Privacy Policy – InCheck 360

Effective Date: August 8, 2025

InCheck 360 Holding B.V. (“InCheck 360”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you use our websites, SaaS applications, or related services (“Services”).

This policy is drafted in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Dutch GDPR Implementation Act (UAVG), and other applicable laws.

1. Scope

This Privacy Policy applies to:

  • All users, customers, and visitors of our Services.
  • Any personal data processed by InCheck 360, whether provided by you directly, collected automatically, or obtained from third parties.

It does not apply to third-party websites, services, or applications that may be linked from our Services.

2. Data We Collect

2.1 Information You Provide Directly

We may collect the following personal data when you:
  • Register an account – Name, company name, email address, phone number, password, job title.
  • Subscribe or pay for services – Billing address, payment method, VAT number.
  • Contact customer support – Name, email, phone number, and content of your inquiry.
  • Submit feedback or forms – Any personal data you voluntarily provide.

2.2 Information Collected Automatically

When you use our Services, we may automatically collect:
  • IP address and device identifiers.
  • Browser type, operating system, and version.
  • Log files, usage statistics, and navigation paths within our Services.
  • Time zone, language settings, and session duration.

2.3 Information from Third Parties

We may receive personal data from:
  • Business partners or resellers.
  • Payment processors.
  • Publicly available sources (e.g., business directories).

3. Purposes and Legal Bases for Processing

We process personal data only where a lawful basis applies under Article 6 GDPR:

1.Account creation
Purpose: Account creation and service delivery Examples: Providing login access, enabling module features Legal Basis: Contract performance (Art. 6(1)(b))
Billing and payment
Purpose: Billing and payment Examples: Processing invoices, handling VAT compliance Legal Basis: Legal obligation (Art. 6(1)(c)) & Contract performance
2.Customer support
Purpose: Customer support Examples: Responding to inquiries and troubleshooting Legal Basis: Legitimate interest (Art. 6(1)(f))
3.Service improvement
Purpose: Service improvement Examples: Analytics, bug detection, usability testing Legal Basis: Legitimate interest
4.Marketing and communication
Purpose: Marketing and communication Examples: Product updates, offers (opt-in required) Legal Basis: Consent (Art. 6(1)(a))
5.Legal compliance
Purpose: Legal compliance Examples: Complying with tax, audit, and court requests Legal Basis: Legal obligation

4. Cookies and Tracking Technologies

4.1 Cookies

We use cookies and similar technologies to:
  • Enable essential functions (authentication, session management).
  • Collect analytics to improve performance.
  • Store user preferences.

4.2 Third-Party Tools

We may use Google Analytics or equivalent tools. Data is anonymized where possible.

4.3 Cookie Consent

When required by law, we will request your consent before placing non-essential cookies.

5. Data Sharing and Transfers

We do not sell personal data. However, we may share data with:

  • Service providers – Cloud hosting, analytics, payment processors.
  • Business partners – Resellers or integration partners with your consent.
  • Legal authorities – When required by law or legal process.

If data is transferred outside the European Economic Area (EEA), we ensure adequate safeguards such as Standard Contractual Clauses or adequacy decisions under GDPR.

6. Data Retention

We retain personal data only as long as necessary for the purposes stated in this policy or as required by law:

  • Account and billing data – 7 years (Dutch tax law requirement).
  • Support communications – 2 years after resolution.
  • Marketing data – Until you withdraw consent.

After the retention period, data is securely deleted or anonymized.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS/SSL) and at rest.
  • Role-based access controls.
  • Regular security audits and penetration tests.
  • Backup and disaster recovery procedures.

8. Your Rights under GDPR

As a data subject, you have the right to:

  • Access – Request a copy of your personal data.
  • Rectification – Correct inaccurate or incomplete data.
  • Erasure (“Right to be Forgotten”) – Request deletion where applicable.
  • Restriction – Limit processing in certain situations.
  • Portability – Receive your data in a machine-readable format.
  • Objection – Object to processing based on legitimate interests or direct marketing.
  • Withdraw Consent – At any time, for processing based on consent.

To exercise your rights, contact privacy@incheck360.nl. We will respond within 30 days as required by law.

9. Children’s Privacy

Our Services are not intended for individuals under 18. We do not knowingly collect personal data from minors. If we become aware of such collection, we will delete the data promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website with the “Effective Date” updated. Significant changes will be communicated by email or in-app notification.

11. Contact Information

For questions or concerns about this Privacy Policy or our data handling practices, contact:

InCheck 360 Holding B.V.
Enschede, Netherlands
Email: info@incheck360.nl

You also have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) if you believe your data protection rights have been violated.