Privacy Policy
How Renewjoint collects, processes, and protects your personal data, in compliance with the General Data Protection Regulation (GDPR) and applicable Dutch law.
This Privacy Policy applies to the website renewjoint.world and all services offered by Renewjoint. By using our website or services, you acknowledge that you have read and understood this policy.
1. Controller details
The controller responsible for the processing of your personal data is:
- Company name: Renewjoint
- Address: Dam 1, 1012 JS Amsterdam, Netherlands
- Phone: +31 20 808 9333
- Email: service@renewjoint.world
- Website: https://renewjoint.world
2. What personal data we collect
We collect only the personal data necessary for the purposes described in this policy. Depending on how you interact with our services, we may collect:
- Contact form submissions: Full name, email address, and the content of your message.
- Email correspondence: Your email address and the content of emails you send to us.
- Technical data: IP address, browser type and version, operating system, referral source, pages visited, and session duration — collected automatically via server logs and, where consent is given, analytics cookies.
- Cookie preference data: Your cookie consent choices, stored locally in your browser.
We do not collect special categories of personal data (such as health data, biometric data, or data about religious beliefs) and we do not knowingly collect data from individuals under the age of 16.
3. Purposes and legal basis for processing
| Purpose | Data used | Legal basis (GDPR Art. 6) |
|---|---|---|
| Responding to enquiries submitted via the contact form | Name, email, message content | Legitimate interest (Art. 6(1)(f)) |
| Providing purchased educational programs and materials | Name, email | Contractual necessity (Art. 6(1)(b)) |
| Improving website functionality and content | Technical/analytics data | Consent (Art. 6(1)(a)) — analytics cookies only |
| Complying with legal obligations | Relevant data as required | Legal obligation (Art. 6(1)(c)) |
4. How long we retain your data
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law:
- Contact form data: Up to 12 months from the date of submission, unless an ongoing service relationship requires longer retention.
- Program participant data: For the duration of the program plus 24 months thereafter, to handle any queries or disputes.
- Technical/log data: Up to 6 months, after which it is deleted or anonymised.
- Financial records: 7 years, as required by Dutch tax law (Belastingdienst requirements).
5. Data sharing and third parties
We do not sell, rent, or trade your personal data. We may share data with the following categories of third parties only where necessary:
- Hosting and infrastructure providers: For website operation. These providers act as data processors under a written data processing agreement.
- Email service providers: For sending responses to your enquiries.
- Analytics providers: Only where you have given consent to analytics cookies. Data is anonymised where technically possible.
- Legal authorities: Where disclosure is required by law, court order, or to protect the rights and safety of others.
All third-party processors are bound by GDPR-compliant data processing agreements and may not use your data for their own purposes.
6. International transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure an adequate level of protection is in place through one of the following mechanisms: Standard Contractual Clauses (SCCs) approved by the European Commission, or transfer to a country with an adequacy decision.
7. Security measures
We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:
- HTTPS encryption for all data transmitted via the website
- Access controls limiting data access to authorised personnel only
- Regular review of our data handling practices
- No storage of unnecessary personal data
While we take security seriously, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.
8. Your rights under GDPR
As a data subject under the GDPR, you have the following rights:
- Right of access (Art. 15): Request a copy of the personal data we hold about you.
- Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17): Request deletion of your personal data where there is no longer a legitimate basis for its retention.
- Right to restriction (Art. 18): Request that we restrict processing of your data in certain circumstances.
- Right to data portability (Art. 20): Receive your data in a structured, commonly used format where processing is based on consent or contract.
- Right to object (Art. 21): Object to processing based on legitimate interests.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at service@renewjoint.world. We will respond within 30 days.
9. Complaints
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):
- Website: autoriteitpersoonsgegevens.nl
- Address: Hoge Nieuwstraat 8, 2514 EL Den Haag, Netherlands
10. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "last updated" date at the top of this page. Continued use of the website after changes have been posted constitutes acceptance of the updated policy. We encourage you to review this page periodically.