GDPR Compliance

Last updated: February 23, 2026

This page provides information about how Drop.Top by 4Cs B.V. complies with the General Data Protection Regulation (GDPR) for individuals located in the European Union. The GDPR gives you specific rights regarding your personal data.

Our Role as Data Controller

Drop.Top by 4Cs B.V. acts as a data controller for personal data collected through our website and services. We are committed to protecting your privacy and complying with all applicable data protection laws.

Lawful Basis for Processing

We process personal data based on the following lawful bases under GDPR:

Your GDPR Rights

As an EU data subject, you have the following rights under GDPR:

Right to Access

You have the right to obtain confirmation whether we process your personal data and, if so, access to that data and information about how it's processed.

Right to Rectification

You have the right to have inaccurate personal data rectified or incomplete data completed.

Right to Erasure ("Right to be Forgotten")

You have the right to have your personal data erased in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing

You have the right to restrict the processing of your personal data in certain situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.

Right to Withdraw Consent

If processing is based on consent, you have the right to withdraw your consent at any time.

How to Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer at:

Email: [email protected]
Address: Drop.Top by 4Cs B.V., Data Protection Office, Krijtersveld 5, 2160 Wommelgem Belgium

We will respond to your request within 30 days, though this may be extended by 60 days in complex cases. We may need to verify your identity before processing your request.

Data Protection Officer

Our Data Protection Officer can be contacted for any questions regarding GDPR compliance or data processing activities.

Email: [email protected]
Phone: +32 (0) 20 123 4567

Complaints

If you believe we have not complied with GDPR, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where the alleged infringement occurred.

For Belgium: Gegevensbeschermingsautoriteit (GBA)
Website: gegevensbeschermingsautoriteit.be

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours if the breach poses a risk to individuals' rights and freedoms. If the breach poses a high risk, we will also notify affected individuals without undue delay.

Data Protection Impact Assessment

We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities to identify and minimize data protection risks.

Privacy by Design

We implement privacy by design principles in all our products and services, ensuring data protection is considered from the earliest stages of development.

Record of Processing Activities

We maintain comprehensive records of all our processing activities as required by GDPR Article 30.

Contact Information

For GDPR-related inquiries or to exercise your rights:

Data Protection Officer
Drop.Top by 4Cs B.V.
Krijtersveld 5, 2160 Wommelgem Belgium
Email: [email protected]
Phone: +32 (0) 20 123 4567

We are committed to working with you to resolve any data protection concerns you may have.