Privacy Policy

Last updated: March 2026

Aifact ('we', 'us', 'our'), registered at the Dutch Chamber of Commerce, respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit aifact.eu or use our services.

1. Data controller

Aifact is the data controller responsible for your personal data. If you have questions about this policy or your data, contact us at [email protected].

2. What data we collect

We may collect the following personal data:

  • Name, email address, phone number, and company name (via contact forms and the AI scan)
  • Technical data such as IP address, browser type, and device information
  • Usage data including pages visited, time spent, and referral source
  • Cookie data and preferences

3. How we use your data

We process your personal data for the following purposes:

  • To respond to your inquiries and provide requested services
  • To generate your AI scan report
  • To send relevant follow-up communication (only with your consent)
  • To improve our website and services
  • To comply with legal obligations

4. Legal basis

We process personal data based on: your consent (e.g., contact form submissions), the performance of a contract (e.g., service delivery), legitimate interests (e.g., website improvement and security), and legal obligations (e.g., tax and accounting requirements).

5. Data sharing

We do not sell your personal data. We may share data with trusted service providers who assist in operating our website and delivering services, including email providers (Resend), hosting providers, and analytics tools. All third parties are contractually obligated to protect your data and process it only on our instructions.

6. Data retention

We retain personal data only as long as necessary for the purposes described above. Contact form submissions and AI scan data are retained for a maximum of 2 years. Financial records are retained for 7 years as required by Dutch law.

7. Data security

We implement appropriate technical and organizational measures to protect your personal data, including encrypted connections (HTTPS/TLS), access controls, regular security assessments, and data processing within the European Union.

8. Your rights

Under GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, email [email protected]. We will respond within 30 days. You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

9. International transfers

Your data is primarily processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure adequate protection through Standard Contractual Clauses or equivalent safeguards.

10. Changes to this policy

We may update this privacy policy from time to time. Changes will be published on this page with an updated revision date. We encourage you to review this policy periodically.

Privacy Policy | Aifact