MembershipsContributingLog In
Why This MattersThe PortraitBegin reading →
Privacy Policy

Last updated: 4 May 2026 · Effective from publication

Your privacy is not a feature here.
It is the foundation underneath.

This policy explains what we hold about you, why we hold it, and what we do with it. It is a legal document, so it has to be precise. It is also written for you to actually read, because a policy you cannot read is not a policy you can rely on.

If something here surprises you, write to us at . The inbox is real. So is the person reading it.

Who is responsible

The party legally responsible for your data.

TerraNovaID is operated from Belgium. We are the data controller for everything described in this policy. That means questions, complaints, and rights requests come to us, and we are the ones who answer.

Read more · legal entity, contact, supervisory authority

TerraNovaID is operated by Factter BV, a company incorporated under Belgian law with its registered office in Belgium, registered with the Crossroads Bank for Enterprises under enterprise number BE 0735.580.296. For all matters relating to personal data, including the exercise of any of the rights described in Section 05, the contact point is privacy@terranovaid.com.

The competent supervisory authority is the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données), Drukpersstraat 35, 1000 Brussels. You have the right to lodge a complaint with them at any time, in addition to or instead of contacting us directly.

This policy is governed by the General Data Protection Regulation (Regulation (EU) 2016/679) and the Belgian Data Protection Act of 30 July 2018.

What we hold

What we hold about you, and why.

Different parts of the platform need different things. Here is the whole list, grouped by what you are doing when the data appears. Nothing on this page is collected silently.

  1. 01When you visit the website

    Pages visited, time on page, browser type, country-level location. We use this to understand how the site is being read, never to identify you. Analytics cookies are only set if you have agreed to them.

    Read more · legal basis, processor, retention

    We use Google Analytics 4 with IP-anonymisation enabled and EU-based data storage. Analytics is loaded only after explicit consent through the cookie banner. We do not build advertising profiles, and we do not place social media tracking pixels (such as Meta Pixel, LinkedIn Insight Tag, X Pixel) anywhere on this site.

    Legal basis: consent (GDPR Art. 6(1)(a)).
    Retention: 14 months, after which Google Analytics aggregates and discards the underlying event-level data.

  2. 02When you create a Portrait

    The reflections you give become your Portrait. We process them to generate the Portrait you receive, and we store them so you can return to it. No other purpose. No analysis for our benefit, ever.

    Read more · legal basis, retention, training exclusion

    Your Portrait responses are processed under GDPR Art. 6(1)(b) (performance of the contract you entered into when you created the Portrait). They are stored encrypted at rest, associated with your account, and accessible only to you.

    Your Portrait responses are never used to train AI models. Not ours, not anyone else’s. This exclusion is enforced where the data is stored, not in a setting that could be flipped without you noticing. See Section 06 below for the full data architecture.

    Retention: for as long as your account exists. Deletion is described in Section 07.

  3. 03When you build an Portrait

    What you write into your Portrait is yours. We store it. We do not read it for our purposes. We do not analyse it, train on it, share it, or sell it. This is built into the architecture, not promised in a policy.

    Read more · legal basis, encryption, access

    Portrait content is processed under GDPR Art. 6(1)(b) as part of the service you are using. Access to Portrait content from inside TerraNovaID is technically restricted: routine operations, analytics, and product development cannot reach it.

    Portrait content is encrypted at rest. As the platform develops, we are moving toward a separate encryption layer for Portrait content so that it is protected independently from account data. We will update this section when that layer is in place.

    Retention: for as long as you keep it. You can delete any layer or your full Portrait at any time, immediately, from your account settings. See /your-portrait/ for the full architecture, or Section 07 below for deletion.

  4. 04When you become a member

    Email, membership status, and the payment information needed to bill you. Card details are held by Stripe, not by us. We never see or store your full card number on our servers.

    Read more · legal basis, processor, retention

    Membership data is processed under GDPR Art. 6(1)(b) (contract) and Art. 6(1)(c) (legal obligation, for invoicing and accounting under Belgian tax law).

    Payment processing is handled by Stripe Payments Europe, Ltd. as an independent data controller for the card transaction itself, and as our processor for the recurring billing relationship.

