Privacy Policy NLCyber (EN)

Last updated: May 2026

1. Introduction

At NLCyber, we highly value your privacy. This policy explains which personal data we collect, why we do so, how we protect it, and what rights you have. We process your data strictly in accordance with the General Data Protection Regulation (GDPR) and applicable privacy laws.

1a. Scope of this policy

This privacy policy applies to all NLCyber services, including the NLCyber website (www.nlcyber.com) and the NLCyber mobile applications available through the Apple App Store, Google Play Store, and other distribution channels. Where this policy refers to "the platform," "our services," or "NLCyber," this includes the website and the mobile applications, unless explicitly stated otherwise.

2. Who is responsible for your data?

NLCyber is a trade name of Qlibr B.V., based in the Netherlands and reachable via:

Email: [email protected]
Address: Slootjesbeemd 32, 5682 JG, Best, The Netherlands

Qlibr B.V. is the data controller for the personal data collected and processed through NLCyber.

3. What data do we collect?

We only collect data that is necessary to provide and improve our services, such as:

  • Account data: name, email address, password (encrypted)
  • Profile information: selected topic preferences
  • Platform usage: interactions with news, companies, and events
  • Communication data: messages exchanged with us or through NLCyber
  • Technical data: IP address, browser type, cookies (see our cookie policy)

We do not process special categories of personal data, such as health information or political beliefs.

3a. Data collected through the mobile applications

When you use the NLCyber mobile application (iOS or Android), we may additionally collect:

  • Device identifiers and technical information (such as device model, operating system version, app version, language settings)
  • App usage analytics (such as which articles you view, time spent in the app, features used)
  • Push notification tokens, if you choose to enable notifications
  • Crash and performance data, to detect and resolve technical issues

This data is used solely to operate, secure, and improve the mobile applications. We do not use it for advertising purposes, and we do not sell it to third parties.

3b. Data collected outside the platform

We may also process personal data that you share with us via email, phone, or in the context of business communication. This includes information provided when requesting or activating a company profile, responding to invitations, or asking specific questions. This data is used only to handle your request or deliver the requested service.

4. Purposes of processing

We use your personal data solely for the following purposes:

  • Providing and improving our services
  • Personalizing content such as news, companies, or events based on your preferences
  • Sending our newsletter (only after opt-in)
  • Sending push notifications through the mobile applications (only after opt-in)
  • Responding to your requests or messages
  • Securing our platform and preventing abuse
  • Complying with legal obligations

We do not use your data for automated decision-making or profiling with legal consequences.

5. Legal basis for processing

We process your personal data based on one of the following legal grounds:

  • Consent: for example, for newsletter subscriptions, push notifications, and cookies
  • Performance of a contract: for access to your account or services
  • Legal obligation: for fiscal or administrative purposes
  • Legitimate interest: such as improving our services or securing our platform, provided your privacy rights are respected

6. Sharing data with third parties

We only share your personal data with third parties when strictly necessary, such as:

  • Service providers that support the operation of the platform or handle communication (such as hosting providers, analytics providers, push notification services, and crash reporting services)
  • App store providers (Apple and Google), which process limited information necessary for app distribution and updates
  • Legal authorities, if we are legally obliged to do so

We have data processing agreements in place with all external parties, ensuring confidentiality, security, and lawful processing. We never sell your personal data.

7. International data transfers

If personal data is processed outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • An adequacy decision by the European Commission, or
  • Standard Contractual Clauses (SCCs) with additional security measures

8. Data security

We take appropriate technical and organizational measures to protect your data, including:

  • Encrypted connections (SSL/TLS) on both the website and the mobile applications
  • Encrypted password storage (hashed)
  • Access restrictions on personal data
  • Regular system and procedure audits

9. Data retention

We do not store your personal data longer than necessary:

  • Account data: as long as your account is active
  • Newsletter data: until you unsubscribe
  • Push notification tokens: as long as notifications are enabled
  • App analytics and crash data: for a limited period necessary to identify trends and resolve issues
  • Cookies: in accordance with our cookie policy
  • Legal retention: for example, up to 7 years for tax administration

After these periods, your data is securely deleted or anonymized.

10. Your rights

Under the GDPR, you have the following rights:

  • Access: to view what personal data we hold about you
  • Correction: to update inaccurate data
  • Erasure: to delete your data ('right to be forgotten')
  • Restriction: to temporarily pause data processing
  • Data portability: to receive your data in a structured, machine-readable format
  • Objection: to certain types of processing
  • Withdraw consent: at any time, without affecting prior processing

You can exercise your rights by contacting [email protected]. We will respond within 30 days.

In the mobile applications, you can also manage certain preferences directly, such as enabling or disabling push notifications and analytics where applicable.

11. Complaints

If you believe your data is being processed improperly, you may file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your national supervisory authority.

12. Children's privacy

The NLCyber platform is intended for a professional audience and is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it.

13. Changes to this policy

We may update this privacy policy if our services or the law changes. We recommend reviewing this page regularly. For significant changes, we will notify you directly, for example via email or through the platform.