Privacy Policy
At Rubey, we respect your privacy and are committed to protecting your personal data.
This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform.
We encourage you to read it carefully and contact us if you have any questions.
Who We Are
We are Jackie Treehorn BV, operating under the commercial name Rubey, a Belgian company registered with the Belgian Crossroads Bank for Enterprises under number BE0637.818.352.
At Rubey, your privacy matters to us. We handle your personal data in accordance with the General Data Protection Regulation (GDPR) and relevant national legislation on data processing.
As required by law, this privacy policy explains what personal data we collect, how we process it, and what rights you have in this regard. In most cases, Rubey acts as the data controller, which means we determine the purposes and methods of the data processing.
By using our services or products, you acknowledge and agree that certain personal data may be collected and processed for the purposes outlined in this policy. We encourage you to read this document carefully.
For any questions or to exercise your rights, please contact our Privacy Coordinator at support@rubey.be.
This policy may be updated from time to time, so we recommend reviewing it periodically.
Processing Your Personal Data
“Personal data” refers to any information that can identify an individual. This does not include anonymized data where the person’s identity has been removed.
At Rubey, we aim to collect only the minimal amount of personal data necessary to deliver our services and fulfill our obligations. All data is processed in accordance with applicable data protection laws, which require that your personal information must be:
Collected only for legitimate purposes that we have clearly communicated;
Used lawfully, fairly, and transparently, in ways that are relevant and limited to the purposes stated;
Accurate, kept up to date, and stored only as long as necessary;
Handled with appropriate security measures in place.
We may ask you to provide certain information to enable the use or purchase of our products and services. If we collect your data in any other way, we will clearly explain this in our Privacy Policy.
For any questions or concerns, feel free to contact our Privacy Coordinator at support@rubey.be.
More specifically we will collect any or all of the following data elements:
- Address
- Anti Money Laundering (AML) data
- Anti Terrorism data
- Bank account
- Birthday / Age
- Company Role
- Company address
- Company name
- Company registration number
- Consent
- Correspondence content
- Country
- Customer file
- Customer name
- Date & time
- Electronic identification data
- Email address
- Essential cookies
- Gender
- Home address
- ID card
- Involved party name
- Know Your Customer (KYC) data
- Languages
- Marital status
- Marketing cookies
- Nationality
- Payment History
- Payment balance data
- Payment card details
- Performance cookies
- Personal phone number
- Phone number
- Place of birth
- Signature
- Social media link
- Survey data
- Third party cookies
- Title
- Ultimate Beneficial Owner (UBO) data
- VAT number
We rely on you to provide us with correct data. If the data changes, we invite you to let us know, so we can keep the data up to date.
We process the data to allow us to deliver the services/products, and to continually improve the services/products available to you and adapt them to your needs. More specifically we perform the below processing:
Description: Corporate website for consultation by client or prospective client
Purpose: To inform client or prospective client
Legal basis: Legitimate interests
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Consent, Third party cookies, Languages , Email address, Customer name, Marketing cookies, Performance cookies, Essential cookies, Electronic identification data
Data is processed in the EU
Description: Investor portal for private and public investors as hosted on Tokeny
Purpose: To support investor onboarding and management token portfolio
Legal basis: Contract
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Essential cookies, Phone number, Consent, Anti Terrorism data, Know Your Customer (KYC) data, ID card, Bank account, Email address, Anti Money Laundering (AML)data, Marital status, Customer name
Data is processed in the EU
Description: Information regarding anti-fraud as required by law
Purpose: Ensure compliance with mandatory anti-fraud measures
Legal basis: Legal obligation
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Place of birth, Email address, VAT number, Company name, Country, Phonenumber, Signature, Company Role, Anti Terrorism data, Ultimate Beneficial Owner (UBO)data, Anti Money Laundering (AML) data, Know Your Customer (KYC) data, Company address, Company registration number, ID card, Address, Gender, Nationality, Homeaddress, Birthday / Age, Bank account, Involved party name, Customer name
Data is processed in the EU
Description: Gathering of prospective customer information
Purpose: To communicate goods and services to prospective customers
Legal basis: Legitimate interests
Retention period: All prospects that have not converted to customers will be deleted after 2years
Data items: Consent, Third party cookies, Email address, Social media link, VAT number, Company name, Phone number, Survey data, Marketing cookies, Company Role, Performance cookies, Date & time, Company address, Company registration number, Essential cookies, Address, Title, Personal phone number, Customer name
Data is processed in the EU
Description: communication with customers in electronic or paper form
Purpose: To provide proper service to the client
Legal basis: Contract
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Phone number, Marketing cookies, Performance cookies, Company address, Third party cookies, Essential cookies, Address, Email address, Correspondence content, Customer name
Data is processed in the EU
Description: Receiving and answering customer questions, complaints etc.
