Privacy Policy

Read how Fortinova Group handles personal data and how we protect privacy, security, and responsible processing across our website, diagnostics, and advisory services.

Last updated on 23 April 2026

1. Who we are

This website is operated by 3mconsult BV, trading as Fortinova Group.

Registered office: Dennebosstraat 12/A, 3590 Diepenbeek, Belgium

Enterprise number and VAT number: BE 0778.412.726

Email: dmulder@fortinovagroup.com

For the purposes described in this Privacy Policy, 3mconsult BV trading as Fortinova Group acts as the data controller for the website, contact intake, and related business development activities, unless stated otherwise below.

2. Scope of this Privacy Policy

This Privacy Policy explains how Fortinova Group collects, uses, stores, and protects personal data when you interact with us in the following contexts:

you visit the website;

you contact us by email, phone, or contact form;

you complete the Organizational Pressure Scan;

you engage with us as a prospect, client, participant, or business contact;

you use or participate in services delivered through the HIP Platform or related advisory tools.

This website is primarily intended for businesses and professional users. It is not directed to children or minors under the age of 18.

3. Personal data we may collect

a. Contact and business information

We may collect your name, email address, phone number, company name, job title, and the content of your message or enquiry.

b. Organizational Pressure Scan information

If you complete the Organizational Pressure Scan, we may collect your responses to scan statements and business diagnostic questions, your email address, and your phone number where provided.

The scan is intended to support a sharper and more focused initial conversation about your organization.

c. Communication data

We may keep records of correspondence with you, including emails, meeting arrangements, notes, and follow up communication.

d. Client and service delivery data

Where you or your organization engage Fortinova Group for advisory or transformation services, we may process business contact details, project communications, workshop outputs, assessments, leadership or team related inputs, and other information reasonably necessary to perform the engagement.

e. HIP Platform related data

Where the HIP Platform is used as part of a client engagement, Fortinova Group may process data such as participant identifiers including name, work email, role, team, or employer; assessment responses; individual profile outputs or insight reports; organizational or team dashboards; implementation notes; and related service data.

Depending on the service setup, Fortinova Group may act as controller for certain processing activities, and in other cases may act as processor or joint controller together with the client organization. Where relevant, this will be clarified in the applicable contractual documentation.

f. Technical and security data

When you visit the website, we may process technical information such as IP address, browser type, device information, page requests, security logs, and similar data necessary for website delivery, integrity, and security.

4. How and why we use personal data

We process personal data for the following purposes:

to operate, maintain, secure, and improve the website;

to respond to your enquiries and requests;

to schedule and prepare introductory conversations;

to assess business needs through the Organizational Pressure Scan;

to provide strategic, advisory, coaching, transformation, and related services;

to manage client relationships and project delivery;

to operate the HIP Platform and related diagnostics where applicable;

to comply with legal, accounting, tax, and administrative obligations;

to protect our rights, systems, business continuity, and legitimate business interests.

5. Legal bases for processing

Depending on the context, Fortinova Group relies on one or more of the following legal bases:

legitimate interests, such as operating a professional business website, responding to business enquiries, managing relationships, maintaining security, and improving services;

taking steps prior to entering into a contract, where you contact us in relation to a possible engagement;

performance of a contract, where processing is necessary to deliver services to a client;

compliance with legal obligations, where we must retain or disclose certain information under applicable law;

consent, where this is specifically required, for example if non essential cookies or similar technologies are introduced in the future.

6. Profiling and automated decision making

Fortinova Group may use structured assessment and diagnostic methods, including within the HIP Platform, to generate insights about leadership, team dynamics, work styles, motivations, or organizational patterns.

To the extent such analysis relates to identifiable individuals, it may amount to profiling in the broad data protection sense.

Fortinova Group does not make decisions based solely on automated processing that produce legal effects or similarly significant effects for individuals. Human review remains part of how insights are interpreted and used.

7. Sensitive data

Fortinova Group does not intend to collect special categories of personal data through this website, the contact form, or the Organizational Pressure Scan.

Please do not submit information relating to health, religion, political opinions, trade union membership, sexual life, biometric data, or other sensitive categories through the website unless specifically requested and contractually justified.

8. Who we share personal data with

We do not sell or rent personal data.

We may share personal data with trusted service providers and professional partners where necessary for the operation of our business, including providers of website and form infrastructure including Squarespace; email, productivity, and collaboration tools including Microsoft 365 and related Microsoft services; cloud hosting, data infrastructure, and application services including Azure and Power Platform related environments; legal, accounting, tax, compliance, or insurance support; and authorities or regulators where disclosure is required by law.

Where third parties process personal data on our behalf, we seek to ensure that they do so under appropriate contractual and confidentiality obligations.

9. International transfers

Fortinova Group aims to use service providers that support hosting and processing within the European Economic Area where appropriate. However, some providers may process or permit remote access to personal data outside the European Economic Area.

Where personal data is transferred outside the European Economic Area, Fortinova Group will seek to ensure that appropriate safeguards are in place, such as an adequacy decision or the use of approved contractual safeguards.

10. How long we keep personal data

We do not keep personal data longer than necessary for the purposes for which it was collected, unless a longer retention period is required or justified by law or legitimate business needs.

general contact requests: up to 12 months after the last meaningful contact;

Organizational Pressure Scan submissions: up to 12 months after the last meaningful contact;

prospect and business development records without a signed engagement: up to 24 months after the last meaningful interaction;

client and project records: for the duration of the engagement and, where relevant, for up to 7 years afterwards for legal, accounting, tax, contractual, or evidentiary reasons;

HIP Platform assessment and related project data: typically up to 12 months after the end of the relevant project, unless another period is agreed with the client or required by the nature of the engagement;

security and server logs: generally up to 6 months;

backup copies: according to applicable backup cycles, typically up to 12 months.

11. Your rights

Subject to the conditions of applicable law, you may have the right to request access to your personal data, rectification of inaccurate data, erasure, restriction of processing, objection to certain processing, and data portability where applicable.

Where processing is based on consent, you may also withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise your rights, please contact: dmulder@fortinovagroup.com

We may ask for reasonable proof of identity before acting on a request.

12. Complaints

If you believe that your rights have been infringed, you may contact us first at dmulder@fortinovagroup.com.

You also have the right to lodge a complaint with the Belgian Data Protection Authority. The Belgian authority states that complaints can be submitted to Drukpersstraat 35, 1000 Brussels, or via its published contact channels.

13. Security

Fortinova Group takes reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.

These measures may include access controls, password protection, multi factor authentication where available, restricted internal access, secure working practices, and backup procedures.

No system can be guaranteed to be completely secure. You should therefore avoid sending highly sensitive information through ordinary website forms or unencrypted email unless specifically agreed.

14. Third party websites

This website may contain links to third party websites or services. Fortinova Group is not responsible for the privacy practices or content of those third party websites. We recommend reviewing their privacy notices separately.

15. Changes to this Privacy Policy

Fortinova Group may update this Privacy Policy from time to time. The most recent version will always be posted on this page with the updated effective date.

16. Contact

Fortinova Group

3mconsult BV

Dennebosstraat 12/A

3590 Diepenbeek

Belgium

Email: dmulder@fortinovagroup.com