Privacy Policy
Version: 2.0 Date: July 4, 2025
1. Who are we and what is this policy for?
We are Kwartiermakers. We advise organizations on the future of technology and build its implementation. Innovation is in our DNA. This also means that we actively use the technologies we advise on, such as Artificial Intelligence (AI), to improve our services and explore new possibilities.
This policy has been drawn up to give you full transparent insight into how we handle personal data. We do not see data protection as a limitation, but as a condition for sustainable and responsible innovation.
Kwartiermakers is the data controller for the processing of personal data as described in this policy. You can reach us via info@kwartiermakers.nl.
2. What personal data do we process?
We process different categories of personal data, depending on your relationship with us:
Contact and identification data: Name, email address, telephone number, position, company name of (potential) customers, partners and applicants.
Project and content data: Information you provide to us in the context of our services. This may be data about your business processes, systems or employees, which may (indirectly) contain personal data. You are and remain the owner of this data.
Financial and administrative data: Invoice data, bank account numbers and other data necessary for our administration.
Technical and usage data: IP address, browser information, and data about your use of our website and services, collected via cookies and similar techniques.
Application data: CV, motivation letter and other information you provide when you apply to us.
3. The core: Why (purposes) and on what basis (legal grounds) do we process your data?
We only process your data if we have a valid purpose and a legal basis for doing so. The following table makes this clear:
Purpose | What data? | Legal basis (GDPR) |
|---|---|---|
1. Execution of our services | Contact, project, content and financial data. | Execution of the agreement with you or your organization. |
2. Relationship management and communication | Contact and identification data. | Legitimate interest to maintain our relationships. For direct marketing by e-mail, we ask for your consent. |
3. Analysis, Innovation and Development | Anonymized or pseudonymized project and content data. Where this is not possible, we use personal data. | Legitimate interest. Our interest is to be at the forefront of technology and to innovate our services. We always carry out a careful balancing of interests and ensure that the privacy impact is minimal. |
4. Legal obligations | Financial and administrative data. | Legal obligation. |
5. Recruitment and selection | Application data. | Legitimate interest to find the best candidates. We ask for consent to keep data for future positions. |
4. Who do we share data with? (Our Processors and Partners)
We will never sell your data. We only share data with carefully selected third parties (processors) when this is necessary for our services. We conclude a solid processor agreement with all these parties. This concerns the following categories of partners:
Cloud and hosting providers: For the storage of our data and the hosting of our applications (e.g. Microsoft Azure, AWS).
Software suppliers: For our internal processes such as CRM, administration and project management.
Suppliers of Artificial Intelligence and Machine Learning Platforms (IaaS/PaaS/SaaS): We may use advanced platforms for data analysis, model development and testing of new technologies. We ensure that these partners meet the highest standards and that your data is never used to train their public models, unless explicitly agreed otherwise.
Communication platforms: For e-mail and online meetings.
5. International transfer of data
Because technology is a global playing field, some of our partners may be located outside the European Economic Area (EEA). If we transfer data outside the EEA, we always ensure an appropriate level of protection by using mechanisms approved by the European Commission, such as Adequacy Decisions or Standard Contractual Clauses (SCCs), supplemented with a risk analysis (TIA).
6. Security of your data (ISO 27001 & ISO 42001)
We take the security of your data extremely seriously. Our approach is based on the principles of leading standards such as ISO 27001 (Information Security) and ISO 42001 (AI Management System). This includes, among other things:
Access control, encryption and network security.
A policy for data minimization and pseudonymization where possible.
Regular training of our employees and periodic risk analyses.
7. Automated Decision-Making and Profiling
Kwartiermakers is at the forefront of the use of technology. In certain, clearly defined situations, we may therefore use fully automated decision-making, including profiling. We never do this without reason.
We will only make a fully automated decision that has significant or legal consequences for you if this is: a) Necessary for the conclusion or performance of a specific agreement with you; or b) Based on your explicit and prior consent.
In both cases, we will inform you about this separately and in clear language at the time of data collection or decision-making. You will then always receive meaningful information about the logic behind the decision, the data used, and the expected consequences.
Crucially, in all these cases you have the right to human intervention. You can contact us at any time to challenge the decision, to make your point of view known and to request a reassessment by one of our experts. We have an accessible procedure for this.
8. How long do we keep your data?
We do not keep your data for longer than is strictly necessary for the purpose for which it was collected.
Project data: Up to 5 years after completion of the project, unless agreed otherwise.
Administrative data: 7 years, in accordance with the legal retention obligation.
Data for innovation purposes: This is anonymized or deleted after the research phase.
Application data: 4 weeks after the end of the procedure. With your consent, we will keep it for 1 year.
9. Your rights (You are in control)
You have the right to access, rectify, delete, restrict the processing, and portability (data portability) of your data. You can also object to processing based on legitimate interest. Please send a request to info@kwartiermakers.nl.
If you have a complaint, we would like to hear it ourselves first, but you always have the right to file a complaint with the Dutch Data Protection Authority.
10. Changes to this policy
The world of technology never stands still, and neither does our policy. This is a living document. In the event of significant changes in how we handle your data, we will proactively inform you about this. You will always find the latest version on our website.
Cookie Policy
Version: 1.0 Date: July 4, 2025
At Kwartiermakers, we believe in the power of data and technology, but also in transparency. This cookie policy explains how we use cookies on our website to improve your experience and optimize our services. For more detailed information on how we handle personal data, please refer to our Privacy Policy.
1. What are cookies?
Cookies are small, simple text files that are stored by your browser on your computer or mobile device when you visit our website. These files contain information that can be sent back to our server on a subsequent visit. They are essential for a modern website to function properly.
2. Why do we use cookies?
We use cookies for various purposes:
- To make the website work properly: Without certain cookies, basic functions are not possible.
- To understand how our website is used: By analyzing usage, we can continuously improve our website and make it more relevant to our visitors.
- For marketing purposes: To be able to show you relevant information and content, also outside our own website.
3. What types of cookies do we use?
We distinguish between three categories of cookies:
a) Necessary (Functional) Cookies
These cookies are technically essential for the proper functioning of the website. For example, they ensure that your preferences are remembered. Your consent is not required by law for placing these cookies.
b) Analytical Cookies
These cookies help us understand how visitors use our website. We collect aggregated and anonymous data about, for example, which pages are visited most and how visitors arrive at our site. We use tools such as Google Analytics for this, which we have configured to be as privacy-friendly as possible (including through IP anonymization). We do not ask for permission to use cookies that have a limited impact on your privacy. We do ask for this for more in-depth analyses.
c) Marketing and Tracking Cookies
These cookies are used to track your surfing behavior and build profiles based on it. This allows us to tailor the content and any advertisements to your interests. Think of cookies from social networks such as LinkedIn, which make it possible to share articles or show targeted content.
Important: These marketing and tracking cookies are only placed after you have given your express consent via our cookie banner.
4. Managing or deleting cookies
You are always in control of cookies. You can withdraw your consent or change your cookie settings at any time via the cookie banner on our website.
In addition, you can set your internet browser to no longer store cookies, to receive a warning when a cookie is placed, or to delete the cookies after your visit. Consult the help function of your browser for this (e.g. Chrome, Firefox, Edge, Safari).
Please note: if you disable cookies, our website may no longer function optimally.
5. Changes to this policy
Technology and legislation are constantly changing. Therefore, this cookie policy may also be adjusted from time to time. We recommend that you consult this page regularly for the most current version.
6. Questions?
Do you have questions about our cookie policy? Please contact us using the contact details in our Privacy Policy.