Privacy Policy

Introduction

CrimsonVertex B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website, use our services, or interact with us.

As a company based in the Netherlands and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Information

CrimsonVertex B.V. is the data controller for the personal data we collect and process. Our contact details are:

Data We Collect

We collect various types of personal data when you interact with our website and services. The data collection includes information you provide directly to us and information we collect automatically through your use of our website.

Information You Provide to Us

• Contact information (name, email address, phone number)
• Communication preferences and enquiry details
• Information provided through contact forms or email communications
• Any other information you choose to provide when contacting us

Information We Collect Automatically

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referral sources and website navigation patterns
• Cookie data and similar tracking technologies

How We Use Your Information

We use of your data is based on legitimate legal grounds under GDPR. How we use your information depends on how you interact with our website and services:

Legal Basis for Processing

• Legitimate Interest: To operate our website, improve our services, and communicate with you about our business
• Consent: For marketing communications and non-essential cookies
• Contract Performance: To provide services you have requested
• Legal Obligation: To comply with applicable laws and regulations

Specific Uses

• Responding to your enquiries and providing customer support
• Improving our website functionality and user experience
• Analysing website traffic and user behaviour
• Sending relevant information about our services (with your consent)
• Complying with legal and regulatory requirements

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party providers who help us operate our website and services (e.g., hosting providers, analytics services)
• Legal Requirements: When required by law or to protect our legal rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: When you have given explicit consent for specific sharing

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests. Our data retention policies include:

• Contact Information: Retained for 3 years after last contact or until you request deletion
• Website Analytics: Aggregated data retained for up to 26 months
• Marketing Data: Retained until you withdraw consent or opt out
• Legal Compliance: Retained as required by applicable laws and regulations

Your Rights

Under GDPR, you have several rights regarding your personal data. These rights include the ability to control how your personal information is processed and used:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another organisation
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing where applicable

To exercise any of these rights, please contact us using the contact information provided below.

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard contractual clauses approved by the European Commission
• Binding corporate rules or certification schemes

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Incident response procedures

Children's Privacy

Our website and services are not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable laws.