Privacy policy

To provide our services

We may use publicly available personal data of you, that we collect in order to provide you with a proposal for our services.

When you register an account on our platform, we ask you for your name, address, telephone number, e-mail address, IP address and, if applicable, the Chamber of Commerce information and VAT number. In addition, we also ask you for your bank account number. 

We will use such information for providing and/or making our services available under the contractual terms of our services (including facilitating relationships between our partners, whether advertisers and publishers and/or third-party technology partners engaged by those parties) or in the pursuit of our legitimate interest of the proper administration of our business.

Maintaining our business operations

We use your personal data to ensure that your use of the account on the platform is aligned with our terms of service and legitimate. We may process your personal data in order to prevent any (suspected) fraudulent use, to enforce our legal rights and comply with our legal obligations. 

Where we reasonably believe that you are or may be in breach of any of the applicable laws, we may use your personal data to inform relevant third parties such as your e-mail/internet provider or law enforcement agencies.

Marketing to you or your company

If you are an advertiser or publisher in our network we use various forms of marketing to provide you with promotional materials about the services of Daisycon and affiliated group companies of Linehub as well as services of advertisers and publishers operating on our network. We may process contact information that you provide to us (either via our website, through business cards, at events/conferences, through third parties, or through use of our services) for the purposes of marketing in accordance with our legitimate interests to promote our business. You can always request to be removed from the mailing lists by unsubscribing at the bottom of any marketing e-mail or by informing our sales representatives to be removed from all or specific marketing communications.

Improving and optimising usability for you and others

Our platform uses cookies and other mechanisms to collect analytical information to help analyse how the interface is used. We process this information to improve our understanding and to compile statistical reports regarding that activity. This information is not used by us to develop a personal profile of you. 

When we provide our services to you, the legal basis for the processing of your personal data lies in the necessity of the performance of the contract as outlined above. 

To maintain our business operations, we rely on legitimate interest as the basis for processing your personal data – to comply with our legal obligations and in case of a breach, to inform the relevant authorities.

In sending marketing communications to you regarding our services and those of our other group companies, we rely on legitimate interest to provide you with offers relevant to your business.

Group members, personnel, suppliers or subcontractors: We keep your personal data confidential, but disclose it to our group members (which means our subsidiaries and other affiliated companies in the Linehub group), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy.

Only other Linehub group members (companies) can independently make choices concerning the use of your personal data for marketing their related services to you.

Other suppliers and subcontractors cannot make independent use of the personal data, and have agreed to safeguard it. Activities which are carried out by third party service providers include: CRM management software (Hubspot), e-mail marketing services, website hosting, website analytics, payment services and IT support.

As required by law: In addition, we disclose your personal data to the extent that we are required to do so by law (e.g. to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of  preventing fraud or money laundering).  

Enforcement by third parties: We disclose your personal data to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches or to protect the rights, property or safety of Daisycon, our customers or others. 

The processes surrounding information security within Linehub and Daisycon have been thoroughly tested and rewarded with the ISO/IEC 27001 certificate through an audit. This internationally recognised certification confirms that all the requirements of an information security management system are met. It recognises and acknowledges that all data is handled responsibly and according to information security standards. The ISO certificate can be viewed on the Linehub.com website. The Statement of Applicability can also be requested there.

We are convinced that the behaviour of individuals is the most important part of security. Our employees are well aware of what is and what is not allowed when it comes to data. There is a policy on incoming data and a security and escalation protocol. This policy is part of our staff handbook and is regularly brought to the attention of all colleagues.

A second-and very important-step in data security at Daisycon, is to store as little sensitive data as possible (privacy by design). We do not store any personal data for our Affiliate Marketing service and data, if combined, can never be traced back to a person either. Daisycon has an advanced authorisation system, which means that only authorised personnel of a certain level can access certain transaction data.

