Who this policy applies to: This Privacy Policy describes how Arex Gilman ("I", "me", "my"), based at Boezemlaan 30, 3034 EM Rotterdam, Netherlands, collects and processes personal data from visitors to this website in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).
1. Controller Details
The data controller for this website is:
Arex Gilman
Boezemlaan 30
3034 EM Rotterdam
Netherlands
Contact for privacy matters: use the contact form on the main website.
2. What Personal Data I Collect
I collect only the personal data you actively provide through the contact form on this website. This includes:
- Your first and last name
- Your email address
- The content of your message
- Your service preference (selected from the dropdown)
- The date and time of submission
I do not use tracking cookies, third-party analytics, advertising scripts, or any passive data collection technology beyond what is technically necessary to display the website.
3. Legal Basis for Processing (GDPR Article 6)
I process your personal data on the following legal bases as set out in Article 6 of the GDPR:
- Article 6(1)(a) — Consent: You provide your data voluntarily via the contact form and explicitly tick the GDPR consent checkbox before submitting. You may withdraw your consent at any time by contacting me directly.
- Article 6(1)(b) — Performance of a contract: Where you enquire about or purchase one of my services, processing is necessary to respond to and fulfil your request.
- Article 6(1)(f) — Legitimate interests: I retain contact correspondence for the purpose of managing ongoing communication and service delivery.
4. How I Use Your Data
I use the personal data you provide exclusively to:
- Respond to your enquiry or message
- Deliver any service you have requested or purchased
- Maintain a record of correspondence relevant to a service engagement
I do not use your data for marketing, profiling, automated decision-making, or any purpose other than those listed above.
5. Data Sharing
I do not sell, rent, or share your personal data with any third parties for commercial purposes. Your data may only be disclosed to third parties where:
- I am legally required to do so by a competent authority under Dutch or EU law
- You have given explicit consent for a specific sharing purpose
6. Data Retention
I retain your personal data for as long as is necessary to fulfil the purpose for which it was collected. Contact enquiries are retained for a maximum of 24 months from the date of last correspondence unless a longer retention period is required by applicable law or ongoing service provision.
7. Your Rights Under the GDPR
As a data subject under the GDPR, you have the following rights with respect to your personal data:
- Right of access (Article 15): You may request a copy of the personal data I hold about you.
- Right to rectification (Article 16): You may request that inaccurate or incomplete data be corrected.
- Right to erasure (Article 17): You may request that your data be deleted, subject to applicable legal obligations.
- Right to restriction of processing (Article 18): You may request that I limit how I process your data in certain circumstances.
- Right to data portability (Article 20): You may request your data in a structured, commonly used, machine-readable format.
- Right to object (Article 21): You may object to processing based on legitimate interests.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact me via the contact form on the main website. I will respond within one month of receiving your request.
8. Supervisory Authority
If you believe your data has been processed unlawfully or that your rights have not been respected, you have the right to lodge a complaint with the Dutch data protection supervisory authority:
Autoriteit Persoonsgegevens (AP)
Bezuidenhoutseweg 30
2594 AV The Hague
Netherlands
Website: www.autoriteitpersoonsgegevens.nl
9. Security
I take reasonable technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. However, no transmission of data over the internet can be guaranteed to be completely secure.
10. Changes to This Policy
I may update this Privacy Policy from time to time. The date at the top of this page indicates when the policy was last revised. I encourage you to review this page periodically.
11. Contact
For any questions about this Privacy Policy or about how your personal data is handled, please use the contact form at arexgilman.nl.