Privacy Policy
1. Who we are
In2ITSolutions
Dierenriem 124
1033 AJ Amsterdam
The Netherlands
CoC: 60917504
VAT: NL001677784B07
2. Who this policy applies to
This policy applies to visitors of our website, contact persons at (prospective) business customers and suppliers, attendees of (online) events/webinars, and recipients of our newletter.
3. What personal data we process
Depending on our relationship with us and how you interact, we may process the following categories of data:
- Identification & contact:
First and last name, jobtitle, business emailaddress, phone number, organisation/department. - Commercial:
quotation and contract details, correspondence, meeting notes. - Support & Project:
Incident details, configuration information, log files (where needed for support) - Website usage
ip address (anonymized where possible), device and browser info, pages visited, click behaviour, cookies/IDs. - Newsletter:
name, email, opt-in confirmation, interactions (open/clicks) - Billing:
payment references, invoicing Details (incl. legally required data).
We collect data directly from you (e.g via forms, email, phone) and indirectly via your employer/colleagues, our systems (logging), and, where permitted, via business platforms (e.g LinkedIn) for lead follow-up
We do not intent to collect data from children under 16.
Purpose and legal bases (GDPR)
| Purpose | Examples | Legal bases (GDPR) |
|---|---|---|
| Website & forms | contact, demo/request, call-back | Legitimate interests (Art. 6(1)(f)) or performance of a contract (Art. 6(1)(b)) |
| Sales & contracting | Quotations, signatures, onboarding | Performance of a contract (Art. 6(1)(b)) |
| Delivery & support | Project execution, incident handling, monitoring | Performance of a contract (Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)) |
| Newsletter/marketing | Email campaigns and events | Consent (Art. 6(1)(a)); unsubscribe any time |
| Security & improvement | Security, logging, fraud/misuse prevention, analytics | Legitimate interests (Art. 6(1)(f)) |
| Legal obligations | Fiscal retention, compliance | Legal obligation (Art. 6(1)(c)) |
On behalf of customers (role: processor)
During migrations, management and support, we may process personal data on behalf of our customers. In that case, we act as Processor and the customer is the Controller. We then enter into a Data Processing Agreement (DPA) covering security, sub-processors, breach reporting and deletion.
5. Cookies and similar technologies
We use functional and (limited) analytics cookies to operate and improve our site. For marketing/profiling cookies we request your consent. Details are providind in our Cookie Policiy and in the cookie banner (where you can change your preferences).
6. Recipients and (sub)processors
We share your data, where necessary, with trusted parties who help us deliver our services, such as:
- Hosting and cloud (e.g. IaaS/PaaS/SaaS providers)
- Email/newsletter and CRM
- Collaboration & support tools (ticketing, teleconferencing)
- Professional advisers (legal/financial) and payment processors (where applicable)
We conclude DPAs with processors. They may only process you data according to our instructions and under appropriate security measures.
7. International data transfers
If data is transferred to countries outside the Europian Economic Area (EEA), we ensure appropriate safeguards such as EU Standard Contractual Clauses (SCC’s) and, where necessary, suplementary measures. You can request a copy of the relevant safeguards via privacy@in2it.solutions
8. Security
We implement appropriate technical and organisational measures, including least priviledge access, encryption in transit and at rest(where possible), logging/monitoring, backups, patch management, and periodic audits. Acces to personal data is restricted to authorised personel under a duty of confidentiality.
9. Retention periods
we do not retain personal data longer then necessary for the purpose for which it was collected or as long as required by law. Indicative periods:
- Leads and quotationsdata: 24 months after last contact
- contract and project files: 7 years after project end (fiscal retention whrelevant).
- support logs: 90 days by default, unless longer is needed for incident handling or compliance.
- Newsletter data: unitl withdrawal of consent or 24 month of inactivity.
- Security logs: 6-12 months, depending on necesssity and proportionality
10. Your rights
Ubder the GDPR you have the following rights:
- Access to your data
- Rectification (correction)
- Erasure (‘right to be forgotten)
- restriction of processing
- Portability (data portability)
- Objection to processing based on legitimate interest or to direct marketing
- Withdrawal of consent (where processing is based on content)
You can submit your request to privacy@ in2it.solutions. We generally respond within one month. If you disagree with our responce, you can lodge a compliant wit the Dutch Data Protection Authoriy (Autoriteit Persoonsgegevens): https://autoriteitpersoonsgegevens.nl
11. Automated decision-making
We do not make decisions based solely on automated processing that produce legal effect concerning you or similarly significantly affect you.
12. Changes
we may ammend this privacy Policy. The most recent version is always available at https://in2it.solutions/privacy. where changes are material, we will inform you where appropriate
13. Contact
Questions or request?
Email: privacy@in2it.solutions
Post: In2ITSolutions
Dierenriem 124
1033 AJ Amsterdam
