By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept

Privacy Policy

Effective Date: 18 February 2025

At Intractive B.V. ("Intractive") City Challenge BV., doing business as Intractive ("Intractive," “we," “us," or “our”), your privacy is a top priority, and we are fully committed to protecting your personal data. This Privacy Notice outlines how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. What Personal Data We Collect and For What Purpose

We process personal data for various purposes, in accordance with the principles of lawfulness, fairness, and transparency. The table below outlines the types of personal data we collect, the purposes of collection, the legal basis for processing, and how long we store your data:

Purpose

Personal Data Collected

Legal Basis

Data Retention Period

Sales & Marketing (via email and analytics)

Name, email, company details, usage data

Legitimate interest or consent

Until you opt-out, withdraw your consent, or unsubscribe

Client information & billing (when you become a client)

Name, email, payment details, company information, invoices

Contractual necessity, legal obligation

7 years after account termination (for compliance purposes)

Applicant information (when applying for a job)

CV, contact information, references

Consent/Legitimate interest

3 months until the vacancy has been filled and 1 year after the hiring process ends when consent has been given

Responding to inquiries & offering support

Name, email, inquiry details

Legitimate interest

Until the inquiry is resolved plus 1 year

Requesting feedback

Name, email, feedback

Legitimate interest

2 years after the feedback is provided

Protecting Intractive & fraud monitoring

IP address, device information, account information

Legitimate interest, legal obligation

As long as necessary to ensure security

Identifying usage trends

Usage data, IP address, device information

Consent, Legitimate interest

Max 14 months and thereafter aggregated data

Marketing & promotional campaign effectiveness

Email engagement metrics, campaign responses

Consent, Legitimate interest

Until the campaign ends plus 2 years

Scheduling demo calls (via Calendly)

Name, email, preferred date & time, optional notes

Consent

Until the meeting is held plus 1 year

Hosting & website performance (via Webflow)

IP address, browser type, usage data

Legitimate Interest

As per Webflow’s data retention policy

2. How We Collect Your Personal Data

We use different methods to collect data from and about you, including through:

2.1 Direct Interactions:

You may provide us with personal information such as contact details, identifiers, financial data, and other categories when you:

  • Apply for our products or services.
  • Create an account with us.
  • Subscribe to publications.
  • Request marketing materials.
  • Provide feedback or contact us through forms, post, phone, email, our website, or other means.
2.2 Automated Technologies or Interactions:

As you use our website and services, we may automatically collect technical, profile, and usage data, such as details about your device, browsing behavior, and usage patterns.

2.3 Third Parties or Publicly Available Sources:
  • Online recruitment platforms or professional networks (e.g., work-related information).
  • Publicly available sources providing identity and contact data.

3. Who Has Access to Your Data?

Your personal data is accessed by authorized personnel at Intractive and, where necessary, trusted third-party service providers who assist us in fulfilling the purposes mentioned above. These third parties may include marketing platforms, payment processors, IT service providers, and others, all of whom operate under strict confidentiality agreements.

We may also share your personal data:

  • If required by law, regulation, or legal process;
  • To protect our legal rights, prevent fraud, or comply with lawful requests;
  • In connection with a merger, acquisition, or sale of all or a portion of our assets or in case of bankruptcy.

We ensure that access to your data is granted only on a need-to-know basis and is fully controlled and monitored.

4. Is Data Transferred Outside the European Economic Area (EEA)?

Some of our external third parties are located outside the EEA, meaning your personal data may be transferred to countries outside the EEA. To ensure your data is protected, we implement at least one of the following safeguards:

  • The destination country has been recognized by the European Commission as providing an adequate level of data protection.
  • We use specific contracts approved by the European Commission that ensure your personal data receives the same level of protection as within the EEA, such as Standard Contractual Clauses.
  • The transfer complies with the US Data Privacy Framework.

5. What Technical and Organizational Security Measures Are in Place?

We take the security of your personal data very seriously and implement appropriate technical and organizational measures to safeguard your information. These measures include:

  • Data encryption (both in transit and at rest)
  • Secure access controls and authentication procedures
  • Regular security audits and vulnerability assessments
  • Monitoring and logging of system access
  • Employee training and awareness programs on data protection

In the event of a personal data breach, we will notify you and the relevant authorities as required by law.

6. What Are Your Data Subject Rights?

As a data subject, you have the following rights under the GDPR:

  • Right to Access: You can request access to the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccuracies in your personal data.
  • Right to Erasure: You can request the deletion of your personal data under certain conditions.
  • Right to Restriction: You can request the restriction of processing your data under certain circumstances.
  • Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format when you have provided your personal data to us.
  • Right to Object: You have the right to object to the processing of your data for direct marketing or other purposes based on legitimate interest.
  • Right to Withdraw Consent: Where we rely on your consent, you can withdraw that consent at any time.

If you believe that we have not handled your data appropriately or you are unsatisfied with our response to your concerns, you have the right to lodge a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens. You can contact them via their website at www.autoriteitpersoonsgegevens.nl.

For data subjects in other countries, you can contact your respective national data protection authority.

We may ask for specific information to verify your identity and confirm your right to access your personal data (or exercise any other rights). This is a security measure to prevent unauthorized access to your personal data). We aim to respond to all legitimate requests within one month. However, it may take longer if your request is particularly complex or if you have made multiple requests. In such cases, we will notify you and keep you updated.

7. Automated Decision-Making and Profiling

Your personal data is not used for automated decision-making (decisions made only by machines without human input) or profiling with a negative effect (analyzing personal data to assess certain traits or behaviors).

8. Third-Party Websites

Our Site may include hyperlinks to third-party websites, such as LinkedIn or Instagram. These hyperlinks are provided for your reference and convenience only, and do not imply any endorsement of the activities of these third-party websites or any association with their operators. We are not responsible for the privacy practices or content of these third-party websites. You are encouraged to read their respective privacy notices for more information. 

9. Privacy of Children

It is our policy to not collect personal data from any person under 18 because children are not permitted to use our services and our website and we request that children under the age of 18 not submit any personal data to us. If we learn that we have inadvertently gathered personal data from children under 18, we will promptly remove such information from our records. If you are a parent or guardian and believe we have collected personal information in violation of applicable data protection law, contact us info@intractive.app. We will then remove the personal information in accordance with applicable data protection law.

10. Cookies and Similar Technologies

We use cookies to enhance your experience on our Site. You can control cookie settings through your browser or device settings, or by accessing a “Cookie Settings” within your account. For more details, please refer to our Cookie Notice.

9. Updates to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our data processing practices, legal requirements, or business operations. If we make material changes, we will notify you through our website or other means before the changes take effect.

The most recent version of this Privacy Notice will always be available on our website, and we encourage you to review it periodically.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Notice or your personal data, please contact us at:

Intractive
Europalaan 400, 3526 KS
Utrecht, The Netherlands
Email: info@intractive.app