Besides the fact that we store little data and that this data cannot be traced back to individuals, we also strive for the best security of our systems. To this end, we cooperate with professional data security companies. Besides regular checks by our own technical department, we regularly have so-called penetration tests performed. We also have standard control processes for going live with new software. This ensures that, in between penetration tests, only secure software is deployed. Our servers are managed at separate locations within the Netherlands by external hosting providers. They are ISO 9001 and ISO 27001 certified.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.   

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Under the GDPR and other applicable data protection laws, you have the following rights:

• request access to your personal data and information related to our use and processing of your personal data;  
• request the correction or deletion of your personal data;  
• request that we restrict the use of your personal data;  
• request a machine-readable copy of your personal data or that your personal data be transferred to other IT systems;  

• object to the processing of your personal data by withdrawing your consent. 

To exercise any of your rights under data protection laws, you can send a request to [email protected].

If you are of the opinion that the way we have responded to your request or addressed your concerns is insufficient, or if you disagree with the way we process your data, you can file a complaint with the Dutch Data Protection Authority or the Data Protection Authority in your country if you reside elsewhere.

Your data may be transferred outside of the EEA in the course of the processing of your personal data being done by our trusted service providers. Where these countries have not been deemed to have an adequate level of protection under an adequacy decision of the EU Commission, we have put in place specific contracts containing the EU Commission’s standard contractual clauses (the “SCCs”) to ensure that your personal data is treated by all parties in a way that is consistent with and which respects laws on data protection, in particular the GDPR. 

Daisycon uses end user (consumer) data for the purpose of matching the click on a link from a publisher's website, to an action on the advertiser's website.

This so-called web audience measuring that Daisycon performs generates Matching Data, allowing Daisycon to measure that an end user has clicked on a link on a publisher's website or platform, and performed a subsequent action on the advertiser's website.

The purpose of this web audience measuring is to attribute marketing efforts by a publisher to a particular action on the advertiser's website, to enable advertisers to reward publishers on a performance basis. Web audience measuring also allows Daisycon to provide publishers and advertisers with relevant reports. The majority of these reports contain only aggregated statistical data and in no case contain any personal data.

Daisycon doesn’t know who the end user is, only that the same end user started their journey with the publisher and completed it with the advertiser. The transaction profile created this way from the Matching Data does not reveal an end user’s name, identity or anything else that could be considered as personally identifying information, Daisycon can only view the journey an end user makes and which advertisement has led to an action on the advertiser's website.

The transaction profile is only used to attribute marketing efforts to a publisher. Daisycon does not create (customer) profiles of end users through the use of publishers' or advertisers' websites and services. 

Daisycon allows publishers to enquire as to whether an action by a user ought to have generated a commission for that publisher. This is achieved through the sharing of information between publishers and advertisers. Advertisers use the information provided by publishers to verify against their own records and to match the referral with the end user action on the advertiser's website. Daisycon enables this data sharing and matching, and consecutively the payment of any commission due to the publisher as a result. Insofar as any (personal) data is being processed, which is by design not the case, Daisycon shall perform the processing on behalf of the advertiser and/or publisher, who determine the means and purpose of the processing of this data.

We make sure not to collect data that isn’t necessary to provide our services. The majority of the data Daisycon uses is machine generated. It lets Daisycon, in a probabilistic manner, single out an individual customer journey starting with a click on a link in the Daisycon network and ending with an action on the advertiser's website, but it does not reveal who that person is. We do not use this data to make predictions or evaluations of users’ interest or personalities and Daisycon does not perform any retargeting.

Daisycon plays a vital role in providing the affiliate marketing platform and does not always have absolute control over the personal data that it receives from users, publishers or advertisers, as this is also dependent on the data that each of these parties can provide to Daisycon.

Daisycon stores an individual sequence of figures in respect of an end user action that does not reveal the name of a particular end user and instead contains only information on the advertiser’s campaign, the publisher, the end user action (i.e. a click), in which country it occurred and the device that is used.

Daisycon also receives limited transactional information from the advertisers, to confirm that a transaction has occurred and to carry out accurate commission allocating, billing and reporting. Such information includes the order ID, order value and product type.

