Privacy Policy

Privacy Policy

Effective date: 17/11/2025

This Privacy Policy explains how World Machine Consulting BVBA (trading as Sphere, “we”, “us”, “our”) collects and uses personal data when you use this website (the “Site”) or interact with us.

We are the data controller for the processing described in this Policy.

World Machine Consulting BVBA
Ogezlaan 33
2500 Lier
Belgium

Email: c.vanderlinden@wmc.agency

1. Scope

This Privacy Policy applies to:

  • visitors to our website;

  • individuals who contact us (e.g. via email or contact forms);

  • candidates who apply for roles at Sphere.

It does not cover personal data processed under separate consulting or service agreements, which may be subject to additional terms.

2. Personal data we collect

We may process the following categories of personal data:

Information you provide directly

  • Identification and contact details (e.g. name, role, company, email address, telephone number).

  • Content of messages you send us (e.g. enquiries, feedback, project information).

  • Recruitment data (e.g. CV, cover letter, LinkedIn profile, career history, salary expectations).

Information collected automatically

When you visit the Site, we may collect, through cookies or similar technologies:

  • device and browser information;

  • IP address and general location (country/region);

  • pages visited, time and duration of visits, click paths and referring websites.

This data is typically aggregated and used for analytics and security purposes. Where required by law, non-essential cookies or similar technologies will only be used with your consent.

3. Purposes and legal bases

We process personal data only where we have a valid legal basis under the GDPR.

a) Responding to enquiries and managing relationships

  • To respond to contact requests, emails and meeting requests.

  • To manage ongoing business relationships with clients, partners and prospects.

Legal basis:

  • Art. 6(1)(b) GDPR – performance of a contract or steps prior to entering into a contract.

  • Art. 6(1)(f) GDPR – our legitimate interest in responding to and managing professional enquiries.

b) Providing and improving the Site

  • To operate, maintain and secure the Site.

  • To understand how the Site is used and improve content, usability and performance (aggregated analytics).

Legal basis:

  • Art. 6(1)(f) GDPR – our legitimate interest in operating a secure, effective website and understanding usage.

  • Art. 6(1)(a) GDPR – consent for non-essential cookies or similar technologies, where applicable.

c) Marketing and business development

  • To send you relevant information about our services or events, where permitted.

  • To maintain a professional contact database and map our market.

Legal basis:

  • Art. 6(1)(a) GDPR – consent, where required.

  • Art. 6(1)(f) GDPR – our legitimate interest in developing our activities, subject to your right to object.

You can opt out of marketing communications at any time by following the instructions in the message or contacting us.

d) Recruitment

  • To review and manage applications, assess candidates and communicate with you in the context of a recruitment process.

Legal basis:

  • Art. 6(1)(b) GDPR – steps prior to entering into an employment or services contract.

  • Art. 6(1)(f) GDPR – our legitimate interest in selecting appropriate candidates and keeping records of recruitment decisions.

e) Legal and compliance

  • To comply with legal obligations (e.g. tax, accounting, regulatory requirements).

  • To establish, exercise or defend legal claims.

Legal basis:

  • Art. 6(1)(c) GDPR – compliance with a legal obligation.

  • Art. 6(1)(f) GDPR – our legitimate interest in protecting our rights and managing disputes.

4. How we share personal data

We may share personal data, on a need-to-know basis, with:

  • Service providers who support our operations (e.g. IT hosting, email and collaboration tools, website and analytics providers), under appropriate data processing agreements.

  • Professional advisers (e.g. legal, accounting or other consultants) where necessary for their services.

  • Authorities or other third parties, where required by law or to protect our rights.

We do not sell personal data.

If Sphere’s structure changes (e.g. merger, acquisition, reorganisation), personal data may be transferred as part of that transaction, subject to appropriate safeguards.

5. International transfers

Some of our service providers or partners may be located outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we will ensure an adequate level of protection, for example by:

  • relying on an adequacy decision by the European Commission; or

  • using standard contractual clauses approved by the European Commission, supplemented where necessary by additional safeguards.

You may contact us for more information about specific transfers and applicable safeguards.

6. Data retention

We retain personal data only for as long as necessary to fulfil the purposes described above, and to comply with legal, accounting or reporting obligations.

Retention periods may vary, for example:

  • enquiry and contact data – generally retained for as long as the relationship is active and for a reasonable period thereafter;

  • recruitment data – typically retained for the duration of the recruitment process and, if you consent or local law allows, for a limited period afterwards for future opportunities;

  • log and analytics data – retained for periods appropriate to security and analytics needs.

When data is no longer needed, we will delete or anonymise it, unless we are required by law to keep it longer.

7. Your rights

Under the GDPR and applicable data protection laws, you have certain rights in relation to your personal data, subject to conditions and limitations:

  • Right of access – to obtain confirmation whether we process your personal data and receive a copy.

  • Right to rectification – to have inaccurate or incomplete data corrected.

  • Right to erasure – to request deletion of your data in certain circumstances.

  • Right to restriction – to request that we restrict processing in certain cases.

  • Right to data portability – to receive certain data in a structured, commonly used and machine-readable format and transmit it to another controller.

  • Right to object – to object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling; and to object at any time to processing for direct marketing.

  • Right to withdraw consent – where processing is based on your consent, you may withdraw it at any time (without affecting the lawfulness of processing before withdrawal).

To exercise these rights, please contact us at c.vanderlinden@wmc.agency.
We may need to verify your identity before responding.

8. Cookies and similar technologies

Our Site may use cookies and similar technologies to:

  • enable core functionality (e.g. security, session management);

  • perform basic analytics and usage measurement;

  • remember certain preferences, where applicable.

Where required by law, we will request your consent before setting non-essential cookies. You can manage your cookie preferences via your browser settings and, where available, our cookie banner or settings tool.

Further details may be provided in a separate Cookie Notice.

9. Security

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

However, no system or transmission over the internet can be guaranteed to be fully secure. You are responsible for taking reasonable steps to protect your own devices and systems.

10. Third-party sites

Our Site may contain links to third-party websites or services.
We are not responsible for the privacy practices or content of those third parties.

If you follow a link to any other website, please review its privacy policy.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.
The updated version will be published on this page with an updated “Effective date”.

Your continued use of the Site after changes are posted constitutes your acknowledgement of the updated Policy.

12. Contact and complaints

If you have questions about this Privacy Policy or how we process your personal data, please contact:

World Machine Consulting BVBA
Ogezlaan 33
2500 Lier
Belgium

Email: c.vanderlinden@wmc.agency

You also have the right to lodge a complaint with a supervisory authority. In Belgium, this is:

Gegevensbeschermingsautoriteit / Autorité de protection des données
Rue de la Presse 35, 1000 Brussels, Belgium
More information is available on the authority’s website.