    Retention:

    • Account email and membership status: for as long as your account exists.
    • Invoices and billing records: 7 years (Belgian accounting law obligation).
    • Marketing email subscriptions: until you unsubscribe.

What we never collect

A short list of structural exclusions, because what we do not gather matters as much as what we do.

  • We do not build advertising profiles from your activity on this site.
  • We do not place social media tracking pixels (Meta Pixel, LinkedIn Insight Tag, X Pixel, TikTok Pixel, or equivalents).
  • We do not track your behaviour across other websites.
  • We do not collect biometric data of any kind.
  • We do not buy data from third-party brokers to enrich what we hold about you.
  • We do not sell, rent, or trade personal data. Not now, not later. The platform’s revenue model is built so this can never become an attractive option.

TerraNovaID is not directed at children. We do not knowingly collect data from children under 16 (Belgian DPA 2018 digital-consent age). If you believe a child has provided personal data, write to privacy@terranovaid.com and we will delete it.

How we use it

What the data is actually for.
Three purposes. No fourth.

  1. To run the service you asked for. Showing you your Portrait. Holding your Portrait. Managing your membership. Sending the emails that come with that account.
  2. To improve the platform. Aggregated, anonymised analytics that cannot be traced back to a person. We look at patterns. We do not look at people.
  3. To stay in touch when you have asked us to. Replies to your messages. Membership updates that we are obliged to send. Journal articles and platform news, if you have explicitly subscribed. Every marketing email has a one-click unsubscribe, and the unsubscribe is honoured immediately, not after a “few days”.
Read more · what we do not do

We do not use your data to build behavioural profiles. We do not use your ecological identity content to train AI models, internal or external. We do not sell, share, or transfer your data to any third party for that party’s own commercial purposes. The third parties we work with (Section 06) operate strictly as processors, under written instructions and a Data Processing Agreement.

Your rights

What you can ask of us, and how fast we answer.

Under the GDPR you have a set of rights over your own data. They are not favours we extend; they are how the law is written, and how this platform is built.

You can ask to see what we hold about you. You can ask us to correct something that is wrong. You can ask us to delete it. You can ask for a copy in a portable format. You can object to specific processing, or ask us to restrict what we do with your data while a question is being resolved.

To exercise any of these, write to privacy@terranovaid.com. We respond within 30 days. Most requests are answered well inside that window.

Read more · the full set of rights, with article references

Under GDPR Articles 15-22, you have the following rights in relation to your personal data:

  • Right of access (Art. 15), a copy of all personal data we hold about you, together with the purposes of processing, the categories of data, and the recipients.
  • Right to rectification (Art. 16), correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17), deletion of your data, subject only to retention obligations imposed by law.
  • Right to restriction of processing (Art. 18), limitation of how we use your data while a dispute is being resolved.
  • Right to data portability (Art. 20), receipt of your data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21), objection to specific processing operations, including any processing based on legitimate interest.
  • Rights related to automated decision-making (Art. 22), TerraNovaID does not currently make automated decisions with legal or similarly significant effects about you.

Response time: we respond to all rights requests within 30 days (extendable by a further 60 days for genuinely complex requests, with notice). Requests are free of charge except where they are manifestly unfounded or excessive, per GDPR Art. 12(5).

Identity verification:if a request could affect another person’s data or your account, we may ask for one additional confirmation that the request is genuinely yours. We do not require copies of identity documents as a default.

Storage and security

Where it lives, and how it is protected.

Your data is stored on servers inside the European Union. It is encrypted on the way in, encrypted while it sits there, and reachable only to people who genuinely need access to keep the platform running.

Read more · processors, encryption, access controls

Hosting and infrastructure: the platform is served by Vercel Inc. through its edge network, with traffic routed via EU-region points of presence by default. The site source is version-controlled in GitHub; GitHub does not process personal data from visitors, it stores the application code only. A user-account database is introduced together with the Portrait launch and will be added to this section at that time.

Encryption today: every connection between your browser and the site runs over TLS 1.2 or higher, terminated at the edge by the hosting provider.

Encryption commitments for the database stack (introduced with the Portrait launch — these are the standards the stack must meet before personal data is stored):

  • At rest: AES-256 on storage volumes and database backups.
  • Portrait content sits on a separate encryption layer that is independent of account data.

