Privacy Statement
Last updated: March 2026
Privacy Statement
Last updated: March 2026
This privacy statement explains how 7EMPLE ("we", "us", "our") collects, uses, stores, and protects your personal data when you visit our website at 7emple.nl or interact with our services. This statement is provided in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), specifically Articles 12, 13, and 14, and the Dutch GDPR Implementation Act (Uitvoeringswet Algemene verordening gegevensbescherming, "UAVG").
We take your privacy seriously. Please read this statement carefully.
1. Data Controller
The data controller responsible for processing your personal data is:
7EMPLE
[Street address]
[Postal code, City]
Netherlands
KVK (Chamber of Commerce): [KVK number]
Email: info@7emple.nl
Phone: [Phone number]
If you have questions about how we handle your personal data, you can contact us at info@7emple.nl.
2. What Personal Data We Collect
We collect personal data in the following ways:
2.1 Data you provide directly
When you submit a contact form, apply for our Ascend programme, or otherwise reach out to us, we may collect:
- Your full name
- Your email address
- Your phone number (if provided)
- The content of your message or enquiry
- Your company name and role (if provided)
2.2 Data collected automatically
When you visit our website, we automatically collect certain technical and usage data through our analytics provider, PostHog. This includes:
- Pages visited and time spent on each page
- Referring URL (how you arrived at our website)
- Browser type and version
- Device type (desktop, mobile, tablet)
- Operating system
- Screen resolution
- Country and city-level location (derived from IP address)
- Session duration and interaction events (clicks, scrolls)
PostHog processes data on servers located within the European Union (EU).
2.3 Data we do not collect
We do not collect any special categories of personal data as defined in Article 9 of the GDPR (e.g., data revealing racial or ethnic origin, political opinions, religious beliefs, health data, or sexual orientation). We do not collect financial information such as credit card or bank account details through our website.
3. Purposes and Legal Basis for Processing
We process your personal data for the following purposes, each with a corresponding legal basis under Article 6(1) of the GDPR:
| Purpose | Legal basis | GDPR reference |
|---|---|---|
| Responding to your contact form enquiry | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is to respond to potential client enquiries and assess whether a working relationship is appropriate. |
| Assessing applications for the Ascend programme | Pre-contractual measures at your request (Art. 6(1)(b)) | Processing is necessary to take steps at your request prior to entering into a contract. |
| Sending project proposals or follow-up correspondence | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is to communicate with prospective and existing clients about our services. |
| Analysing website usage to improve our website | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is to understand how visitors use our website so we can improve its content, structure, and performance. |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) | Where we are required by Dutch or EU law to retain or disclose data. |
Where we rely on legitimate interest as our legal basis, we have conducted a balancing test to ensure that our interests do not override your fundamental rights and freedoms.
4. How Long We Retain Your Data
We retain your personal data only for as long as necessary to fulfil the purposes described above, or as required by law.
| Data category | Retention period |
|---|---|
| Contact form submissions | 12 months from the date of your last message, unless a client relationship begins |
| Client correspondence and project data | Duration of the client relationship plus 7 years, in accordance with Dutch fiscal retention obligations (Article 52 Algemene wet inzake rijksbelastingen) |
| Website analytics data | 26 months (in accordance with PostHog's default retention settings) |
| Ascend programme applications | 12 months from the date of application, unless a contract is entered into |
After the applicable retention period expires, your personal data will be securely deleted or anonymised.
5. Recipients and Third-Party Processors
We may share your personal data with the following categories of recipients:
5.1 Data processors
We use the following third-party service providers who process personal data on our behalf, each bound by a data processing agreement in accordance with Article 28 of the GDPR:
| Processor | Purpose | Server location |
|---|---|---|
| PostHog | Website analytics | European Union |
| Vercel | Website hosting | European Union / United States (with adequate safeguards) |
| Google Workspace | Email correspondence and file storage | European Union (with EU data processing terms) |
5.2 Other disclosures
We do not sell, rent, or trade your personal data to any third party. We may disclose your personal data if required to do so by law, court order, or a binding request from a competent authority.
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR. These safeguards may include:
- An adequacy decision by the European Commission (Article 45 GDPR)
- Standard Contractual Clauses adopted by the European Commission (Article 46(2)(c) GDPR)
- The EU-U.S. Data Privacy Framework, where applicable
You may request a copy of the safeguards in place by contacting us at info@7emple.nl.
7. Your Rights Under the GDPR
Under Articles 15 to 22 of the GDPR, you have the following rights with respect to your personal data:
Right of access (Article 15): You have the right to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data along with information about the processing.
Right to rectification (Article 16): You have the right to have inaccurate personal data corrected and incomplete personal data completed.
Right to erasure (Article 17): You have the right to request that we delete your personal data, provided that one of the grounds set out in Article 17(1) applies and no exception under Article 17(3) applies.
Right to restriction of processing (Article 18): You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while we verify the accuracy of your data following a rectification request.
Right to data portability (Article 20): Where processing is based on consent or a contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
Right to object (Article 21): You have the right to object at any time to the processing of your personal data which is based on legitimate interest. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
Right to withdraw consent (Article 7(3)): Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Right not to be subject to automated decision-making (Article 22): We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.
How to exercise your rights
To exercise any of the above rights, send an email to info@7emple.nl. We may ask you to verify your identity before processing your request.
We will respond to your request within one month of receipt. This period may be extended by a further two months where necessary, taking into account the complexity and number of requests, in accordance with Article 12(3) of the GDPR. We will inform you of any such extension within one month.
There is no fee for exercising your rights, unless requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request (Article 12(5) GDPR).
8. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, in accordance with Article 32 of the GDPR. These measures include, but are not limited to:
- HTTPS encryption on all pages of our website
- Access controls limiting who within our organisation can access personal data
- Secure data processing agreements with all third-party processors
- Regular review of data processing activities and security practices
9. Right to Lodge a Complaint
If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens
Bezuidenhoutseweg 30
2594 AV Den Haag
Netherlands
Website: https://www.autoriteitpersoonsgegevens.nl
Phone: +31 70 888 8500
You may also lodge a complaint with a supervisory authority in the EU Member State of your habitual residence or place of work, in accordance with Article 77 of the GDPR.
10. Changes to This Privacy Statement
We may update this privacy statement from time to time to reflect changes in our data processing activities, applicable law, or supervisory authority guidance. The "Last updated" date at the top of this page reflects the most recent revision.
Where changes are material, we will make reasonable efforts to notify you, for example by displaying a notice on our website.
11. Contact
For any questions about this privacy statement or how we handle your personal data:
7EMPLE
Email: info@7emple.nl
Website: 7emple.nl