Daisycon's data processing activities relating to end user data, do not require the direct identification of an individual and Daisycon considers this to be anonymised data. In this regard Daisycon takes the end user's IP address, truncates this IP address, meaning that both the first and last set digits of the IP address are sectioned off and deleted, whilst at the same time hashing the remaining digits in order to create this unique identifier, changing this unique identifier creation from a deterministic into a probabilistic protocol. The unique identifier created through this anonymisation of the end user's IP address is a highly secure method to separate the personal data from the specific individual. The anonymised unique identifier created this way is precise enough for statistical matching and allocation in the process.

Anonymisation eliminates the risks associated with processing of personal data, while also maintaining the data’s utility. There is no possibility for Daisycon to re-identify the end user after this and therefore Daisycon considers this to be anonymous data and not pseudonymous data. However, the third parties (such as advertisers and publishers) in this matching process, may be able to re-identify an end user through the information they themselves hold on the end user. This can be the case in loyalty and cash-back restitutions towards the end user.For that reason, the GDPR still can apply in certain circumstances and the end user can exercise their rights under the GDPR against these third parties.

Daisycon's affiliate marketing platform connects advertisers and publishers, so that they can work together to run affiliate marketing campaigns.

In running the campaign each party plays their part in pursuing the common purposes and each party can make certain decisions about the way data is used.

Daisycon contractually requires that all participants on the platform are compliant with data protection laws and that each party fulfils their obligations to respond to requests to exercise data subject rights. You can approach each party, if you intend to exercise your rights in respect of the data which that party controls. We advise our advertisers and publishers to align their privacy policies to include a reference to this information regarding the web audience measuring - the process of matching end users with the action on the advertiser's website through the transaction profile - that is done as part of providing the affiliate marketing services to the end users, so that end users can better understand the processing of data taking place.

Advertisers and/or publishers can each have their own reasons for processing certain personal data of you, which is described in their own privacy policy. This processing of (personal) data can relate to the end user and is not covered by Daisycon’s privacy policy. The reason for this is that this processing of (personal) data is not directly related to the affiliate marketing services provided by Daisycon, but instead relates to advertiser’s and/or publisher’s own business operations.

In order to perform the matching of the end user with the action on the advertiser's website, Daisycon places cookies on the device of the end user. When the end user visits the website of the publisher, and subsequently clicks on a link to be taken through to the advertiser's website, the end user is briefly redirected to a website of Daisycon, where Daisycon places a cookie on the end user's device. Upon the end user performing an action on the advertiser's website, this Matching Data is shared with Daisycon and allows Daisycon to accredit this end user action to the publisher that sent the end user to the advertiser's website.

Daisycon considers the use of these cookies for the matching process to be necessary for the web audience measuring in order for Daisycon's affiliate platform services to function properly.

The Dutch Telecommunications Act further underscores the necessity of using affiliate cookies for affiliate platform services, which use is exempt from the consent requirement insofar as the personal data processed through these affiliate cookies is limited to non-existent.

We have carried out a balancing exercise and have identified legitimate interests as a basis for processing end user data for the purposes set out in this section of the Privacy Policy.

When assessing Daisycon’s legitimate interest, the interests of all the parties in the full affiliate ecosystem were considered. A balancing test was carried out and it was confirmed that matching carries no risk or a very low risk of undue negative impact on the end user’s interests and fundamental rights and freedoms. Furthermore, due to the process of anonymisation of the already very limited personal data being processed, the risks become negligible.Legitimate interests are not limited to the interests of Daisycon, but can be legitimate interests of a third party or to society as a whole. In the context of our service, we consider that:

• Advertisers have an interest in carrying on an online advertising campaign, paid for on a performance basis, whereby third party referrers of customers or potential customers of the advertiser are compensated for referrals which generate revenue for the advertiser or which undertake another act desired by the advertiser.
• Publishers have an interest in monetising their content, services or other aspects of their website by generating advertising revenue which is paid on a performance basis.
• Advertisers and publishers have an interest in obtaining reports relevant to their respective business revenue generation.
• Daisycon has an interest in operating an affiliate marketing platform, and to provide technology, services and reporting, in return for payment from advertisers.
• Daisycon, advertisers, publishers and society at large have an interest in preventing fraud, misuse of services, or money laundering.

