Privacy Statement

1. Who we are

TrustTech Holding B.V. (“TrustTech”, “we”, “us”) is responsible for the processing of personal data as described in this privacy statement.

For questions about this privacy statement or the processing of your personal data, you can contact us via our contact form.

2. What personal data we process

We only process personal data that you provide directly to us.

Contact form

When you contact us via our website, we process:

Name
Email address
Phone number (if provided)
Company name (if provided)
Message content

Job applications

When you apply for a job at TrustTech, we process:

Name and contact details
CV and motivation letter
Employment history and education
Any other personal data you voluntarily provide

We do not intentionally collect special categories of personal data.

3. Purposes and legal basis

We process personal data only for specific purposes and based on a valid legal basis.

Contact requests

Purpose: Handling and responding to your inquiry
Legal basis: Legitimate interest (Article 6(1)(f) GDPR)
Condition: Processing is limited to what is necessary to respond

Job applications

Purpose: Recruitment and selection
Legal basis: Taking steps prior to entering into an employment contract (Article 6(1)(b) GDPR)

We do not use your data for other purposes without informing you in advance.

4. Data minimisation

We only collect personal data that is strictly necessary for the purposes described above. Providing additional information is at your own discretion.

5. Retention periods

We do not retain personal data longer than necessary.

Contact requests: up to 12 months after handling your request
Job applications
- Up to 4 weeks after completion of the recruitment process
- Up to 12 months only if you have given explicit consent

After these periods, personal data is deleted or anonymised, unless we are legally required to retain it longer.

6. Recipients of personal data

We may share personal data with third parties that support our services, such as:

Hosting providers
Email service providers
IT and security providers

These parties act as data processors and process personal data only on our instructions. We have concluded Data Processing Agreements (DPAs) with all processors in accordance with Article 28 GDPR.

7. Security measures

We take appropriate technical and organisational measures to protect personal data, including:

Encryption of data in transit (HTTPS/TLS)
Role-based access control (RBAC)
Multi-factor authentication (MFA)
Logging and monitoring of access
Secure storage and system hardening

Access to personal data is restricted to authorised personnel only.

8. Your rights

You have the following rights under the GDPR:

Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object

You can exercise your rights by contacting us via info@trusttech.nl. We will respond to your request within 30 days.

9. Complaints

If you have a complaint about the processing of your personal data, you can submit it to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP). More information can be found at autoriteitpersoonsgegevens.nl.