At BIP Messages, we take your privacy seriously. This policy explains what data we collect, why we collect it, and how you can exercise your rights under the General Data Protection Regulation (GDPR).
1. Who are we?
The data controller of your personal data is:
KLARO APP · 98 Chaussée de Chastre, 5140 Sombreffe, Belgique · BCE 0698.790.176
2. What data do we collect?
We only collect the data strictly necessary for the operation of the service:
- Account data : phone number, display name, profile photo (optional).
- Message metadata : timestamp and recipients. Message content is end-to-end encrypted and inaccessible to BIP.
- Contacts : list of phone numbers you choose to sync, in hashed form.
- Technical data : device model, OS version, language, IP address (anonymized after 24h).
- Payment data : none. BIP is free and processes no payments.
3. Why do we process your data?
We use your data exclusively to:
- Provide and maintain the messaging and calling service.
- Help you find your contacts who use BIP.
- Protect the integrity of the service against abuse, spam and fraud.
- Comply with our legal obligations (crime prevention, judicial requests).
4. Legal basis for processing
The processing of your data is based on the performance of the contract (Article 6.1.b GDPR) for the provision of the service, on our legitimate interest in securing the service (Article 6.1.f), and on your explicit consent (Article 6.1.a) for optional processing such as contact synchronization.
5. With whom do we share your data?
We never sell your data. We only share it with a strictly limited number of technical subprocessors (hosting, network infrastructure), all located in the European Economic Area and bound by GDPR-compliant confidentiality agreements.
We may be required to disclose certain data to Belgian authorities upon valid judicial request. No data is ever transmitted for advertising or commercial purposes.
6. Retention period
- Account data: as long as your account is active, deleted within 30 days of account deletion.
- Message metadata: maximum 90 days.
- IP addresses: 24 hours, anonymized thereafter.
7. Security
Your messages are protected by AES-256 end-to-end encryption with Signal Protocol key rotation. Our servers are hosted in Europe with ISO 27001 and SOC 2 certifications. No BIP engineer can access the content of your conversations.
8. Your rights
Under GDPR, you have the following rights:
- Right to access your personal data.
- Right to rectify inaccurate data.
- Right to erasure ("right to be forgotten").
- Right to restrict processing.
- Right to data portability.
- Right to object to processing.
To exercise these rights, contact our Data Protection Officer: dpo@messagebe.com
9. Cookies
The messagebe.com website uses technical and audience measurement cookies. For more information, see our cookie policy.
10. Minors
BIP Messages is not intended for children under 16. We do not knowingly collect any data concerning minors under 16 without verifiable parental or legal guardian consent.
11. Changes
We may update this policy from time to time. In case of substantial changes, we will notify you via in-app notification 30 days before they take effect.
12. Supervisory authority
If you believe your rights are not being respected, you have the right to file a complaint with the Belgian Data Protection Authority (DPA): Rue de la Presse 35, 1000 Brussels · contact@apd-gba.be · +32 2 274 48 00.