Privacy policy

Controller

Data controller: Vectel BV, Gildetrom 23a, 3905TB Veenendaal, NL.

KvK number: available on request via info@vectel.nl. VAT (BTW) number: available on request via info@vectel.nl. Contact for privacy questions: info@vectel.nl.

Data we collect

Through the contact form: name, email address, the topic you select, and the message you write. We also store technical data to prevent abuse: a hashed version of your IP address and your browser user-agent.

Through our scan tools and support AI: your company name, email address, and the text or answers you enter. For the domain scan, also the domain name you submit. This input is forwarded to our AI provider for analysis (see Sharing with third parties).

Through our analytics providers: Vercel Analytics + Speed Insights deliver aggregated, cookieless usage statistics with no personal identifiers. In addition, Google Analytics 4 may be loaded if you accept the cookie banner; it does set cookies and sends anonymised data to Google. We do not load Google Analytics if you decline.

During service delivery (Managed IT, Development, Automation): the data your engagement requires us to handle on your behalf, governed by a separate Data Processing Agreement.

Why we process it

Contact-form data is processed to respond to your request and to keep an internal record of the conversation. Legal basis: Article 6(1)(b) GDPR (steps prior to entering into a contract) or 6(1)(f) GDPR (legitimate interest in operating our business).

Analytics data is processed to understand which pages visitors find useful. Legal basis: 6(1)(f) GDPR (legitimate interest), with no cookies set.

Retention

Contact-form messages are retained for up to 24 months after the last interaction, then archived or deleted. Scan and support leads are retained for up to 24 months unless you request earlier deletion. Active client records follow the retention requirements of Dutch tax and commercial law (typically 7 years for invoices and contracts).

Sharing with third parties

We use the following sub-processors:

- Vercel (USA), website hosting + edge analytics. Data is processed under a Data Processing Agreement and Standard Contractual Clauses. - Neon (USA/EU), database hosting (EU region selected where available). - Anthropic (USA), AI model provider for the scan and support tools and the chatbot. Processed under Standard Contractual Clauses or the EU-US Data Privacy Framework. - Google (Gemini, USA) and OpenAI (USA), additional AI model providers we may engage per engagement or per scan alongside Anthropic. Same transfer basis. - Sentry (USA), error monitoring. Receives error events, request paths and stack traces; configured to drop user PII. - Google Analytics 4 (Google, USA), visitor statistics. Loaded only if you accept the cookie banner; when declined we do not load it and no data goes to Google. - Our SMTP provider, for sending and receiving email related to your enquiry.

Free-text content you submit through scan or support forms, and the messages you send to our chatbot, are forwarded to the above AI providers for analysis. Please avoid pasting personal data of your customers or employees in those fields.

We do not sell personal data and we do not share it with advertisers.

Your rights

Under the GDPR you have the right to access, rectify, delete, restrict, object to, and port your personal data, and to withdraw consent where processing is based on it. Email info@vectel.nl to exercise any of these rights.

If you believe we are mishandling your data you can lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl).

Security

Data is transmitted over TLS, encrypted at rest by our hosting providers, and access-controlled. We do not retain payment-card data; payments are handled by our payment provider directly.

Changes to this policy

Material changes are announced on this page. The "Last updated" date at the top reflects the most recent change.