Purpose: To solve problems and optimise the functioning of the company
Legal basis: Contract
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Performance cookies, Phone number, Consent, Marketing cookies, Third party cookies, Essential cookies, Email address, Correspondence content, Customer name
Data is processed in the EU
Description: Receiving and answering customer questions, complaints etc.
Purpose: To solve problems and optimise the functioning of the company
Legal basis: Contract
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Performance cookies, Phone number, Consent, Marketing cookies, Third party cookies, Essential cookies, Email address, Correspondence content, Customer name
Data is processed in the EU
Description: Sales and / or delivery of goods or services to customers
Purpose: To ensure proper sales and or delivery of goods or service, enable track & trace and feedback
Legal basis: Contract
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Anti Terrorism data, Anti Money Laundering (AML) data, Know Your Customer(KYC) data, Phone number, Consent, Marketing cookies, Third party cookies, Essential cookies, Customer file, Bank account, Email address, Address, Customer name
Data is processed in the EU
Description: Processing payments through debit card, credit card or payment App
Purpose: To ensure proper payment
Legal basis: ContractRetention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Email address, Signature, Date & time, Payment card details, Customer name
Data is processed in the EU
Description: Calculating the fee owed, sending out invoices and ensuring payment
Purpose: To ensure proper payment
Legal basis: ContractRetention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Email address, VAT number, Company address, Payment History, Bank account, Payment balance data, Customer name
Data is processed in the EU
Description: Keeping your clients up to date about what your company has to offer
Purpose: As long as the user remains subscribed to the newsletter
Legal basis: Legitimate interests
Retention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Survey data, Marketing cookies, Performance cookies, Third party cookies, Essential cookies, Consent, Email address, Customer name
Data is processed in the EU
Description: Communicating with customers and vendors to plan meetings and events and group bookings
Purpose: Event planning and running
Legal basis: ContractRetention period: As from termination of contract, retention during the legal period and/or period relevant for legal action
Data items: Email address, Company name, Consent, Marketing cookies, Performance cookies, Date & time, Third party cookies, Essential cookies, Customer name
Data is processed in the EU
Legal Basis and Additional Processing
In the data processing described above, Rubey acts as the data controller — meaning we determine the purpose and means of processing your personal data.
If you have given consent, you have the right to withdraw it at any time. Should you object to the processing of your data, please contact us so we can assess together whether a contractual relationship or continued use of our services remains possible.
Processing of Supplier Data
We also collect and process personal data from our suppliers, with the aim of managing business relationships responsibly and transparently. In doing so, we ensure that we only collect, use, and store data that is strictly necessary and handled in accordance with applicable laws.
Typically, we collect the following supplier-related data:
Name, work email, and work phone number of the contact person(s)
VAT number of the supplier
If access to our premises is provided: vehicle license plate number and visit timing (for organizational and security purposes)
All such data is processed with functional and technical security measures aligned with industry best practices. We retain the data for the duration required by law or as long as needed for potential legal claims.
Processing Personal Data on Your Behalf
Due to the nature of certain services we provide, we may process personal data of third parties that you share with us — for example, to make declarations, filings, or notifications on your behalf. In such cases, you are the data controller, and Rubey acts as the data processor.
As your processor, we will:
Follow your instructions regarding the processing, subcontracting, data retention, and data transfers;
Implement appropriate security measures to protect the data;
Assist you in fulfilling your GDPR obligations, where applicable.
Transfer of Personal Data
To deliver certain products or services, we may collaborate with third-party partners, including IT providers, insurance partners, accounting firms, and legal advisors.
Where relevant, we reserve the right to transfer your personal data to these trusted partners, always in accordance with applicable data protection laws and with appropriate safeguards in place.