Group members, personnel, suppliers or subcontractors: We keep your personal data confidential, but disclose it to our group members (which means our subsidiaries and other related companies in the Linehub group), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy. However, this is on the basis that they do not make independent use of the personal data, and have agreed to safeguard it. Activities which are carried out by third party service providers include: CRM management software (Hubspot), website hosting, website analytics and IT support.  

As required by law: In addition, we disclose your personal data to the extent that we are required to do so by law (e.g. to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of preventing fraud or money laundering.).  

Enforcement by third parties: We disclose your personal data to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches or to protect the rights, property or safety of Daisycon, our customers or others. 

The processes surrounding information security within Linehub and Daisycon have been thoroughly tested and rewarded with the ISO/IEC 27001 certificate through an audit. This internationally recognised certification confirms that all the requirements of an information security management system are met. It recognises and acknowledges that all data is handled responsibly and according to information security standards. The ISO certificate can be viewed on the Linehub.com website. The Statement of Applicability can also be requested there.

We are convinced that the behaviour of individuals is the most important part of security. Our employees are well aware of what is and what is not allowed when it comes to data. There is a policy on incoming data and a security and escalation protocol. This policy is part of our staff handbook and is regularly brought to the attention of all colleagues.

A second-and very important-step in data security at Daisycon, is to store as little sensitive data as possible (privacy by design). We do not store any personal data for our Affiliate Marketing service and data, if combined, can never be traced back to a person either. Daisycon has an advanced authorisation system, which means that only authorised personnel of a certain level can access certain transaction data.

Besides the fact that we store little data and that this data cannot be traced back to individuals, we also strive for the best security of our systems. To this end, we cooperate with professional data security companies. Besides regular checks by our own technical department, we regularly have so-called penetration tests performed. We also have standard control processes for going live with new software. This ensures that, in between penetration tests, only secure software is deployed. Our servers are managed at separate locations within the Netherlands by external hosting providers. They are ISO 9001 and ISO 27001 certified.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.   

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  

As a general rule, Daiscyon retains Matching Data for 5 years after collection.

Under the GDPR and other applicable data protection laws, you have the following rights:

• request access to your personal data and information related to our use and processing of your personal data;  
• request the correction or deletion of your personal data;  
• request that we restrict the use of your personal data;  
• request a machine-readable copy of your personal data or that your personal data be transferred to other IT systems;  

• object to the processing of your personal data by withdrawing your consent. 

To exercise any of your rights under data protection laws, you can send a request to [email protected].

If you are of the opinion that the way we have responded to your request or addressed your concerns is insufficient, or if you disagree with the way we process your data, you can file a complaint with the Dutch Data Protection Authority or the Data Protection Authority in your country if you reside elsewhere.

Your data may be transferred outside of the EEA in the course of the processing of your personal data being done by our trusted service providers. Where these countries have not been deemed to have an adequate level of protection under an adequacy decision of the EU Commission, we have put in place specific contracts containing the EU Commission’s standard contractual clauses (the “SCCs”) to ensure that your personal data is treated by all parties in a way that is consistent with and which respects laws on data protection, in particular the GDPR.

To handle your job application as part of the recruitment process

When you send in your application, we ask for certain personal data to be shared with us, including:

• your name, address and contact details, including email address and telephone number;
• your CV with details of your qualifications, skills, experience and employment history;
• information about your salary expectations and notice period;
• information about your eligibility and right to work in a certain location;
• any additional personal data that you may share during the recruitment process.

We may collect this personal data directly from you via the application form and the CV that you are required to attach when submitting your application or through interviews and other forms of assessment.

We process your personal data to perform pre-contractual measures taken upon your request to evaluate your application, confirm your suitability for employment, and communicate with you in the recruitment process. 

