Waylay Privacy Policy


Date of Last Revision: July 25, 2023

We at Waylay NV, a private limited company established under the laws of Belgium having its principal place of business at Blekersdijk 33A, 9000 GENT, Belgium and registered in the Belgian Commercial Register under company number 0544.746.258 (RPR Gent, District of Gent) (“Waylay”, “we”, “us”, “our”) know that You (either a User or a Visitor) care about how Your Personal Data is used and shared. We take Your privacy seriously. 

Please read the following to learn more about our Privacy Policy. By visiting or using the Website or Waylay Services in any manner, You acknowledge that You accept the practices and policies outlined in this Privacy Policy. Any capitalized terms used herein which are not defined in this Privacy Policy shall have the meaning given to them in the Waylay Terms of Use.




“Customer” means a customer of Waylay.

“Customer Data“ means sensor data, metadata, personal data or other data including potentially Personal Data that a User of the Service stores within the Service.

“Personal Data” means any information relating to an identified or identifiable natural person.

“Public Area” means the area of the Website or Services that can be accessed both by Users and Visitors, without the need to log in.

“Restricted Area” means the area of the Website or Services that can be accessed only by Users, and where access requires logging in.

“User” means an employee, agent, or representative of a Customer, who primarily uses the restricted areas of the Website or Services for the purpose of accessing and using the Services in such capacity.

“Visitor” means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Website or Service.

“You”/”Your” means any natural person that is either a User or a Visitor.


This Privacy Policy covers our treatment of Your Personal Data that we gather either (1) when You are accessing or using our Website or Services. This policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

We do not knowingly collect or solicit Personal Data from anyone under the age of 18 or knowingly allow such persons to register for the Services (as that term is defined in our Terms of Use). No one under age 18 may provide any Personal Data to us or on the Services.


Our Services allows You to integrate and create commands for various online third-party services (“Third-Party Services”). In order to take advantage of this feature, You may need to authenticate, register for or log into Third-Party Services through the Services or on the websites of their respective providers. 

When You enable linking between or log in to Third-Party Services through the Services, we will collect relevant information such as tokens and keys necessary to enable the Services to access that Third-Party Service and Your data and content contained within that Third-Party Service (“Login Credentials”). 

We store Your Login Credentials long enough to enable linking to the Third-Party Service. You can at any time withdraw Waylay’s access to such Third-Party Services or delete Your Login Credentials. At the termination of Your contract, all Third-Party Login Credentials will be automatically deleted.

When You enable the Services to link content and data between Third-Party Services, the Third-Party Services will provide us with access to certain information that You may have provided to the Third-Party Services, and we will use, store and disclose such information in accordance with this Privacy Policy and the rules You set to govern the linking. 

However, please remember that the manner in which Third-Party Services use, store and disclose Your information is governed by the policies of such Third-Party Services, and Waylay shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Services that may be enabled within the Services.

We may retain certain personally non-identifiable information related to the data or content linked between Third-Party Services (for example, date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services.


We gather various types of Personal Data from our Users, as explained more fully below. We may use this Personal Data to personalize and improve the Services, to allow our Users to set up a user account and profile, to contact Users in order to fulfill requests for the Services, to analyze how Users utilize the Website, and as otherwise set forth in this Privacy Policy. We may share certain types of Personal Data with third parties (described in this Section and in Section VII below).

We collect the following types of information:

A. Information You Provide to Us:

We receive and store any information You knowingly and voluntarily provide to us. For example, we collect Personal Data such as when You contact us with inquiries, respond to one of our surveys, when You register for the Services, use certain Waylay Services. 

Examples of Personal Data include name, email address, mailing address, mobile phone number, and credit card or other billing information. Personal Data also includes other information, such as geographic area or preferences, when any such information is linked to information that identifies a specific individual. 

You can choose not to provide us with certain information, but then You may not be able to register with us or to take advantage of some of our features. If You provide Customer Data that contains Personal Data to the Services, You acknowledge and agree that such Personal Data may be transferred from Your current location to the offices and servers of Waylay.

B. Information Collected Automatically:

Whenever You interact with the Waylay Website or use Waylay Services, we automatically receive and record information on our server logs from Your browser including Your IP address, “cookie” information (see Waylay’s Cookie Policy for more information), and the page You requested. When You visit the Website, whether as a Waylay Customer or a Visitor just browsing, our servers automatically record information that Your browser sends whenever You visit a website (“Log Data”). 

