Privacy Policy

Last updated: December 2024

1. Introduction

brightpathes B.V. ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and protect your information when you visit our website or use our services. This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union.

2. Data Controller

brightpathes B.V. is the data controller for the personal data we collect and process. Our contact details are:

brightpathes B.V.
Kerkstraat 180
1392 ED Almere
Flevoland, Netherlands
Email: privacy@brightpathes.pro
Phone: +31 10 792 7278
KvK: 53827419 | VAT: NL879306415B01

3. Data Collection

The data we collect includes personal information that you provide to us directly and information that we collect automatically when you use our website and services. We collect the following types of personal data:

  • Contact Information: Name, email address, phone number, company name, and job title
  • Communication Data: Messages, enquiries, and correspondence you send to us
  • Technical Data: IP address, browser type, device information, and website usage data
  • Marketing Data: Your preferences for receiving marketing communications
  • Project Data: Information related to projects and services we provide to you

4. How We Use Your Information

We explain how we use your information for various purposes based on legal grounds under GDPR. The use of your data includes:

  • Service Provision: To provide our IT services and support
  • Communication: To respond to your enquiries and provide customer support
  • Business Operations: To manage our business relationship with you
  • Legal Compliance: To comply with legal obligations and regulations
  • Marketing: To send you relevant information about our services (with your consent)
  • Website Improvement: To analyse website usage and improve user experience

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary for performing our services
  • Legitimate Interest: For business operations and website analytics
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: For compliance with legal requirements

6. Data Sharing

We do not sell your personal data. We may share your information with:

  • Service Providers: Third-party vendors who assist with our business operations
  • Legal Authorities: When required by law or to protect our legal rights
  • Business Partners: With your explicit consent for specific purposes

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Our retention periods are:

  • Contact enquiries: 3 years from last contact
  • Client data: 7 years after contract termination (for legal compliance)
  • Marketing data: Until you withdraw consent or 3 years of inactivity
  • Website analytics: 26 months

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

10. International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

11. Cookies

Our website uses cookies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please see our Cookie Policy.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "last updated" date.

14. Contact Us

If you have questions about this privacy policy or wish to exercise your rights, please contact us:

Data Protection Officer
Email: privacy@brightpathes.pro
Phone: +31 10 792 7278
Address: brightpathes B.V., Kerkstraat 180, 1392 ED Almere, Netherlands

15. Supervisory Authority

If you believe we have not handled your personal data in accordance with this policy or applicable law, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.

Need Help?

If you have any questions about how we handle your personal data or wish to exercise any of your rights, please don't hesitate to contact us at privacy@brightpathes.pro or call +31 10 792 7278.