Privacy Policy
This Privacy Policy explains how Tecklenborgh B.V., a company incorporated under the laws of the Netherlands, registered with the Dutch Chamber of Commerce under number 69415579 ("Tecklenborgh", "we", "us", or "our"), collects, uses, shares, and protects your personal data. Tecklenborgh is the controller within the meaning of Article 4(7) of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Dutch GDPR Implementation Act (Uitvoeringswet Algemene verordening gegevensbescherming, "UAVG").
This Policy applies to personal data processed through our websites, applications, services, and any other interactions you may have with Tecklenborgh (together, the "Site" and "Service", as defined in our Terms and Conditions of Use).
If you have questions about this Policy or wish to exercise your data protection rights, you may contact us via the Contact page on the Site.
Introduction and Identity of the Data Controller
Tecklenborgh B.V. acts as the data controller for personal data collected through the Site and Service. Tecklenborgh is registered with the Dutch Chamber of Commerce under number 69415579.
This Policy applies to personal data processed through our websites, applications, services, and any other interactions you may have with Tecklenborgh.
If you have questions about this Policy or wish to exercise your data protection rights, you may contact us via the Contact page on the Site.
Data Protection Officer / Privacy Contact
Tecklenborgh does not currently meet the criteria for the mandatory appointment of a Data Protection Officer under Article 37 of the GDPR or Section 38 of the UAVG. Accordingly, no DPO has been appointed at this time.
We have designated a Privacy Contact who is responsible for overseeing data protection matters. The Privacy Contact can be reached via the Contact page on the Site.
Categories of Personal Data Collected
When you create an account, place an order, subscribe to the Service, or otherwise interact with us, we may collect: identification data (name, date of birth); contact data (email address, telephone number, postal address); account data (username, password, account preferences); payment references (invoice details, transaction identifiers); and the content of communications you send to us (support requests, feedback, correspondence).
When you access the Site, we automatically collect certain technical and usage data, including: your IP address and approximate location derived therefrom; device identifiers, browser type, and operating system; pages visited, time spent, referral URLs, and clickstream data; diagnostic and error logs; and cookie identifiers and similar online identifiers (see Section 9 below).
We may also receive personal data about you from third-party sources, including identity verification services, analytics providers, advertising partners, and social sign-in platforms, where you have chosen to interact with us through those platforms.
Tecklenborgh does not intentionally collect special categories of personal data (as defined in Article 9 of the GDPR). Should such data be provided to us incidentally, we will process it only where a lawful basis under Article 9(2) of the GDPR applies and will otherwise delete it without undue delay.
Purposes and Legal Bases for Processing
We process your personal data for the following purposes, each paired with the applicable legal basis under Article 6(1) of the GDPR:
Service delivery and account management: performance of the contract to which you are party (Article 6(1)(b)).
Payments, invoicing, and VAT compliance: performance of contract (Article 6(1)(b)) and compliance with legal obligations under Dutch tax and accounting law (Article 6(1)(c)).
Customer support and communications: performance of contract (Article 6(1)(b)) and our legitimate interest in providing responsive service (Article 6(1)(f)).
Service improvement, analytics, and security: our legitimate interest in improving the Site, understanding usage patterns, and maintaining security (Article 6(1)(f)).
Marketing communications: your consent (Article 6(1)(a)). You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
Legal claims and compliance: compliance with legal obligations (Article 6(1)(c)) and our legitimate interest in establishing, exercising, or defending legal claims (Article 6(1)(f)).
Cookies and tracking technologies: strictly necessary cookies are placed on the basis of our legitimate interest in operating the Site; all other cookies are placed on the basis of your prior consent in accordance with Article 11.7a of the Dutch Telecommunications Act (Telecommunicatiewet).
Data Retention Periods
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Our standard retention periods are as follows:
| Category | Retention period |
|---|---|
| Account data | Duration of active account plus 24 months following account closure. |
| Communications & support records | 24 months from the date of the last interaction. |
| Logs and security data | 12 months, unless a longer period is required for the investigation of security incidents or fraud. |
| Marketing preferences | Retained until you opt out or withdraw consent. |
| Transactional & financial records | 7 years, in accordance with Dutch tax and accounting retention obligations (Algemene wet inzake rijksbelastingen). |
Sharing of Personal Data
Tecklenborgh does not sell your personal data. We may share personal data with the following categories of recipients:
Processors: third-party service providers that process personal data on our behalf, including hosting and infrastructure providers, analytics services, communications platforms, and payment service providers. We maintain written data processing agreements with each processor in accordance with Article 28 of the GDPR.
