Privacy Policy and Data Protection according to GDPR

Identification and contact details

When you register or interact with our services, we collect data such as your full name, date of birth, address details, email address, and phone number. The processing of your date of birth is a legal requirement to verify that you meet the minimum age of 18. This data is essential for managing your user account and for maintaining a communication channel for administrative and support purposes.

Technical and usage data

We automatically record technical information about your device and your connection. This includes your IP address, browser type, operating system, unique device identifiers, and details about your navigation patterns on our site. This data helps us monitor the technical security of our infrastructure, detect unauthorized access attempts, and optimize the user interface for different screen sizes and hardware specifications.

Transaction and communication data

In the context of our services, we keep data about your interactions with our features and the history of your communication with our customer service. Although we do not directly store full financial details such as credit card numbers on our servers, we record the status of transactions to comply with administrative obligations and to effectively resolve any technical disputes.

We process your personal data solely on the following legal bases:

• Performance of a contract: Necessary to provide the services you requested.
• Legitimate interest: For the security of our systems and the prevention of fraud.
• Legal obligation: To comply with Dutch regulations regarding verification and reporting obligations.
• Explicit consent: When you give consent for specific processing purposes, such as marketing preferences.

Your information is used for the following operational purposes:

• Facilitating account management and identity verification.
• Providing tailored technical support and customer service.
• Analyzing aggregated statistics to improve site architecture.
• Detecting, preventing, and addressing security incidents or fraudulent activities.
• Complying with legal requirements and government regulations in the Netherlands.
• Sending important notifications about changes to our terms or policy.

We retain your personal data no longer than is strictly necessary for the purposes for which it was collected, or to comply with the statutory retention periods imposed by the Dutch government. Once data is no longer required for its original purpose or the statutory periods have expired, it is securely deleted or irreversibly anonymized, making individual identification impossible.

We do not sell or rent your personal data to third parties for commercial purposes. However, data may be shared with trusted technical service providers acting on our behalf, such as hosting providers, data analysts, or security experts. These parties are contractually obligated to protect your data according to strict confidentiality clauses and may only process it according to our specific instructions. Additionally, information may be provided to competent authorities if we are legally obliged to do so.

Due to the global nature of internet infrastructure, some of our technical partners may be located outside the European Economic Area (EEA). In such cases, we implement appropriate technical and legal safeguards, such as the European Commission's standard contractual clauses, to ensure that your information receives a level of protection equivalent to GDPR standards.

We have implemented extensive physical, organizational, and electronic security measures to protect your data against loss, theft, or unauthorized access. This includes:

• Advanced cryptography (SSL/TLS) for all data transfers.
• Implementation of robust firewalls and intrusion detection systems.
• Strict access controls based on authorized user profiles.
• Regular technical audits to identify system vulnerabilities. Although we make constant efforts, no internet transmission is entirely invulnerable; we encourage users to also be vigilant themselves.

Under Dutch privacy law, you have fundamental rights regarding your data:

• Right of access: Knowing what data we store about you.
• Right to rectification: Having inaccurate or incomplete information corrected.
• Right to erasure: Requesting the deletion of your data under specific conditions.
• Right to object: Objecting to processing based on legitimate interest.
• Right to data portability: Receiving your data in a structured format.

To exercise your rights or for questions about this Privacy Policy, please contact our team via: [email protected]. Please include proof of identity to verify the legitimacy of the request.