Vitalysieve
Legal Document

Privacy Policy

Effective date: . This policy describes how Vitalysieve collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and the Dutch Implementation Act (Uitvoeringswet AVG). This document supports transparency requirements for visitors from the Netherlands and the European Union.

1. Data Controller

The data controller responsible for the processing of your personal data is:

Vitalysieve
Van Woustraat 52H
1073 LM Amsterdam
Netherlands
Phone: +31 20 370 8851
Email: assist@vitalysieve.world

As the data controller, we determine the purposes and means of processing personal data collected through our website vitalysieve.world and related communication channels. We are committed to processing data lawfully, fairly, and transparently.

2. Data We Collect

We collect personal data only when necessary for the purposes described in this policy. The categories of data we may process include:

2.1 Data You Provide Directly

  • Contact form submissions: name, email address, message content, and GDPR consent confirmation
  • Consulting inquiries: information about your lifestyle habits that you voluntarily share
  • Newsletter subscriptions: email address and subscription preferences, if applicable
  • Payment information for paid educational products: processed through secure third-party payment providers; we do not store full card details on our servers

2.2 Data Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type
  • Usage data: pages visited, time spent on pages, referral source, click patterns
  • Cookie data: as described in our Cookie Policy

2.3 Data We Do Not Collect

We do not collect special categories of personal data as defined in Article 9 GDPR, including health records, medical diagnoses, or biometric data. Our services are educational and non-medical in nature.

3. Purposes of Processing

We process personal data for the following specific purposes:

  • Responding to contact form submissions and customer inquiries
  • Delivering educational consulting services that you have requested
  • Processing orders for educational products and programs
  • Improving website functionality and user experience through anonymised analytics
  • Complying with legal obligations under Dutch and European law
  • Protecting our website against fraud, abuse, and security threats
  • Sending service-related communications about your orders or inquiries
  • Maintaining records required for accounting and tax purposes

We will not use your personal data for purposes incompatible with those listed above without obtaining your prior consent or establishing another valid legal basis.

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form data: twelve months from the date of submission, unless an ongoing consulting relationship extends this period
  • Customer and order records: seven years from the end of the financial year, as required by Dutch tax law
  • Cookie consent preferences: twelve months, after which we will request renewed consent
  • Analytics data: twenty-six months in anonymised or pseudonymised form
  • Marketing consent records: until consent is withdrawn, plus three years for proof of compliance

When retention periods expire, data is securely deleted or anonymised so that it can no longer be associated with you.

6. Data Sharing and Recipients

We do not sell your personal data to third parties. We may share data with the following categories of recipients when necessary:

  • Hosting and infrastructure providers located within the European Economic Area
  • Payment processors for secure transaction handling
  • Email service providers for responding to your inquiries
  • Analytics providers, only when you have consented to analytics cookies
  • Professional advisers such as accountants and legal counsel, bound by confidentiality obligations
  • Public authorities when required by applicable law or court order

All third-party processors operate under data processing agreements that require them to protect your data and process it only according to our instructions.

7. International Data Transfers

We primarily store and process data within the European Economic Area. If any processing involves transfers to countries outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or adequacy decisions. You may request details of specific safeguards by contacting us.

8. Security Measures

We implement technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting data access to authorised personnel only
  • Regular security assessments of our hosting infrastructure
  • Encrypted storage for sensitive data at rest
  • Employee training on data protection principles and incident response
  • Incident response procedures for detecting and reporting data breaches within 72 hours to the Autoriteit Persoonsgegevens where required

While we take reasonable precautions, no method of transmission over the internet is completely secure. We encourage you to use strong passwords and protect your own devices.

9. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of access: Request confirmation of whether we process your data and receive a copy
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your data when no longer necessary or when you withdraw consent
  • Right to restriction: Request limitation of processing in certain circumstances
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: Withdraw consent at any time for consent-based processing
  • Right to lodge a complaint: File a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) at autoriteitpersoonsgegevens.nl

To exercise any of these rights, contact us at assist@vitalysieve.world. We will respond within thirty days. We may request identity verification before processing your request.

10. Cookies and Similar Technologies

Our website uses cookies and similar technologies as described in our Cookie Policy. Non-essential cookies are placed only after you provide consent through our cookie banner. You may change your preferences at any time by clearing your browser cookies and revisiting the site.

11. Children's Privacy

Our website and services are intended for adults aged eighteen and over. We do not knowingly collect personal data from children under sixteen without parental consent. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated through a notice on our website. The effective date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.

13. Contact Us About Privacy

For questions, concerns, or requests related to this Privacy Policy or your personal data, contact our data protection contact:

Vitalysieve
Van Woustraat 52H, 1073 LM Amsterdam, Netherlands
Email: assist@vitalysieve.world
Phone: +31 20 370 8851