Privacy Policy

This Privacy Policy explains how Queerlo ("Queerlo", "we", "us") collects and uses personal data when you visit our website, join our waitlist, or contact us.

Queerlo is being built as a central digital platform for LGBTQ+ life in Belgium. Because privacy can be especially important for people exploring, joining, or supporting LGBTQ+ spaces, we aim to collect only what we need, explain it clearly, and treat it with care.

1. Who is responsible for your data?

The controller of your personal data is Queerlo.

Contact: privacy@queerlo.be

2. What data we collect

Depending on how you use the website, we may collect:

• Email address: when you join the Queerlo waitlist or ask to receive updates.
• Communication data: if you contact us by email, we process the information included in your message and our correspondence with you.
• Technical data: IP address, browser type, device information, operating system, approximate location derived from technical data, pages visited, timestamps, referring URLs, and similar security or server log information.
• Analytics and usage data: information about how visitors use the website, such as page views, clicks, scrolling, session activity, device/browser information, and aggregated usage statistics.
• Cookie and consent data: cookie identifiers, consent preferences, and information needed to remember or prove your privacy choices.

We do not ask you to provide information about your sexual orientation, gender identity, health, political opinions, religion, or other special category data through the waitlist form. However, we understand that visiting or joining an LGBTQ+ project may itself feel sensitive. We therefore treat waitlist and contact data with additional care and do not use it to profile you as an individual.

3. How we use your data

We use personal data for the following purposes:

• Waitlist and early access updates: to register your interest in Queerlo, send project updates, and contact you when early access or launch information becomes available.
• Website operation and security: to load the website, prevent abuse, troubleshoot issues, protect the website, and maintain logs needed for security.
• Analytics and improvement: to understand whether the website is working, what content people engage with, where users experience friction, and how we can improve the landing page and future product.
• Communication: to respond when you contact us.
• Legal and compliance: to keep records where required, manage consent, respond to lawful requests, and protect our legal rights.

We do not sell your personal data.

4. Legal bases for processing

Where GDPR applies, we rely on the following legal bases:

• Consent: for joining the waitlist, receiving project updates, and using non-essential analytics or tracking cookies where consent is required.
• Legitimate interests: for basic website security, fraud prevention, service improvement, and responding to direct communications, where those interests are not overridden by your rights and freedoms.
• Legal obligation: where we must process or retain data to comply with applicable law.
• Explicit consent where required: if any processing could reveal sensitive information because of the nature of Queerlo as an LGBTQ+ project, we rely on your clear action and, where legally required, explicit consent.

You can withdraw consent at any time by contacting privacy@queerlo.be or by using the unsubscribe option in our emails where available.

5. Services we use

We use selected service providers to operate, understand, and improve the website.

Google Analytics

We may use Google Analytics to understand website traffic and performance, such as page views, device/browser information, approximate location, referral sources, and interactions with the website.

Google Analytics may use cookies and similar technologies. Google states that Google Analytics collects first-party cookies, device/browser data, on-site activity, and IP address information for measurement, and that Google Analytics does not log or store IP addresses when collecting data in Google Analytics 4.

Provider: Google Ireland Limited / Google LLC
Purpose: website analytics and performance measurement
Legal basis: consent where required by law

You can learn more in Google's information about Google Analytics data practices: https://support.google.com/analytics/answer/6004245

Microsoft Clarity

We may use Microsoft Clarity to understand how visitors interact with our website through behavioral metrics, heatmaps, and session replay. This can include clicks, scrolling, mouse movement, page performance information, and session playback data.

Clarity is used only on public pages that do not require login, such as the landing page and other public information pages. We do not use Clarity on private, logged-in, account-based, member-only, profile, messaging, community, support, or administrative areas.

This means we do not intentionally send Microsoft Clarity private account data, private community content, private messages, member profiles, support requests, or other content that requires login. Privacy-sensitive fields should be masked, and we will avoid collecting form input content through Clarity.

Clarity is used to improve the website experience, identify confusing parts of public pages, and understand whether the landing page communicates clearly. We do not use Clarity to identify individual visitors.

Provider: Microsoft Ireland Operations Limited / Microsoft Corporation
Purpose: website behavior analytics, heatmaps, and session replay
Legal basis: consent where required by law

You can learn more about Microsoft Clarity data collection and Microsoft's privacy practices here:

https://learn.microsoft.com/en-us/clarity/setup-and-installation/clarity-data
https://privacy.microsoft.com/privacystatement

Mailjet

We may use Mailjet to manage waitlist emails, project updates, email delivery, and unsubscribe handling.