For example, Log Data may include information such as Your computer’s IP address, browser type or the webpage You were visiting before You came to our Website, pages of our Website that You visit, the time spent on those pages, information You search for on our Website, access times and dates, and other statistics. We use this information to monitor and analyze use of the Website and the Services and for the Website’s technical administration, to increase our Website’s functionality and user-friendliness, and to better tailor it to our visitors’ needs.

C. E-mail and Other Communications:

We may contact You, by email or other means. For example, we may communicate with You about new features, Your use of the Website or Services.

D. Information Collected by Customers.

A Customer or User may store or upload Personal Data into the Service as part of Customer Data. Waylay has no direct relationship with the individuals whose Personal Data it hosts as part of the Service. 

Each Customer is responsible for providing notice to its customers and third persons concerning the purpose for which Customer collects their Personal Data and how this Personal Data is processed in or through the Service as part of Customer Data.


Waylay uses the Personal Data You provide in a manner that is consistent with this Privacy Policy. If You provide Personal Data for a certain reason, we will use the Personal Data in connection with the reason for which it was provided:

  • If You contact us by email, we will use the Personal Data You provide to answer Your question or resolve Your problem.
  • If You provide Personal Data in order to obtain access to the Waylay Services, we will use Your Personal Data to provide You with access to such services and to monitor Your use of such services.
  • If You provide credit card information to pay invoices, we will use this Personal Data to bill You.
  • If You provided Your email to subscribe to our newsletter, we will use this Personal Data to send You Waylay communication. 
  • In addition, if at any time You wish not to receive any future communications or You wish to have Your name deleted from our mailing lists, please contact us as indicated below.

We use Google Analytics to measure and evaluate access to and traffic on the Public Area of the Website, and create user navigation reports for our Website administrators. Google operates independently from us and has its own privacy policy, which we strongly suggest You review. 

Google may use the information collected through Google Analytics to evaluate Users’ and Visitors’ activity on our Website. For more information, see Google Analytics Privacy and Data Sharing.


The Services are performed using equipment or facilities located in the European Union or the US. The Waylay’s US service providers are either Privacy Shield compliant or have executed Standard Contractual Clauses (as approved by the European Commission) that provide legal grounds for assuring that, when processed in the United States, the personal data of EU citizens that are processed by Waylay customers when using the Waylay Service will receive from Waylay and its service providers located outside the EU an adequate level of protection within the meaning of Article 46 of Regulation (EU) 2016/679 (General Data Protection Regulation).

List of processors processing Your Personal Data or processing Personal Data from Your customers contained in Your Customer Data:

  • Exact Online - An accounting system in Holland(*).
  • JIRA by Atlassian - Our project management tool in Australia(*).
  • Google Workspace - A company document management tool in the US and Ireland(*).
  • Hubspot - A CRM platform with all the software, integrations, and resources to connect marketing, sales, content management, and customer service.
  • Stripe – A credit card processing in the US and Ireland(*).
  • Elastic.co – A storage service in Ireland (*).
  • Mongo Atlas – A storage service in Belgium and Ireland (*).
  • Confluent.cloud - A computing and storage service in Belgium (*).
  • AWS - A computing and storage service in Ireland (*).

(*) Note: A Customer’s clusters can be installed in different regions. Please contact sales@waylay.io for more information.


We neither rent nor sell Your information or Your Customer Data in personally identifiable form to anyone. We share such Personal Data in personally identifiable form with third parties as described below:

  1. Protection of Waylay and Others: We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or a court order, enforce or apply our conditions of use and other agreements, project against legal liability, or protect the rights, property, or safety of Waylay, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
  2. Business Transfers: As Waylay develops its business, it might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution, or similar event, Personal Data may be part of the transferred assets.
  3. Agents, Consultants, and Related Third Parties: Waylay, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, hosting, maintaining databases, and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function, as specified in Section VI.
  4. With Your Consent: Except as set forth above, Waylay will always explicitly ask for Your consent before sharing any of Your Personal Data with third parties, and will always be able to prevent such sharing.


We use a secure protocol whenever You connect to the Waylay Services. You are responsible for preventing unauthorized access to these services and limiting access to Your computer or device and browser by signing off after You have finished accessing Your account.

