Privacy Policy

1. Data Controller

virox B.V. is the data controller responsible for your personal data. Our company is registered in the Netherlands under registration number 81490657, with VAT number NL879540362B01. Our registered office is located at Molenweg 141, 4819 UA Breda, North Brabant, Netherlands.

2. Data Collection

The data we collect includes personal information that you voluntarily provide to us when using our website, contacting us, or engaging our services. This may include:

• Contact information (name, email address, phone number, company name)
• Technical information (IP address, browser type, operating system)
• Website usage data (pages visited, time spent, referring websites)
• Communication records (emails, chat messages, support tickets)
• Project-related information when you engage our services
• Cookies and similar tracking technologies (see our Cookie Policy for details)

3. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal bases:

• Consent: When you provide explicit consent for marketing communications or cookies
• Contract: When processing is necessary for the performance of a contract with you
• Legitimate Interests: For website analytics, security, and business development
• Legal Obligation: When required by law, such as tax and accounting requirements

4. How We Use Your Information

We explain how we use your information for various purposes to provide and improve our services. The use of your data includes:

• Providing and delivering our software development services
• Responding to your inquiries and providing customer support
• Processing payments and managing client relationships
• Improving our website functionality and user experience
• Sending service-related notifications and updates
• Marketing communications (only with your consent)
• Complying with legal and regulatory requirements
• Protecting against fraud and ensuring website security

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following circumstances:

• With trusted service providers who assist in our business operations (hosting, analytics, payment processing)
• When required by law or to comply with legal processes
• To protect our rights, property, or safety, or that of our users
• In connection with a business transfer or merger (with appropriate safeguards)

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this privacy policy. Specific retention periods include:

• Contact form submissions: 3 years from last contact
• Client project data: 7 years after project completion (for legal and tax purposes)
• Website analytics data: 26 months
• Marketing consent records: Until consent is withdrawn plus 3 years
• Financial records: 7 years as required by Dutch law

7. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data we hold
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data (subject to legal obligations)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

8. International Data Transfers

As a company based in the Netherlands, we primarily process data within the European Economic Area (EEA). When we do transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses approved by the European Commission
• Certification schemes and codes of conduct

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• SSL encryption for data transmission
• Secure hosting with regular security updates
• Access controls and authentication procedures
• Regular security assessments and monitoring
• Staff training on data protection principles

10. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website traffic. For detailed information about our use of cookies, including types of cookies, purposes, and how to manage your preferences, please refer to our Cookie Policy.

11. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

12. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Information

If you have any questions about this privacy policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

14. Supervisory Authority

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):