Privacy Policy

Data Controller

slowtravels B.V. is the data controller responsible for your personal data. Our contact information is:

Data Collection

The data we collect includes personal information that you provide to us directly and information that we collect automatically when you use our website or services. This includes:

• Contact Information: Name, email address, phone number, company name, and job title when you contact us or request our services
• Communication Data: Records of our communications with you, including emails, phone calls, and meeting notes
• Website Usage Data: IP address, browser type, pages visited, time spent on pages, and referral sources
• Technical Data: Device information, operating system, and browser settings
• Marketing Data: Your preferences for receiving marketing communications and your communication history with us

How We Use Your Information

We explain how we use your information for various purposes related to our business operations and service delivery. The use of your data is based on the following legal bases under GDPR:

• Contract Performance: To provide consulting services, respond to your inquiries, and fulfill our contractual obligations
• Legitimate Interests: To improve our services, conduct business analysis, and maintain our website security
• Consent: To send you marketing communications (where required) and use cookies for analytics
• Legal Compliance: To comply with legal obligations, such as tax and accounting requirements

Legal Basis for Processing

Under the GDPR, we process your personal data based on one or more of the following legal bases: your consent, performance of a contract, compliance with legal obligations, protection of vital interests, performance of tasks in the public interest, or our legitimate business interests. We will always ensure that our processing is fair, lawful, and transparent.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our business
• Legal Requirements: When required by law, court order, or legal process
• Business Transfers: In connection with any merger, acquisition, or sale of assets
• Protection: To protect our rights, property, or safety, or that of others

Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Generally, we retain contact information for active clients throughout the business relationship and for up to 7 years after the relationship ends for legal and accounting purposes. Website analytics data is typically retained for 26 months, and marketing data is retained until you opt out of communications.

Your Rights

Under the GDPR and other applicable privacy laws, you have the following rights regarding your personal data:

• Right of Access: Request access to your personal data and information about how we process it
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data under certain circumstances
• Right to Restrict Processing: Request limitation of processing in certain situations
• Right to Data Portability: Request transfer of your data to another organization
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing based on consent

International Data Transfers

Your personal data is primarily processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or certification schemes approved by the European Commission.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, access controls, regular security assessments, and staff training on data protection principles.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this privacy policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us using the information below:

Supervisory Authority

If you believe that our processing of your personal data violates applicable privacy laws, you have the right to lodge a complaint with the relevant supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority). You can find more information at autoriteitpersoonsgegevens.nl.