To provide you with job openings similar to the one you applied for

If we think that a similar job opening to the one that you applied for might be a right fit, we will provide you with information about the other job opening and invite you to apply.

To provide you with information about other future job openings

We send out newsletters with job openings for our company and those of other companies in the Linehub group. 

Maintaining our business operations

Where we reasonably believe that you are or may be in breach of any of the applicable laws, we may use your personal data to inform relevant third parties such as your e-mail/internet provider or law enforcement agencies.

We have a legitimate interest to process your data in order to find the right candidate for the vacancy. 

After an unsuccessful application, you have a legitimate interest in receiving similar vacancies as the one you originally applied for, because you’ve expressed interest to work for our company.

To comply with legal obligations, we shall maintain the data provided by you upon your application for a certain, limited term.

Through our advertisements and during the application process, you can consent to receiving newsletters for future job openings.

Group members, personnel, suppliers or subcontractors: We keep your personal data confidential, but disclose it to our group members (which means our subsidiaries and other related companies in the Linehub group), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy. However, this is on the basis that they do not make independent use of the personal data, and have agreed to safeguard it.

As required by law: In addition, we disclose your personal data to the extent that we are required to do so by law (e.g. to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of preventing fraud or money laundering).  

Enforcement by third parties: We disclose your personal data to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches or to protect the rights, property or safety of Daisycon, our customers or others. 

The processes surrounding information security within Linehub and Daisycon have been thoroughly tested and rewarded with the ISO/IEC 27001 certificate through an audit. This internationally recognised certification confirms that all the requirements of an information security management system are met. It recognises and acknowledges that all data is handled responsibly and according to information security standards. The ISO certificate can be viewed on the Linehub.com website. The Statement of Applicability can also be requested there.

We are convinced that the behaviour of individuals is the most important part of security. Our employees are well aware of what is and what is not allowed when it comes to data. There is a policy on incoming data and a security and escalation protocol. This policy is part of our staff handbook and is regularly brought to the attention of all colleagues.

A second-and very important-step in data security at Daisycon, is to store as little sensitive data as possible (privacy by design). We do not store any personal data for our affiliate marketing service and data, if combined, can never be traced back to a person either. Daisycon has an advanced authorisation system, which means that only authorised personnel of a certain level can access certain transaction data.

Besides the fact that we store little data and that this data cannot be traced back to individuals, we also strive for the best security of our systems. To this end, we cooperate with professional data security companies. Besides regular checks by our own technical department, we regularly have so-called penetration tests performed. We also have standard control processes for going live with new software. This ensures that, in between penetration tests, only secure software is deployed. Our servers are managed at separate locations within the Netherlands by external hosting providers. They are ISO 9001 and ISO 27001 certified.

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your personal data collected as part of your recruitment process will be retained for 6 months following the notification on an unsuccessful application, for the purpose of sending you relevant and/or similar job openings to the one that you applied for. You will receive a notification before the end of the 6-month term whether you wish to extend the data retention for this purpose for a following 6 months.

If you have provided your consent to further processing, your personal data will be retained for additional 24 months to consider your application and get in contact with for future job vacancies.

We may retain your personal information for as long as is necessary in order to comply with applicable legal obligations.

In case of a successful application, your personal data will be retained as part of your personnel records and subsequent employee data retention periods will apply.

Under the GDPR and other applicable data protection laws, you have the following rights:

• request access to your personal data and information related to our use and processing of your personal data;  
• request the correction or deletion of your personal data;  
• request that we restrict the use of your personal data;  
• request a machine-readable copy of your personal data or that your personal data be transferred to other IT systems;  

• object to the processing of your personal data by withdrawing your consent. 

To exercise any of your rights under data protection laws, you can send a request to [email protected].

If you are of the opinion that the way we have responded to your request or addressed your concerns is insufficient, or if you disagree with the way we process your data, you can file a complaint with the Dutch Data Protection Authority or the Data Protection Authority in your country if you reside elsewhere.

