How we handle your data.

BLCKBLT GROUP BV, Belgian company, enterprise number 1021.098.016, registered office: Mechelsesteenweg 520/D/bo/2, 1800 Vilvoorde, Belgium.

For privacy questions or to exercise your rights: .

Only the waitlist signup is active right now. We store your email address and language preference, plus optionally your first name and the segments you indicated at signup.

Waitlist email: legitimate interest (Article 6(1)(f)) for measuring demand and keeping signups informed, with opt-out always available.

Keeping signups informed of progress and the launch of Fitrah Recovery.

Product communication and content relevant to the segment you ticked at signup, including possible offers for early-access signups.

Managing the relationship with signups across their customer lifecycle (from prospect to customer), in an internal CRM environment.

Answering questions you send by email.

Unsubscribing is possible at any time via the unsubscribe link at the bottom of every email or by replying to .

We do not sell data. We do not use data for advertising.

We work with sub-processors for cloud database, email (outbound and inbound), hosting, and product analytics (first-party, EU-hosted).

Most process your data within the EEA. A limited number fall under an EU adequacy decision or the EU-US Data Privacy Framework.

Specific vendor names, regions, and data processing addenda are available on request via .

Waitlist signup and email address: as long as you remain actively on the list.

When you unsubscribe via the unsubscribe link, your email address stays on a suppression list so we don't accidentally re-mail you in a future campaign. Name, segments and notes are dropped at that point.

If you want all your data fully erased (Art. 17, right to be forgotten), send a request to and we'll remove your record entirely.

Access (Article 15): get a copy of what we hold about you.

Rectification (16): have inaccurate data corrected.

Erasure (17): have your data deleted, also known as the right to be forgotten.

Restriction (18): pause processing while a dispute is resolved.

Portability (20): take your data in machine-readable format to another provider.

Objection (21): stop processing based on legitimate interest.

Send a message to ; we respond within 30 days.

No automated decision-making with legal effect.

To improve the site we look at how it is used. For that we run a first-party analytics tool, EU-hosted, which places first-party cookies and uses browser storage (localStorage) to count you anonymously within one session. No advertising, no cross-site tracking, nothing sold to third parties, no profiling.

What we actually measure: pageviews, clicks, scroll depth, country (via IP geo-lookup, not stored), device type, and referrer. What we do not do: fingerprinting, cross-site tracking, advertising profiling.

For session recording (an anonymised replay of your interaction with masked input fields) we ask explicit consent via the cookie banner. No consent = no recording.

Legal basis: your consent via the cookie banner (Article 6(1)(a) GDPR + ePrivacy). You can withdraw by clearing your browser storage or by sending a message to . No consent = the analytics tool does not load; only technically necessary functionality runs.

For strictly necessary cookies (such as a session cookie during login, once that functionality goes live) no consent is required under ePrivacy. They are technically necessary.

All traffic to this site runs encrypted over HTTPS (TLS).

Waitlist data is stored encrypted at rest with our EU database provider, with two-factor authentication on the founder account.

Email runs encrypted in transit via our EU provider.

Access to the waitlist database is limited to the founder.

Belgium: Data Protection Authority (GBA / APD), www.gegevensbeschermingsautoriteit.be.

Netherlands: Autoriteit Persoonsgegevens (AP), www.autoriteitpersoonsgegevens.nl.

Or the supervisory authority of your country of residence.

Material changes are announced at least 30 days in advance to signups by email. The version date at the top reflects the current version.