Data processed through Mailjet may include your email address, subscription status, email delivery data, opens/clicks where enabled, unsubscribe preferences, and technical information needed to send and secure email communications.

Provider: Mailjet / Sinch Email
Purpose: email delivery, waitlist updates, mailing list management
Legal basis: consent for marketing/project updates; legitimate interests and legal obligation for delivery, security, and unsubscribe records

You can learn more in Mailjet/Sinch Email's privacy notice: https://www.mailjet.com/legal/privacy-policy/

Microsoft 365 / Office 365

We use Microsoft 365 / Office 365 for email hosting and business communication. If you email us, your message and related metadata may be processed in Microsoft services.

Provider: Microsoft Ireland Operations Limited / Microsoft Corporation
Purpose: email hosting, inbox management, and business communication
Legal basis: legitimate interests in responding to messages and operating email; legal obligation where applicable

Microsoft publishes its data protection terms for Microsoft online services here: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA

6. Cookies and similar technologies

Our website may use:

• Essential cookies: required for the website to function, remember security settings, or store consent preferences.
• Analytics cookies: used by tools such as Google Analytics and Microsoft Clarity to understand website usage and improve the website.
• Email tracking technologies: where enabled in Mailjet emails, to understand delivery, opens, clicks, and unsubscribe activity.

Where legally required, non-essential cookies and tracking technologies are used only after you give consent. You can change or withdraw cookie consent through the cookie preferences tool on the website, if available, or by adjusting your browser settings.

You can also block or delete cookies in your browser. Some privacy tools and browser settings may block Google Analytics, Microsoft Clarity, or similar technologies.

7. How long we keep data

We keep personal data only as long as necessary for the purposes described in this policy.

• Waitlist data: until Queerlo launches and for a reasonable period afterward so we can manage early access and project updates, unless you unsubscribe or ask us to delete it earlier.
• Email correspondence: for as long as needed to respond and maintain a reasonable record of the conversation, unless a longer period is required to protect rights or comply with law.
• Analytics data: according to the retention settings available in Google Analytics, Microsoft Clarity, and related tools.
• Consent and unsubscribe records: for as long as necessary to prove and respect your choices.
• Security logs: for a limited period needed for security, troubleshooting, and abuse prevention, unless longer retention is required for an investigation or legal reason.

If you ask us to delete your data, we will do so unless we need to keep limited information for legal, security, or compliance reasons, such as maintaining an unsubscribe record.

8. Who we share data with

We share personal data only where necessary with:

• service providers that help us run the website, analytics, email delivery, hosting, security, or business communication;
• professional advisers or support providers where needed;
• public authorities or other parties where required by law or necessary to protect rights, safety, or security.

Our service providers must process personal data under appropriate contractual and security obligations.

9. International transfers

Some providers we use are international companies. Personal data may be processed in the European Economic Area, the United Kingdom, the United States, or other countries depending on the service provider and configuration.

Where personal data is transferred outside the EEA, we rely on appropriate safeguards where required, such as adequacy decisions, the EU-U.S. Data Privacy Framework where applicable, Standard Contractual Clauses, and contractual data protection terms offered by our providers.

10. Your rights

Depending on where you live and the circumstances of processing, you may have the right to:

• access your personal data;
• correct inaccurate or incomplete data;
• delete your data;
• restrict processing;
• object to processing based on legitimate interests;
• withdraw consent at any time;
• receive a copy of data you provided in a portable format;
• lodge a complaint with a data protection authority.

To exercise your rights, contact privacy@queerlo.be.

If you are in Belgium, you may contact the Belgian Data Protection Authority:

Autorite de protection des donnees / Gegevensbeschermingsautoriteit
https://www.dataprotectionauthority.be/

11. Security

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or disclosure.

No online service is completely secure. Please avoid sending highly sensitive personal information to us by email unless necessary.

12. Children and young people

The Queerlo waitlist and this website are intended for users who are at least 16 years old, in accordance with the digital consent laws in Belgium. We do not knowingly collect personal data from children under 16 through the waitlist. If you are under 16, please do not provide any personal information on this website. If we become aware that we have inadvertently collected data from a visitor under 16, we will take immediate steps to delete it from our records.

13. Changes to this policy

We may update this Privacy Policy as Queerlo develops, when we add or change services, or when legal requirements change. The updated version will be posted on this page with a new "Last updated" date.

14. Contact

For privacy questions, requests, or concerns, contact:

Queerlo
privacy@queerlo.be