Cookie Policy

What are cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember information about your visit — such as your login status or preferences — so you don't have to re-enter them every time.

Cookies we use

Essential cookies

These cookies are strictly necessary for the website and platform to function. They cannot be disabled.

CookiePurposeDuration

Session cookieKeeps you logged in to RECOSASession

CSRF tokenSecurity — prevents cross-site request forgerySession

Cookie consentRemembers your cookie preferences12 months

Legal basis: Strictly necessary — no consent required (Article 5(3) ePrivacy Directive)

Analytics cookies

We use privacy-friendly analytics to understand how visitors use recosa.eu. These cookies collect aggregated, anonymised data — no personally identifiable information is collected.

CookieProviderPurposeDurationAnalyticsPrivacy-friendly toolPage views, traffic source12 months

Legal basis: Your consent (Article 5(3) ePrivacy Directive)

No advertising or tracking cookies

We do not use advertising cookies, retargeting cookies, or third-party tracking cookies. We do not share cookie data with advertisers.

Managing your cookies

When you first visit recosa.eu, you will see a cookie banner asking for your consent to analytics cookies. You can:

• Accept all — enable analytics cookies

• Reject — use the site with essential cookies only

You can change your preferences at any time by clicking the cookie settings link in the footer.

You can also manage cookies directly in your browser:

• Chrome

• Firefox

• Safari

• Edge

Note that disabling essential cookies will prevent you from logging in to the RECOSA platform.

More information

For more information about how we handle your personal data, see our Privacy Policy.

For any questions about our use of cookies, contact us at contact@recosa.eu.

1. Who we are

RECOSA (“we”, “us”, “our”) is an AI-powered regulatory compliance platform operated by a sole trader, based in Belgium.

Contact: contact@recosa.eu.
Website: https://recosa.eu.

2. What RECOSA does

RECOSA is a compliance co-pilot that helps SMEs understand and work towards compliance with EU regulations including GDPR, NIS2, and the EU AI Act. The platform provides AI-powered compliance Q&A, gap assessments, document generation, website compliance audits, regulatory monitoring, and alerts.

3. Personal data we may collect

Depending on how you interact with RECOSA, we may collect contact details, company information, account information, billing information, platform usage data, submitted compliance questions, generated document inputs, website audit inputs, and technical data such as IP address, device information, browser type, and log data.

4. How we use personal data

We use personal data to provide and improve the RECOSA platform, answer enquiries, manage accounts and subscriptions, process payments, generate compliance outputs requested by users, monitor service performance, prevent misuse, comply with legal obligations, and communicate important service updates.

5. AI processing and important limitation

RECOSA uses AI systems to interpret publicly available regulatory texts and guidance, answer compliance questions, assess gaps, and generate documents. AI outputs may contain errors or omissions and are for informational and guidance purposes only. RECOSA is not a law firm and does not provide legal advice. Important compliance documents should be reviewed by a qualified legal professional before use.

6. Legal bases for processing

We process personal data where necessary to perform a contract with you, respond to pre-contractual enquiries, comply with legal obligations, pursue legitimate interests such as service security and improvement, or where you have given consent, for example for optional communications.

7. Sharing and processors

We may share personal data with service providers that help us operate RECOSA, such as hosting, analytics, payment, email, support, and AI infrastructure providers. We do not sell personal data. Where required, we use appropriate data processing agreements and safeguards.

8. Retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including account management, legal compliance, dispute resolution, security, and legitimate business records. Retention periods may vary depending on the type of data and applicable legal requirements.

9. Your rights

Subject to applicable law, you may have the right to access, correct, delete, restrict, object to processing of, or request portability of your personal data. You may also withdraw consent where processing is based on consent. To exercise these rights, contact us at contact@recosa.eu.

10. Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. No online service can guarantee absolute security, but we work to maintain appropriate safeguards for the nature of the data processed.

11. Availability and changes

We may update or modify the RECOSA service and this Privacy Policy from time to time. If we make material changes, we will notify registered users where appropriate. The latest version will always indicate the date it was last updated.

12. Governing law

This Privacy Policy is governed by Belgian law, without prejudice to any mandatory rights you may have under the law of your country of residence.

13. Contact

For any questions about this Privacy Policy or how RECOSA handles personal data, contact us at contact@recosa.eu. Address: Belgium.