This Privacy and Cookie Statement
has last been changed on November 10 2020.

Dear visitor,

This Privacy and Cookie Statement is intended to express that we, at The Privacy Factory, take protection of your personal data very seriously. We process and protect the personal data provided to and collected by our organisation, with the utmost care and in full accordance with all relevant provisions of the General Data Protection Regulation, the GDPR. With this statement, we want to inform you on our privacy and cookie policy.
If you need more information or if you have any questions, feel free to contact The Privacy Factory by sending an email to

1.   Purposes of data processing

1.1 Carrying out agreements

We process your personal data in order to be able to react to requests for information on the services we provide, in order to handle registrations for events organised by The Privacy Factory and in order to manage relations established as a result of these contacts, including all sales and marketing activities.

For these purposes, we process the following personal data: name; telephone number; email address; and company name.

Where appropriate, we may also process financially or fiscally relevant data and correspondence conducted between you and our organisation. These data are used to follow up on requests for information, process registrations and perform training and education contracts.

We retain these data for as long as is necessary to handle your requests for information, provide services to you and perform the agreements entered into with you, after which, unless legal provisions dictate otherwise, the data are destroyed.

1.2 Clicking behaviour and visitor data

When you visit our website, we collect visiting data related to the use of our website. These data include IP addresses, times of day and information supplied by your browser. We do this in order to monitor and analyse the use and performance of our website, with a view to further optimising the user experience. Where possible, we apply pseudonymisation or anonymisation. We do not supply these data to third parties interested in using them for their own, separate purposes.

1.3 Cookies & IP tracking

When you visit our website, we register your IP-address and transfer cookies to the device you are using to access the site. We do so for functional and analytical reasons only, and not for collection of personal data.

1.4 Registrations and requests for information

When you submit a request for information or register for a training or an event, we use your personal data to follow up on your request or registration in an appropriate manner. This may include sharing your data with the courier service delivering the relevant training documents to your home/business address and receiving the corresponding payment data from your bank or credit card company.
The data we use in these cases are your: name; address; telephone number; invoice address; email address and payment data. We need these data to be able to enter into an agreement with you and we retain the data for a period of up to seven years (legal retention obligation) after we have performed the services committed to in the agreement. We do not share these data with third parties.

1.5 Contact form

The contact forms included in our website allow you, among other things, to submit requests for information and register for one of our events or training courses. Here too, we will ask you to provide your name, telephone number and email address, and we will use the payment data supplied by your bank or credit card company.
Again, we will retain these data until having met your expectations to your satisfaction, with an additional retention period of seven years (legal retention obligation) in case of an agreement entered into with you

1.6 Blog

You can register for our Blog series by entering your email address. You can cancel your registration at any given time. Upon cancellation, your email address will be erased from our records.

1.7 Provision to other companies or organisations (third parties)

We do not share data with third parties, unless it is necessary to market and supply the services we offer, or unless we are required to do so by legal obligations. Where such exceptions apply, we will inform you in advance, mentioning also the name of the party your data are to be shared with.

1.8 Social media buttons

For the purpose of social media marketing our website contains a LinkedIn button, allowing visitors to promote or share our content with a simple mouse click. Before doing so, you are advised to read the LinkedIn privacy statements to inform yourself on how this site uses your personal data.

2. Use of cookies and IP addresses

2.1 Use of cookies

We make use of functional and analytical cookies, small files which are sent to your device from our website and stored on your computer hard drive by your browser, for an optimal user experience on our web pages. For this reason, when you first visit our website, you will see a message to this effect.
At your next visits, we will assume that you do not object to continued use of these cookies. As we also contract services from other companies using cookies as well, we strongly recommend that you read the privacy and cookie statements offered by these organisations.

2.1.2 Types of cookies

Our website uses functional and analytical cookies.

2.1.3 Enabling and disabling cookies

Your browser manual explains how to apply general settings for disabling cookies you do not want to accept.

2.1.4 Retention period and erasure of cookies

If an expiration term applies to a cookie, your data will no longer be registered after the expiration date. You also have the option to remove cookies prior to this date (see your browser manual).

2.2 Use of IP tracking

We track IP addresses. When visiting our website, your IP address (this data is not anonymised) will automatically be saved to the log files on our webserver for us to properly manage and secure our webserver. Furthermore your IP-address is shared with Lead Forensics, a company registered and located at 3000 Lakeside North Harbour, Western Rd, Portsmouth PO6 3EN. Based on the shared IP address Lead Forensics provides us with information on what companies have visited our website including the date, duration and the web pages visited. We will not pass this data to third parties for any reason.

IMPORTANT: The Lead Forensics tool uses IP tracking for identifying businesses and is not the same as cookies. Lead Forensics only provides information that is readily available in the public domain. It does not, and cannot, provide individual, personal or sensitive data regarding who has visited our website.

IMPORTANT: If you do not wish Lead Forensics to provide us with your company data you can click HERE to opt out causing your IP address to be added to a do-not-track list.

3. Third-party websites

Our privacy statement does not apply to any third-party website linked to on our web pages. We also find it important to point out that in no way we can guarantee that third parties will treat your personal data reliably or safely. For this reason, we recommend that you always read the privacy statements of these websites before using them.

4. Security

The security measures taken by our organisation are intended to prevent misuse of and unauthorised access to your personal data. For this purpose, we have implemented strict permission and security policies, which are periodically checked on efficiency and effectiveness. In terms of security, we use logical, physical and organisational access control mechanisms, complemented by Privacy Enhancing Technologies, like encryption and Transport Layer Security (TLS), purpose specific access control and limitation of data storage to countries within the European Union.

5. Complaints – Data Protection Authority

We will gladly discuss with you any complaints you may have about the way we process your personal data. We would also like to point out that you have the right to submit complaints related to our personal data processing to the Data Protection Authority. To do so, please contact the Data Protection Authority.

6. Changes to this privacy statement

Like many other companies, we are a dynamic organisation. As such, we reserve the right to make changes to our privacy statement when and where necessary. Any and all amendments to content or wording of this statement will be published on our website. For this reason, we recommend that you regularly review our privacy statement.

7. Right of access, right of rectification, right to object

All our relations have the right to access personal data related to them held by our organisation. In case of inaccuracies, you may submit a written request to have your data rectified of removed. If you wish to know whether we are in possession of personal data related to you, feel free to contact us (see contact details below).
Under the GDPR, you have the following additional rights:

  • the right to be informed on what we do with which personal data;
  • the right of access to personal data related to you in our possession;
  • the right to have inaccuracies in your personal data rectified;
  • the right to have (outdated) personal data removed;
  • the right to withdraw previously given consent;
  • the right to object to specific use of your personal data (limitation of use).

If you wish to exercise any of these rights, please clearly indicate your identity, so we can be sure we will not change or delete another person’s data.

If you do not wish to receive further information on The Privacy Factory, please inform us at:

The Privacy Factory
Robert Schumandomein 2
6229 ES  Maastricht