allowing effective processing of the request.

7.5. Browsing data deposited by cookies are retained according to the periods detailed in the cookie policy.

7.6. At the end of the above periods, the data are either securely deleted or irreversibly anonymized, unless a longer retention period is required by law.

8. Data security

8.1. NOOBA implements appropriate technical and organizational measures, within the meaning of Article 32 GDPR, in order to guarantee a level of security appropriate to the risks that the processing presents for the rights and freedoms of the data subjects.

8.2. These measures include in particular limiting access to data to authorized persons within NOOBA only, setting up two-factor authentication (2FA) for administrator accounts, continuous awareness-raising and training of personnel in data protection, and regular updates of the technical tools used.

8.3. In the event of a personal data breach likely to give rise to a risk to the rights and freedoms of the data subjects, NOOBA notifies the Data Protection Authority within seventy-two hours of becoming aware of the breach and, where the risk is high, also informs the data subjects, in accordance with Articles 33 and 34 GDPR.

9. Cookies and similar technologies

9.1. The Site uses cookies and similar technologies, the details, purpose, lifespan and provider of which are set out in the cookie policy accessible on the Site.

9.2. Cookies strictly necessary for the operation of the Site are placed without prior consent, in accordance with Article 129 of the Belgian Act of 13 June 2005 on electronic communications. Non-essential cookies are placed only after collection of prior, free, specific, informed and unambiguous consent, in line with the recommendations of the Data Protection Authority and Guidelines 05/2020 of the European Data Protection Board. This consent may be withdrawn at any time via the cookie-management module accessible on the Site.

10. Personalization, profiling and automated decision-making

10.1. For the purpose of providing the Service, NOOBA may analyze the user's preferences and interactions in order to generate personalized event recommendations. This personalization does not constitute a decision based solely on automated processing producing legal effects concerning the user or similarly significantly affecting the user, within the meaning of Article 22 GDPR.

10.2. The user may at any time adjust their preferences within their account or exercise their right to object under the conditions provided for in Article 11.

11. Rights of the data subjects

11.1. In accordance with Articles 15 to 22 GDPR, Article 7.3 GDPR and the corresponding provisions of the Privacy Act, data subjects have the rights described below, within the limits and conditions laid down by the regulations.

11.2. Right of access (Article 15 GDPR). You have the right to obtain confirmation as to whether personal data concerning you are being processed, as well as the information relating to such processing and a copy of the processed data.

11.3. Right to rectification (Article 16 GDPR). You have the right to obtain the rectification of inaccurate data concerning you, as well as the completion of incomplete data.

11.4. Right to erasure (Article 17 GDPR). You have the right to obtain, under the conditions provided for by the GDPR, the deletion of data concerning you, in particular where they are no longer necessary in light of the purposes pursued, where the consent on which the processing was based is withdrawn or where the processing is unlawful.

11.5. Right to restriction of processing (Article 18 GDPR). You may request the restriction of the processing of your data, in particular where their accuracy is contested, where the processing is unlawful or where you have objected to the processing.

11.6. Right to portability (Article 20 GDPR). Where the processing is based on your consent or on the performance of a contract and is carried out by automated means, you have the right to receive your data in a structured, commonly used and machine-readable format, and to request their transmission to another controller where technically possible.

11.7. Right to object (Article 21 GDPR). You have the right to object at any time, on grounds relating to your particular situation, to the processing of data concerning you which is based on NOOBA's legitimate interest. You may also, without having to state reasons, object to processing for direct marketing purposes.

11.8. Right to withdraw consent (Article 7.3 GDPR). Where processing is based on your consent, you may withdraw it at any time, without such withdrawal affecting the lawfulness of processing carried out previously.

11.9. Right not to be subject to an automated decision (Article 22 GDPR). You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, subject to the exceptions provided for by the GDPR.

12. Exercising rights

12.1. Requests to exercise rights may be sent by email to contact@nooba.be or by post to the registered office address referred to in Article 2. In order to enable NOOBA to verify the identity of the requester and prevent abusive exercise, the request must be accompanied by any element reasonably necessary for such verification, without disproportionate collection of information.

12.2. NOOBA responds to the request within one month of receipt, which period may be extended by two months because of the complexity or number of requests, in accordance with Article 12.3 GDPR. In the event of refusal, the reasons are communicated together with the available remedies.

12.3. Rights are exercised free of charge, unless the request is manifestly unfounded or excessive, in particular because of its repetitive nature, in which case NOOBA may require the payment of reasonable fees or refuse to act on the request.

13. Right to lodge a complaint

13.1. You have the right, at any time and without prejudice to any other administrative or judicial remedy, to lodge a complaint with the Data Protection Authority, located at Rue de la Presse 35, 1000 Brussels, reachable by telephone at +32 (0)2 274 48 00, by email at contact@apd-gba.be and via the website www.autoriteprotectiondonnees.be.

13.2. NOOBA nevertheless invites the data subject to contact it prior to any complaint, in order to allow quick and amicable handling of the request.

14. Amendments to the Policy

14.1. This Policy may be amended in order to reflect changes in NOOBA's activities, the tools used and the applicable legal framework. The date of the latest update appears at the top of the document. Substantial amendments are brought to the attention of the data subjects by any appropriate means, including through the Site or communications sent to users.

15. Contact

15.1. Any question relating to this Policy or the processing of personal data may be addressed to NOOBA SRL, for the attention of Mr. Ilan Rossler, by email at contact@nooba.be or by telephone at +32 (0)497 33 10 54.

15.2. Postal contact details: NOOBA SRL, Avenue du Pesage 17, box 1, 1050 Ixelles.

InstagramLinkedInTikTok

© 2026 Nooba. All rights reserved.

Terms of UsePrivacy PolicyCookie Policy