Privacy Policy NLCyber (EN)

Last updated: August 2025

  1. Introduction At NLCyber, we highly value your privacy. This policy explains which personal data we collect, why we do so, how we protect it, and what rights you have. We process your data strictly in accordance with the General Data Protection Regulation (GDPR) and applicable privacy laws.
  2. Who is responsible for your data? NLCyber is a trade name of Qlibr B.V., based in the Netherlands and reachable via: Email: [email protected] Address: Slootjesbeemd 32, 5682 JG, Best, The Netherlands Qlibr B.V. is the data controller for the personal data collected and processed through NLCyber.
  3. What data do we collect? We only collect data that is necessary to provide and improve our services, such as: Account data: name, email address, password (encrypted) Profile information: selected topic preferences Website usage: interactions with news, companies, and events Communication data: messages exchanged with us or through NLCyber Technical data: IP address, browser type, cookies (see our cookie policy) We do not process special categories of personal data, such as health or political beliefs. 3a. Data collected outside the website We may also process personal data that you share with us via email, phone, or in the context of business communication. This includes information provided when requesting or activating a company profile, responding to invitations, or asking specific questions. This data is used only to handle your request or deliver the requested service.
  4. Purposes of processing We use your personal data solely for the following purposes: Providing and improving our services Personalizing content such as news, companies, or events based on your preferences Sending our newsletter (only after opt-in) Responding to your requests or messages Securing our website and preventing abuse Complying with legal obligations We do not use your data for automated decision-making or profiling with legal consequences.
  5. Legal basis for processing We process your personal data based on one of the following legal grounds: Consent: for example, for newsletter subscriptions and cookies Performance of a contract: for access to your account or services Legal obligation: for fiscal or administrative purposes Legitimate interest: such as improving our services or securing our platform, provided your privacy rights are respected
  6. Sharing data with third parties We only share your personal data with third parties when strictly necessary, such as: Service providers that support the operation of the website or handle communication Legal authorities, if we are legally obliged to do so We have data processing agreements in place with all external parties, ensuring confidentiality, security, and lawful processing. We never sell your personal data.
  7. International data transfers If personal data is processed outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as: An adequacy decision by the European Commission, or Standard Contractual Clauses (SCCs) with additional security measures
  8. Data security We take appropriate technical and organizational measures to protect your data, including: Encrypted connections (SSL/TLS) Encrypted password storage (hashed) Access restrictions on personal data Regular system and procedure audits
  9. Data retention We do not store your personal data longer than necessary: Account data: as long as your account is active Newsletter data: until you unsubscribe Cookies: in accordance with our cookie policy Legal retention: for example, up to 7 years for tax administration After these periods, your data is securely deleted or anonymized.
  10. Your rights Under the GDPR, you have the following rights: Access: to view what personal data we hold about you Correction: to update inaccurate data Erasure: to delete your data (‘right to be forgotten’) Restriction: to temporarily pause data processing Data portability: to receive your data in a structured, machine-readable format Objection: to certain types of processing Withdraw consent: at any time, without affecting prior processing You can exercise your rights by contacting [email protected]. We will respond within 30 days.
  11. Complaints If you believe your data is being processed improperly, you may file a complaint with the Dutch Data Protection Authority or your national supervisory authority.
  12. Changes to this policy We may update this privacy policy if our services or the law changes. We recommend reviewing this page regularly. For significant changes, we will notify you directly, for example via email or through our website