Purpose: To support investor onboarding and management of token portfolio
Legal basis: Contract
Data items: Customer name, Nationality, Address, Anti Money Laundering (AML) data, Know Your Customer (KYC) data, Anti Terrorism data
Data is processed in the EU
Tokeny sarl receives the data
Purpose: To manage business
Legal basis: Legitimate interests
Data items: Staff member name, Customer name, Home address Customer file, Emailaddress Data is processed in the EU
Privacy Office Onfido Limited receives the data
Purpose: Legal & regulatory administration
Legal basis: Legal obligation
Data items: Know Your Customer (KYC) data, Anti Money Laundering (AML) data, Anti Terrorism data
Data is processed in the EU
JTC Group receives the data
Purpose: To send and receive payments
Legal basis: Contract
Data items: Staff member name, Bank account, Customer name, Home address, Involved party name, Date & time
Data is processed in the EU
Alpha FX Limited receives the data
Purpose: To process payments
Legal basis: Contract
Data items: Customer name, Payment card details, Home address, Signature
Data is processed in the EU
Payconiq International S.A. receives the data
Purpose: To manage business
Legal basis: Legitimate interests
Data items: Staff member name, Customer name, Home address, Customer file, Email address
Data is processed in the EU
Google Ireland Limited receives the data
Purpose: To manage business
Legal basis: Legitimate interests
Data items: Staff member name, Customer name, Home address, Customer file, Email address
Data is processed in the EU
Slack Technologies Limited receives the data
Purpose: To promote the company and its services
Legal basis: Legitimate interests
Data items: Pictures / images, Electronic identification data, Electronic localisation data, Date & time
Data is processed in the EU
META PLATFORMS IRELAND LIMITED (ex-Facebook) receives the data
Purpose: To promote the company and its services
Legal basis: Legitimate interests
Data items: Pictures / images, Electronic identification data, Electronic localisation data, Date & time
Data is processed in the EU
LinkedIn Ireland Unlimited Company receives the data
Purpose: Measuring website & commercial performance
Legal basis: Legitimate interests
Data items: Electronic identification data, Electronic localisation data, Essential cookies, Third party cookies, Date & time, Performance cookies, Marketing cookies
Data is processed in the EU
Google Ireland Limited receives the data
Purpose: Event invitation management software
Legal basis: Consent
Data items: Essential cookies, Third party cookies, Date & time, Performance cookies, Marketing cookies, Consent, Email address
Data is processed in the EU
INVITEDESK nv receives the data
Purpose: To manage business
Legal basis: Legitimate interests
Data items: Staff member name, Customer name, Home address, Customer file, Email address
Data is processed outside the EU
The Rocket Science Group LLC (Mailchimp) receives the data
Data Received from Third Parties
If we receive your personal data from a third party who refers you to us, we assume they obtained your information directly from you or with your consent. If this is not the case, please notify us immediately.
In most cases, these third parties will act as data processors. However, certain platforms — such as social media platforms, commerce platforms, and structural sales partners — may be considered joint controllers.
Online Interactions
If you participate in an online call, meeting, or conference, please note that any information you choose to share may be visible or audible to other participants. Always consider this before sharing personal details, audio, video, or other data.
If you object to the processing or transfer of your data, please contact us so we can evaluate whether a contractual relationship and continued service usage are possible.
Legal Obligations
Please note that Rubey may be legally required to process and transfer certain personal data to competent authorities. Where such a legal obligation exists, you cannot object to the transfer.
Security & Confidentiality
We are committed to keeping your personal data secure and confidential. Our technical and organizational measures are aligned with industry best practices to prevent loss, misuse, or unauthorized access to your data.
Website & Cookies
When you navigate our website, cookies may be stored on your device to enhance functionality and improve your experience. You will be informed of the cookies used and asked to provide consent.
Our web server may also automatically process your IP address and/or domain name each time you visit.
Our website may contain links to third-party websites. These are beyond our control and subject to their own privacy policies. Please review those policies carefully before interacting with such sites.
Social Media
When you use functions such as a “Like” or “Share” button on our website, or when you visit our social media pages, your personal data may be processed by the social media platform. In such cases, the platform and Rubey are considered joint data controllers, jointly determining the purpose and means of processing.
We encourage you to review the privacy policy of each social media platform before engaging with any Rubey-related content on their services.
Event Photography & Video
If you attend a Rubey event (e.g., openings, client evenings, premieres), please note that photographers and videographers may be present. We may use these images and videos in marketing materials or publish them on our social media channels.
According to data protection guidelines, explicit consent is not required if you are not the main subject. However, if you wish to opt out of appearing in such materials, please let us know.
Exercising Your Rights
Under the General Data Protection Regulation (GDPR), you have the right to:
Access your personal data
Correct inaccurate or incomplete information
Erase your personal data, under certain conditions
Object to processing based on legitimate interest or for direct marketing
Restrict processing in specific situations
Withdraw consent at any time
Object to automated decision-making, including profiling
Request data portability — receive your data in a structured format and transfer it to another controller
We may ask for verification of your identity before fulfilling your request, to ensure your data is protected.
To exercise any of these rights, contact our Privacy Coordinator, at support@rubey.be, or by mail:
Jackie Treehorn BV
Attn: Maarten Van Doorslaer
Fredericusstraat 11
2640 Mortsel, Belgium
Data Protection Authority
If you have concerns or complaints, you can contact the Belgian Data Protection Authority:
Gegevensbeschermingsautoriteit
Drukpersstraat 35,
1000 Brussels, Belgium
www.gegevensbeschermingsautoriteit.be