Access controls: access to personal data inside TerraNovaID is restricted to a small number of people who need it to operate the platform. Access is logged. Routine operations, analytics, and product development do not have access to Portrait content.

Processors we work with (each governed by a written Data Processing Agreement under GDPR Art. 28):

  • Vercel Inc., hosting and edge delivery (EU points of presence; US-incorporated, transfers governed by Standard Contractual Clauses).
  • Stripe Payments Europe, Ltd., payment processing (EU/Ireland).
  • MailerLite Limited, transactional and newsletter email delivery (EU/Ireland).
  • Google Ireland Limited, analytics (EU, with onward transfer subject to Standard Contractual Clauses).

International transfers:where any processor transfers data outside the EEA, the transfer is governed by the European Commission’s Standard Contractual Clauses and, where applicable, supplementary technical measures.

Breach notification: in the event of a personal data breach affecting your data, we notify the Belgian Data Protection Authority within 72 hours where required (GDPR Art. 33), and notify you directly without undue delay where the breach is likely to result in a high risk to your rights and freedoms (GDPR Art. 34).

Deletion

When you ask us to delete, deletion is real.

You can delete any layer of your Portrait, your full Portrait, or your entire account from your account settings. One confirmation. The action begins immediately. No grace period designed to slow you down. No “are you sure?” loop. No retention offers framed as concern.

A small set of data must be retained for legal reasons. The law requires us to keep invoices and certain financial records for seven years. Everything outside that legal floor is genuinely gone.

Read more · what is deleted, what is retained, timeline

Deleted on confirmation:

  • Portrait responses and generated Portrait
  • All Portrait layers and content
  • Account profile, settings, and preferences
  • Marketing-list memberships
  • Application logs that reference your account, beyond a short rolling window kept for security purposes (max 90 days)

Retained for legal reasons:

  • Invoices and billing records: 7 years (Belgian Code of Economic Law / accounting law).
  • Records strictly necessary to demonstrate consent or to defend a legal claim, where applicable, for the duration of the relevant limitation period.

Backup window: once the database stack is live (with the Portrait launch), routine backups are encrypted and rotated on a defined cycle, and your data is purged from backups within that window after deletion. The exact cycle will be published here at that time.

Confirmation: after deletion, you receive a confirmation that lists what has been deleted and what (if anything) is retained for legal compliance, with the basis.

Cookies

What we set in your browser, and what we do not.

Only essential cookies are set without your consent. The small amount needed for the site to work and to keep your session secure. Anything beyond that, including analytics, runs only after you have agreed.

The full breakdown (names, purposes, durations, and how to change your choice) lives in the Cookie Policy.

Read the Cookie Policy →

Third parties

Who else touches your data, and on what terms.

A small number of providers help us run the platform. Each of them processes your data only on our written instructions, under a contract that obliges them to the same protections we are bound by. None of them is permitted to use your data for their own purposes.

We do not share data with advertising networks, data brokers, social media platforms, or any party that would treat your data as their own asset.

Read more · the full list, with role and jurisdiction
ProviderRoleJurisdiction
Vercel Inc.Hosting and edge deliveryEU PoPs (US-incorporated; SCCs apply)
Stripe Payments Europe, Ltd.Payment processing and recurring billingIreland
MailerLite LimitedEmail delivery (transactional + newsletter)Ireland
Google Ireland LimitedAnalytics, consent-gatedIreland (with US sub-processors under SCCs)

Each Data Processing Agreement is a standard EU-aligned document provided by the processor and reviewed by us before engagement.

Changes

When this policy changes, you will know before it matters.

Policies drift. Ours will too, as the platform develops. When it does, we update the “Last updated” date at the top, and we keep an archive of previous versions accessible on request.

If a change affects how your data is used in any material way, we tell you about it directly. By email to registered users, and visibly on the site. Before it takes effect, never afterwards.

Questions

If something here surprises you.

That is the address. A real person reads it. Use it for any of the rights in Section 05, or for anything in this policy that is unclear.

You also have the right, at any time, to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données), independently of contacting us, or in addition to it.

Read the full Trust statement →Cookie Policy →Terms of Use →Contact →