Introduction

Your privacy is of great importance to BeeSensible. In this privacy statement, we explain which personal data we collect and use, for what purpose we do this, and what your rights are. We adhere to the General Data Protection Regulation (GDPR) and other relevant privacy legislation.

This privacy statement applies to all processing of personal data for which BeeSensible is the Data Controller. This concerns the data of our website visitors, (potential) customers, and the users of our services.

Important: This statement does not cover the data that you or your organization process via our Application (for example, the content of documents you anonymize). For that data, our Customer is the Data Controller and we are the Processor. The agreements about this are laid down in our Data Processing Agreement (DPA).

Article 1: Who are we?

BeeSensible is the Data Controller for the processing as described in this statement. Our details are:

  • Name: Venturo Media B.V.

  • Address: Spijksedijk 1a, 6917 AD Spijk, The Netherlands

  • Chamber of Commerce number: 72127198

  • VAT number: NL859075330B01

  • Contact: For privacy-related questions, you can contact us via legal@beesensible.eu.

Article 2: What personal data do we process and why?

We process various personal data, depending on how you interact with us. Below we specify per situation which data we collect, for what purpose, on what legal basis, and how long we store it.

2.1 When you visit our website

  • Data: Technical data such as your IP address (anonymized), browser type, operating system, pages visited, and the duration of your visit.

  • Purpose: To ensure the proper functioning of our website and to analyze its use to improve our services and user experience.

  • Legal Basis: Legitimate interest (offering and improving a functional and secure website). We ask for your consent to place non-essential cookies.

  • Retention Period: Analytical data is stored for a maximum of 26 months.

2.2 When you create an Account (free or paid)

  • Data: Name, email address, and an encrypted password, or a unique identifier from a third party (such as Google or Microsoft) with which you log in.

  • Purpose: Creating and managing your Account, granting you access to the Application, sending essential service messages (e.g., about maintenance or security), and providing user support.

  • Legal Basis: Performance of the agreement (the terms of use you accept).

  • Retention Period: As long as your Account is active. After deleting your account, your data will be permanently deleted within a period of 90 days.

2.3 When you (or your organization) enter into a paid Agreement

  • Data: Company name, address details, Chamber of Commerce number, name and email address of the contact person, and payment details (such as the last four digits of your credit card and the expiry date).

  • Purpose: Drawing up and executing the Agreement, invoicing, financial administration, and fraud prevention.

  • Legal Basis: Performance of the agreement and legal obligation (our administrative duty for the Tax and Customs Administration).

  • Retention Period: Invoice and payment data are kept for 7 years, in accordance with the legal retention obligation.

2.4 When you contact us

  • Data: Your name, email address, telephone number (if provided), and the content of your message.

  • Purpose: Answering your question, providing support, or following up on your request.

  • Legal Basis: Performance of the agreement (if you are a customer), your consent (if you fill in a contact form), or legitimate interest (to be able to help you adequately).

  • Retention Period: Correspondence is kept for up to 2 years after the last interaction, unless a legal obligation requires a longer period.

2.5 When you subscribe to our newsletter

  • Data: Email address (and possibly your name).

  • Purpose: To inform you about product updates, news, tips, and offers.

  • Legal Basis: Your explicit consent.

  • Retention Period: As long as you are subscribed. You can easily unsubscribe at any time via the link at the bottom of each newsletter. After unsubscribing, you will be immediately removed from the mailing list.

Article 3: Do we share your data with third parties (sub-processors)?

Yes, we use third parties (sub-processors) to provide our services. We only share your data when strictly necessary and always ensure a (processor) agreement with these parties to guarantee the protection of your data. We will never sell your data to third parties.

Our main categories of sub-processors are:

Sub-processor

Function

Location of Data Processing

Scaleway

Hosting & Infrastructure

EU (France, Poland, Netherlands)

Paddle

Payment Processing

US (GDPR-proof)

Tally

Contact & feedback forms

EU (Belgium)

Google Analytics

Website analysis

US

[Name Email Provider]

Sending emails

[Location]

Article 4: Is your data transferred outside the EU/EEA?

Our principle is to process personal data exclusively within the European Economic Area (EEA). Our hosting takes place in the EU at Scaleway.

In some cases, however, it is necessary to share data with parties outside the EEA, such as our payment provider Paddle in the United States. For such transfers, we always ensure an appropriate level of protection in accordance with the GDPR. We do this by using the Standard Contractual Clauses (SCCs) of the European Commission, supplemented with any additional technical and organizational measures to guarantee the security of your data.

Article 5: How do we secure your data?

We take the protection of your data extremely seriously and take appropriate technical and organizational measures to prevent misuse, loss, unauthorized access, and unauthorized modification. This includes, among other things:

  • Encryption: All data is encrypted both during transport (TLS/SSL) and at rest.

  • Access Control: We apply strict access controls based on the 'least privilege' principle, so that only authorized personnel can access your data.

  • Secure Data Centers: Our infrastructure is hosted in highly secure, certified data centers, such as those of Scaleway with a SecNumCloud certification.

  • Security Audits: We regularly conduct internal and external audits and penetration tests to test and improve our security.

  • Personnel: All our employees are bound by confidentiality obligations and are trained in the importance of data protection.

Article 6: What are your rights?

You have the following rights with regard to the personal data we process from you:

  • Right of access: You can request an overview of the personal data we process from you.

  • Right to rectification: You can ask us to correct incorrect data.

  • Right to erasure: You can ask us to delete your data ("the right to be forgotten").

  • Right to restriction of processing: You can ask us to temporarily stop processing your data.

  • Right to object: You can object to the processing of your data based on legitimate interest.

  • Right to data portability: You can receive your data in a structured, commonly used, and machine-readable format and transfer it to another party.

  • Right to withdraw consent: If processing is based on your consent, you can withdraw it at any time. This is as easy as giving consent.

You can send a request to exercise your rights to legal@beesensible.eu. We will respond to your request within one month. To verify your identity, we may ask you for additional information.

You also have the right to file a complaint with the supervisory authority, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Article 7: Cookies and Tracking Technologies

We use cookies and similar technologies on our website. Cookies are small text files that are stored on your computer or mobile device when you visit our website.

  • Types of Cookies: We use functional cookies (necessary for the site to work), analytical cookies (to measure usage), and marketing cookies (for personalized advertising).

  • Consent: Your consent is not required for placing functional cookies, but we do inform you about them. For all other cookies (analytical and marketing), we ask for your prior and explicit consent via our cookie banner. These cookies are only placed after you have made an active choice.

  • Freedom of Choice: Our cookie banner gives you the option to accept or refuse cookies on an equal level. The option to refuse is not hidden or more difficult to reach. We do not use pre-ticked boxes for non-essential cookies.

  • Withdrawing Consent: You can withdraw your consent at any time just as easily as you gave it. This can be done via the 'Cookie settings' link that is permanently available in the footer of our website.

  • Cookie Statement: For a detailed and up-to-date overview of all cookies we use, their purpose, the provider, and the retention period, we refer you to our Cookie Statement. This is automatically updated after every scan of our website.

Article 8: Changes to this privacy statement

We may change this privacy statement from time to time. Changes will be published on our website. The date at the top of the statement indicates when it was last updated. In the event of significant changes that have a significant impact on your rights or the way we process your data, we will proactively inform you about this, for example via e-mail or a clear notification on our website.