Professional advisors: legal counsel, auditors, and accountants, where necessary for the conduct of our business.
Affiliates: other entities within the Tecklenborgh group in connection with corporate transactions, restructuring, or group-wide service delivery, subject to appropriate safeguards.
Authorities: government bodies, regulators, law enforcement agencies, or courts where disclosure is required by applicable law or regulation, or is necessary to protect our rights or the rights of third parties.
International Data Transfers
Tecklenborgh primarily stores and processes personal data within the European Economic Area ("EEA"). Where a transfer of personal data outside the EEA is necessary, we ensure that appropriate safeguards are in place, relying on adequacy decisions, Standard Contractual Clauses adopted by the European Commission under Article 46(2)(c) of the GDPR, or other appropriate safeguards consistent with GDPR requirements.
You may request a copy or summary of the Standard Contractual Clauses or other safeguards by contacting us via the Contact page.
Data Subject Rights
Under the GDPR, you have the following rights in relation to your personal data. You may exercise these rights at any time by contacting us via the Contact page. We will respond without undue delay and in any event within one month of receiving your request:
Right of access (Article 15): you may request confirmation of whether we process your personal data and, if so, obtain a copy of that data.
Right to rectification (Article 16): you may request correction of inaccurate personal data or completion of incomplete data.
Right to erasure (Article 17): you may request deletion of your personal data where the data is no longer necessary for the purposes for which it was collected, or you withdraw consent on which processing is based.
Right to restriction of processing (Article 18): you may request that we restrict the processing of your personal data in certain circumstances.
Right to data portability (Article 20): you may request that we provide your personal data in a structured, commonly used, machine-readable format.
Right to object (Article 21): you may object to processing based on legitimate interests, including profiling. Where we process personal data for direct marketing purposes, you have an absolute right to object at any time.
Right to withdraw consent: where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
Right not to be subject to automated decision-making: you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects concerning you.
If you are not satisfied with our response or believe that we are processing your personal data unlawfully, you have the right to lodge a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens (AP), Postbus 93374, 2509 AJ Den Haag, Nederland. Telefoon: +31 (0)70 888 8500.
Cookies and Tracking Technologies
The Site uses cookies and similar tracking technologies. We use the following categories of cookies:
Strictly necessary cookies: essential for the operation of the Site (e.g., session management, security). These do not require your consent.
Preference cookies: enable the Site to remember your choices and provide enhanced functionality.
Analytics cookies: help us understand how visitors interact with the Site by collecting information about pages visited, time spent, and navigation paths.
Advertising cookies: used to deliver relevant advertisements and measure the effectiveness of advertising campaigns.
For non-essential cookies, we obtain your prior consent through a cookie banner displayed upon your first visit to the Site, consistent with Article 11.7a of the Dutch Telecommunications Act (Telecommunicatiewet). You may withdraw your consent or adjust your preferences at any time. You may also configure your browser to refuse cookies; however, this may affect the functionality of the Site.
For further detail on specific cookies deployed, please refer to the cookies section in our Terms and Conditions of Use.
Security Measures
Tecklenborgh implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include: encryption of personal data in transit (TLS/HTTPS) and at rest where applicable; access controls based on the principle of least privilege, including multi-factor authentication; logging and monitoring of access to systems containing personal data; regular vulnerability assessments and due diligence on third-party suppliers; and an incident response procedure including notification to the Autoriteit Persoonsgegevens within 72 hours (Article 33 GDPR) where a breach is likely to result in a high risk to the rights and freedoms of natural persons.
You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account.
Children's Data
The Site and Service are not directed to children under the age of 16. Accounts must be created by individuals who are at least 16 years of age or, where younger, with the verifiable consent of the holder of parental responsibility, consistent with Article 8 of the GDPR and the UAVG.
If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete that data without undue delay.
Changes to this Privacy Policy
Tecklenborgh may update this Privacy Policy from time to time to reflect changes in our processing activities, legal requirements, or business practices. If we make material changes, we will notify you by email or by posting a prominent notice on the Site in advance of the changes taking effect.
We will archive prior versions of this Policy and make them available upon request. We encourage you to review this Policy periodically to stay informed about how we protect your personal data.