Cookie Consent

We use cookies for essential site functions and analytics; you can choose to accept all or reject analytics cookies - see our privacy policy.

Privacy policy

Last updated: February 26, 2025

Table of Contents

Controller

Reavant B.V.
Hendrik Figeeweg 5-L
2031 BJ Haarlem

Overview of Processing

The following overview summarizes the types of data processed, the purposes of processing, and the affected data subjects.

Types of Processed Data

  • Contact data
  • Usage data
  • Meta, communication, and procedural data
  • Log data

Categories of Affected Data Subjects

  • Communication partners
  • Users

Purposes of Processing

  • Communication
  • Security measures
  • Organizational and administrative procedures
  • Feedback
  • Marketing
  • Provision of our online service and user-friendliness
  • IT infrastructure

Applicable Legal Bases

Relevant legal bases under the GDPR: The following provides an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the GDPR, national data protection regulations may apply in your or our country of residence or business location. If specific legal bases are applicable in certain cases, we will inform you of these in this privacy policy.

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Contract fulfillment and pre-contractual inquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests, fundamental rights, and freedoms of the data subject that require protection of personal data.

National data protection regulations in the Netherlands: In addition to the GDPR, national data protection regulations apply in the Netherlands, particularly the "Implementation Act of the General Data Protection Regulation" (Uitvoeringswet Algemene verordening gegevensbescherming – UAVG).

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risks to individuals' rights and freedoms.

These measures include ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, availability, and separation of the data itself. Furthermore, we have established procedures to exercise data subject rights, delete data, and respond to data security risks. We also consider the protection of personal data from the outset by designing technology and setting up privacy-friendly defaults.

Transfer of Personal Data

In the course of processing personal data, we may transfer data to other entities, companies, legally independent organizations, or individuals or disclose it to them. Recipients of this data may include, for example, IT service providers or providers of services and content embedded in a website. In such cases, we comply with legal requirements and conclude appropriate contracts or agreements to protect your data.

International Data Transfers

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if processing takes place in the context of using third-party services or the disclosure or transfer of data to other persons, entities, or companies, this is done only in accordance with legal requirements.

If the European Commission has recognized the third country as having an adequate level of data protection (Art. 45 GDPR), this serves as the basis for data transfers. Otherwise, data transfers occur only if the level of data protection is otherwise secured, in particular through standard contractual clauses (Art. 46(2)(c) GDPR), explicit consent, or legally required or contractually necessary transfers (Art. 49(1) GDPR). The European Commission's website provides further information on data transfers and adequacy decisions: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en

Rights of Data Subjects

Under the GDPR, you have various rights, including:

  • Right to object: You may object at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR for reasons relating to your particular situation, including profiling based on these provisions.
  • Right to withdraw consent: If you have given consent, you may withdraw it at any time.
  • Right of access: You have the right to obtain confirmation as to whether personal data concerning you is being processed and to receive information about the data and additional details, including a copy of the data.
  • Right to rectification: You have the right to request the correction of inaccurate data or the completion of incomplete data.
  • Right to erasure and restriction of processing: You may request the deletion of your data under certain conditions or the restriction of its processing.
  • Right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and request its transfer to another controller.
  • Right to lodge a complaint: You may file a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

Provision of the Online Service and Web Hosting

We process users' data to provide our online services. This includes processing the user's IP address, which is necessary to deliver content and functions to the user's browser or device.

  • Types of processed data: Communication and procedural data (e.g., IP addresses, timestamps, log data).
  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

Use of Cookies

Cookies store and retrieve information on users' devices. They serve purposes such as functionality, security, and analysis of visitor flows. We use cookies in compliance with legal requirements, obtaining consent where necessary.

  • Types of cookies: Session cookies (deleted after closing the browser) and permanent cookies (stored longer, up to two years).
  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR) or consent (Art. 6(1)(a) GDPR).

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google Analytics uses cookies to help us analyze how users use our website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

We have activated IP anonymization, which means your IP address will be truncated within member states of the European Union or other parties to the Agreement on the European Economic Area before being transferred to the US.

  • Types of processed data: Usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
  • Purpose of processing: Reach measurement, web analytics, interest-based marketing.
  • Legal basis: Consent (Art. 6(1)(a) GDPR).

Contact and Inquiry Management

When contacting us (e.g., via email or form), we process users' data as necessary to respond to inquiries.

  • Legal basis: Contract fulfillment (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

Newsletter and Electronic Notifications

We send newsletters and notifications with the recipient's consent or based on a legal basis.

  • Right to opt-out: You may unsubscribe at any time using the link in the newsletter.
  • Legal basis: Consent (Art. 6(1)(a) GDPR).

Promotional Communication via Email or Telephone

We process personal data for promotional communication under applicable laws. Recipients have the right to object or withdraw consent at any time.

  • Legal basis: Consent (Art. 6(1)(a) GDPR), legitimate interests (Art. 6(1)(f) GDPR).