Privacy Policy

Introduction

OpenTerrium B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you visit our website or use our services. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This policy applies to all personal data we process about you, whether collected through our website, email communications, phone calls, or other interactions with OpenTerrium.

Data We Collect

The data we collect depends on how you interact with our services. We collect and process the following types of personal information:

Information You Provide Directly

• Contact details (name, email address, phone number, postal address)
• Business information (company name, job title, industry)
• Communication preferences and enquiry details
• Payment and billing information when you use our services
• Any other information you choose to provide in forms or communications

Information We Collect Automatically

• Device and browser information (IP address, browser type, operating system)
• Website usage data (pages visited, time spent, click patterns)
• Cookies and similar tracking technologies (see our Cookie Policy)
• Location data (general geographic location based on IP address)

How We Use Your Information

We process your personal data for specific, legitimate purposes. Here's how we use your information and the legal basis for each use:

Service Provision (Legal Basis: Contract Performance)

• Providing our online retail services and customer support
• Processing orders, payments, and managing your account
• Communicating about your orders, services, and account
• Delivering products and services you have requested

Business Operations (Legal Basis: Legitimate Interest)

• Improving our website, services, and customer experience
• Conducting business analysis and market research
• Preventing fraud and ensuring security
• Managing our business operations and administration

Marketing and Communications (Legal Basis: Consent or Legitimate Interest)

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, their purposes, and how to control them, please see our Cookie Policy.

Data Sharing and Third Parties

We do not sell your personal data. We may share your information with trusted third parties in the following circumstances:

• Service Providers: Companies that help us deliver our services (payment processors, hosting providers, analytics services)
• Business Partners: When necessary to fulfill services you have requested
• Legal Requirements: When required by law, regulation, or legal process
• Business Transfers: In connection with mergers, acquisitions, or asset sales

All third parties are required to maintain appropriate security measures and use your data only for the specified purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Our data retention periods are based on:

• Customer Data: Retained while you remain a customer and for 7 years after the relationship ends for legal and accounting purposes
• Marketing Data: Retained until you withdraw consent or for 3 years from last interaction
• Website Analytics: Typically retained for 26 months in Google Analytics
• Legal Requirements: Some data may be retained longer to comply with legal obligations

Your Rights

Under the GDPR and other applicable data protection laws, you have several rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the contact information provided below. We will respond to your request within one month.

International Data Transfers

As an EU-based company, we primarily process data within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules or certification schemes

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure hosting and backup procedures

While we strive to protect your data, no method of transmission over the internet is 100% secure. We encourage you to take steps to protect your own data, such as using strong passwords.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected information from a child under 16, please contact us immediately so we can delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please reach out to us:

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data appropriately.