Legal
Privacy Policy
Last updated: 1 January 2025 · Verulon B.V.
Verulon B.V. (‘Verulon’, ‘we’, ‘us’) respects your privacy and handles your personal data with care. This privacy policy explains which data we collect, for what purpose, and what rights you have.
1. Controller
Verulon B.V., registered with the Chamber of Commerce (KvK) in Rotterdam, acts as controller within the meaning of the General Data Protection Regulation (GDPR). Contact: privacy@verulon.nl
2. Data we collect
We process the following personal data:
- Contact data: name, email address, telephone number and company name when you complete a contact form or schedule an intake call.
- Usage data: IP address, browser type, pages visited and session duration via analytical cookies (only with consent).
- Communication data: content of emails and messages sent to us.
3. Purpose and legal basis
| Purpose | Legal basis |
|---|---|
| Responding to enquiries and intake calls | Legitimate interest / consent |
| Delivering services and fulfilment of contracts | Contract performance |
| Sending newsletters | Consent |
| Analytical website measurement | Consent (cookie banner) |
| Legal obligations (e.g. invoicing) | Legal obligation |
4. Retention periods
We retain personal data no longer than necessary:
- Contact data: 2 years after the last contact moment
- Contract data: 7 years (statutory retention obligation)
- Cookie data: 13 months
- Newsletter subscriptions: until unsubscription
5. Third parties
We do not sell your personal data to third parties. We may share data with:
- Processors: IT suppliers and software tools that process data on our behalf, under a data processing agreement.
- Legal obligations: Government authorities when required by law.
All processors are contractually obliged to handle data confidentially and in accordance with the GDPR.
6. Your rights
Under the GDPR you have the following rights:
- Right of access — you may request an overview of the data we hold on you
- Right to rectification — you may have incorrect data corrected
- Right to erasure — you may request deletion of your data (‘right to be forgotten’)
- Right to restriction — you may limit the processing of your data
- Right to data portability — you may request your data in a machine-readable format
- Right to object — you may object to processing based on legitimate interest
To exercise your rights, contact us at privacy@verulon.nl. We will respond within 30 days. If you are dissatisfied with our response, you can file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, ap.nl).
7. Security
Verulon applies technical and organisational measures to protect your personal data, including:
- Encrypted data transport (TLS 1.3)
- Access control and multi-factor authentication
- Regular security audits
- Physical security of data centres (ISO 27001)
- Encrypted storage with customer-managed keys
8. Changes
This privacy policy may be updated. The current version with date is always available on this page. For significant changes we will notify you via email where possible.
Questions about your privacy?
Contact us at privacy@verulon.nl — we will respond within 2 business days.
Contact