We endeavor to protect the privacy of Your account and other Personal Data we hold in our records, but we cannot guarantee complete security. The transmission of information via the Internet is never completely secure. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

The Website may contain links to other sites. We are not responsible for the privacy policies and/or practices on other sites. When following a link to another site You should read that site’s privacy policy.


You can always opt not to disclose information to use, but keep in mind some information may be needed to register with us or to take advantage of some of our special features. In addition thereto, You have the following rights in respect of Your Personal Data:

  • The Right to be Informed – This is information on what purpose we are processing it and what Personal Data we are processing.
  • The Right of Access – You have the right to be provided with copies of the Personal Data of You that we are processing as well as confirmation of the processing we are doing. You can do this by sending a “subject access request” to the contact details noted below for our consideration.
  • The Right to Rectification – If You think the Personal Data that we hold on You is wrong, You can tell us, and we will fix it.
  • The Right to Erasure (also known as the right to be forgotten) – If You want us to permanently delete the Personal Data we hold for You, then You can ask us to do so. Our ability to delete such Personal Data is subject to exceptions in accordance with data protection laws.
  • The Right to Restrict Processing – If You do not like how we are using Your Personal Data, then You can let us know, and we will stop processing it in that way.
  • The Right to Data Portability – If You want us to pass on Your Personal Data to someone else, then please let us know. This transfer should not affect the integrity, or otherwise damage, Your Personal Data.
  • The Right to Withdraw Your Consent – You can withdraw Your consent for us to process Your Personal Data (if we have relied on Your consent to process Your Personal Data) at any time by contacting us. If we have relied only on Your consent as the basis to process Your personal data then we will stop processing Your Personal Data at the point You withdraw Your consent. Please note that if we can also rely on other bases to process Your Personal Data aside from consent then we may do so even if You have withdrawn Your consent.
  • Rights in Relation to Automated Decision Making and Profiling – If we use either automated decision making or profiling then You have a right to know. Also, we need Your consent if either of these are used to make a decision that affects You. As with all consent, You can withdraw it at any time.

You can exercise any of the rights above by contacting us at the contact details mentioned below. Please note that some information may remain in our private records after Your deletion of such information from Your account. 

We may use any aggregated data derived from or incorporating Your Personal Data after You update or delete it, but not in a manner that would identify You personally.

You may opt out from the collection of navigation information about Your visit to the Website by Google Analytics by using the Google Analytics Opt-out feature.

If You receive commercial emails from us, You may unsubscribe at any time by following the instructions contained within the email or by sending an email to comms@waylay.io.

Waylay has no direct relationship with the Customer’s customers or third party whose Personal Data it may process on behalf of a Customer. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the relevant Customer or User which acts as the Controller of the data processing.


Waylay does not own, control, or direct the use of any of the Customer Data stored or processed by a Customer or User via the Service. Only the Customer or Users are entitled to access, retrieve, and direct the use of such Customer Data. 

Waylay is largely unaware of what Customer Data is actually being stored or made available by a Customer or User to the Service and does not directly access such Customer Data except as authorized by the Customer, or as necessary to provide Services to the Customer and its Users.

Because Waylay does not collect or determine the use of any Personal Data contained in the Customer Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, Waylay is not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”) and does not have the associated responsibilities under the GDPR. 

Waylay should be considered only as a processor on behalf of its Customers and Users as to any Customer Data containing Personal Data that is subject to the requirements of the GDPR. Except as provided in this Privacy Policy, Waylay does not independently cause Customer Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third-party subcontractors who may process such data on behalf of Waylay in connection with Waylay’s provision of Services to Customers. 

Such actions are performed or authorized only by the applicable Customer or User. The Customer or the User is the data controller under the Regulation for any Customer Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.

Waylay is not responsible for the content of the Personal Data contained in the Customer Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Customer or User nor is Waylay responsible for the manner in which the Customer or User collects, handles disclosure, distributes, or otherwise processes such information.


We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. 

If we make changes in the way we use Personal Data, we will notify You by posting an announcement on our Website or sending You an email. You are bound by any changes to the Privacy Policy when You use the Website or Waylay Services after such changes have been first posted.


If You have any questions or concerns regarding our privacy policies, please send us a detailed message at dpo@waylay.io. We will make every effort to resolve Your concerns.

Other contact details:

Waylay NV, Blekersdijk 33A, 9000 Gent, Belgium, KBO/VAT nr. 0544.746.258 (RPR Gent, District of Gent)