Skip to content
LEGAL

Privacy Policy

Last updated: [PLACEHOLDER — insert date]

This privacy policy is a template for a GDPR-compliant Netherlands-based IT consulting business. It must be reviewed by a qualified legal professional before publication.

Data Controller

Who is responsible for your data

G3 Prime Consulting is the data controller responsible for your personal data as described in this privacy policy.

  • Company name: G3 Prime Consulting
  • KvK number: [PLACEHOLDER — insert KvK number]
  • Registered address: [PLACEHOLDER — insert registered business address], The Netherlands
  • Email: new@g3prime.com
  • Data Protection Officer: [PLACEHOLDER — insert DPO email address]

If you have any questions about this privacy policy or how we handle your personal data, you can contact us using the details above.

What Personal Data We Collect

Categories of data we process

We collect and process the following categories of personal data:

  • Contact form submissions: Your name, email address, company name (if provided), and the content of your message.
  • Booking information: Your name, email address, and scheduling preferences when you book a meeting through our integrated calendar system (Cal.com).
  • Website analytics: Anonymized usage data including pages visited, referral source, device type, and approximate geographic region. We use Vercel Analytics, which does not use cookies or track individual users across sites.
  • Email correspondence: Your name, email address, and the content of any emails you send to us directly.
  • Client engagement data: For active clients, we may process names, email addresses, job titles, and project-related information as necessary to deliver our consulting services.

We do not collect sensitive personal data (special category data) through our website.

Legal Basis for Processing

Why we're allowed to process your data

Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:

  • Consent (Article 6(1)(a)): When you submit our contact form or book a meeting, you consent to us processing your data for the purpose of responding to your inquiry.
  • Legitimate interest (Article 6(1)(f)): We process anonymized analytics data to improve our website and understand how visitors use our services.
  • Contractual necessity (Article 6(1)(b)): For active clients, we process personal data as necessary to perform our consulting services under the terms of our engagement agreement.
  • Legal obligation (Article 6(1)(c)): We may retain certain records as required by Dutch tax law and commercial law.

How We Use Your Data

Purposes of data processing

We use your personal data for the following purposes:

  • To respond to inquiries submitted through our contact form or email
  • To schedule and manage meetings booked through our calendar system
  • To deliver consulting services to our clients
  • To improve our website and understand how visitors interact with our content
  • To comply with legal and regulatory obligations
  • To send you information about our services, only if you have explicitly requested it

We do not use your personal data for automated decision-making or profiling.

Data Sharing and Third Parties

Who we share your data with

We share your personal data with the following categories of third parties, solely for the purposes described in this policy:

  • Resend (email delivery): When you submit our contact form, your name, email address, and message content are transmitted through Resend's email delivery service.
  • Cal.com (scheduling): When you book a meeting, your name, email, and scheduling data are processed by Cal.com.
  • Vercel (hosting and analytics): Our website is hosted on Vercel's infrastructure. Vercel Analytics collects anonymized usage data.
  • Professional advisors: We may share personal data with our legal, tax, and accounting advisors as necessary for compliance with Dutch law.

We do not sell, rent, or trade your personal data to any third party.

International Data Transfers

Cross-border data protection

Some of our third-party service providers process data in the United States. Where personal data is transferred outside the European Economic Area (EEA), we ensure that adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • The service provider's participation in recognized data protection frameworks
  • Our assessment that the transfer does not undermine the level of protection guaranteed by the GDPR

If you would like more information, please contact us at [PLACEHOLDER — insert DPO email address].

Data Retention

How long we keep your data

We retain your personal data only for as long as necessary:

  • Contact form submissions: 12 months from last interaction, then permanently deleted.
  • Booking data: 12 months after the scheduled meeting, then permanently deleted.
  • Website analytics: Anonymized and aggregated data retained indefinitely. No individual-level data is stored.
  • Client engagement data: Duration of the engagement plus 7 years, as required by Dutch commercial and tax law.
  • Email correspondence: 24 months from the last email, unless related to an active client engagement.

Your Rights Under GDPR

What you can ask us to do

Under the GDPR, you have the following rights:

  • Right of access (Article 15): Request a copy of the personal data we hold about you.
  • Right to rectification (Article 16): Request correction of inaccurate or incomplete data.
  • Right to erasure (Article 17): Request deletion of your personal data, subject to legal retention obligations.
  • Right to restrict processing (Article 18): Request restriction of processing in certain circumstances.
  • Right to data portability (Article 20): Receive your data in a structured, commonly used, machine-readable format.
  • Right to object (Article 21): Object to processing based on legitimate interest.
  • Right to withdraw consent: Withdraw consent at any time without affecting prior processing.

To exercise any of these rights, contact us at [PLACEHOLDER — insert DPO email address]. We will respond within one month.

Cookies and Tracking

How we use cookies and analytics

Our website does not use cookies for tracking or advertising purposes.

We use Vercel Analytics, a privacy-focused analytics service that does not use cookies, does not track users across websites, and does not collect personally identifiable information.

Our scheduling integration (Cal.com) may set functional cookies necessary for the booking process. These are strictly necessary and do not require consent under the ePrivacy Directive.

We do not use Google Analytics, Facebook Pixel, or any other third-party tracking technologies.

Changes to This Policy

How we handle updates

We may update this privacy policy from time to time to reflect changes in our practices, service providers, or applicable law. When we make material changes, we will update the “Last updated” date at the top of this page.

Continued use of our website after changes are posted constitutes your acknowledgment of the updated policy.

Complaints and Supervisory Authority

How to file a complaint

If you believe that we have not handled your personal data in accordance with the GDPR, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

  • Website: autoriteitpersoonsgegevens.nl
  • Phone: +31 (0)70 888 8500
  • Postal address: Autoriteit Persoonsgegevens, Postbus 93374, 2509 AJ Den Haag, The Netherlands

We would appreciate the opportunity to address your concerns first. Please reach out to us at [PLACEHOLDER — insert DPO email address].