Your data may be transferred outside of the EEA in the course of the processing of your personal data being done by our trusted service providers. Where these countries have not been deemed to have an adequate level of protection under an adequacy decision of the EU Commission, we have put in place specific contracts containing the EU Commission’s standard contractual clauses (the “SCCs”) to ensure that your personal data is treated by all parties in a way that is consistent with and which respects laws on data protection, in particular the GDPR. 

To answer your enquiries sent through our contact form

When you fill in the contact form on the Daisycon website, we will save and process your personal information in order to answer any enquiries you might have. We save this information for a maximum of 12 months after you have sent the filled in contact form to us.

By using cookies for different purposes on our website

We use cookies on our website to have our website operative, maintain different functions, provide you with relevant advertisement and monitor website usage. Please read our Cookie policy to understand the cookies we use and to enable whether these cookies may be placed on your device or not. Only necessary cookies are enabled and placed without your prior consent.

When you fill in the contact form on the website or enable cookies through the cookie banner, you consent to having your personal data processed for the purposes outlined.

Group members, personnel, suppliers or subcontractors: We keep your personal data confidential, but disclose it to our group members (which means our subsidiaries and other related companies in the Linehub group), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy. However, this is on the basis that they do not make independent use of the personal data, and have agreed to safeguard it. Activities which are carried out by third party service providers include: CRM management software (Hubspot), website hosting, website analytics and IT support.  

As required by law: In addition, we disclose your personal data to the extent that we are required to do so by law (e.g. to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).  

Enforcement by third parties: We disclose your personal data to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches or to protect the rights, property or safety of Daisycon, our customers or others. 

The processes surrounding information security within Linehub and Daisycon have been thoroughly tested and rewarded with the ISO/IEC 27001 certificate through an audit. This internationally recognised certification confirms that all the requirements of an information security management system are met. It recognises and acknowledges that all data is handled responsibly and according to information security standards. The ISO certificate can be viewed on the Linehub.com website. The Statement of Applicability can also be requested there.

We are convinced that the behaviour of individuals is the most important part of security. Our employees are well aware of what is and what is not allowed when it comes to data. There is a policy on incoming data and a security and escalation protocol. This policy is part of our staff handbook and is regularly brought to the attention of all colleagues.

A second-and very important-step in data security at Daisycon, is to store as little sensitive data as possible (privacy by design). We do not store any personal data for our affiliate m

marketing service and data, if combined, can never be traced back to a person either. Daisycon has an advanced authorisation system, which means that only authorised personnel of a certain level can access certain transaction data.

Besides the fact that we store little data and that this data cannot be traced back to individuals, we also strive for the best security of our systems. To this end, we cooperate with professional data security companies. Besides regular checks by our own technical department, we regularly have so-called penetration tests performed. We also have standard control processes for going live with new software. This ensures that, in between penetration tests, only secure software is deployed. Our servers are managed at separate locations within the Netherlands by external hosting providers. They are ISO 9001 and ISO 27001 certified.

Under the GDPR and other applicable data protection laws, you have the following rights:

• request access to your personal data and information related to our use and processing of your personal data;  
• request the correction or deletion of your personal data;  
• request that we restrict the use of your personal data;  
• request a machine-readable copy of your personal data or that your personal data be transferred to other IT systems;  

• object to the processing of your personal data by withdrawing your consent. 

To exercise any of your rights under data protection laws, you can send a request to [email protected].

If you are of the opinion that the way we have responded to your request or addressed your concerns is insufficient, or if you disagree with the way we process your data, you can file a complaint with the Dutch Data Protection Authority or the Data Protection Authority in your country if you reside elsewhere.

Your data may be transferred outside of the EEA in the course of the processing of your personal data being done by our trusted service providers. Where these countries have not been deemed to have an adequate level of protection under an adequacy decision of the EU Commission, we have put in place specific contracts containing the EU Commission’s standard contractual clauses (the “SCCs”) to ensure that your personal data is treated by all parties in a way that is consistent with and which respects laws on data protection, in particular the GDPR.