Privacy Policy

Introduction

ZenithForge B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website, use our services, or interact with us. We are the data controller for the personal data we collect about you.

Data Controller Information

ZenithForge B.V. is the data controller responsible for your personal data. Our registered office is located at Vijverweg 283, 1069 BC Amsterdam, North Holland, Netherlands. Registration Number: KvK47856932. VAT Number: NL475326981B02.

Data Collection

We collect and process the following types of personal data:

• Contact Information: Name, email address, phone number, and business details when you contact us or request our services
• Communication Data: Records of correspondence and communications with us, including enquiries and support requests
• Website Usage Data: Information about how you use our website, including IP address, browser type, pages visited, and time spent on our site
• Business Information: Details about your restaurant, menu data, and operational information provided during consultations
• Technical Data: Device information, browser settings, and other technical information collected through cookies and similar technologies

How We Use Your Information

We process your personal data for the following purposes and legal bases:

• Service Provision: To provide menu engineering consultancy services, respond to enquiries, and fulfil our contractual obligations (Legal basis: Contract performance)
• Communication: To communicate with you about our services, respond to your questions, and provide customer support (Legal basis: Legitimate interest)
• Website Improvement: To analyse website usage, improve user experience, and optimise our services (Legal basis: Legitimate interest)
• Marketing: To send you information about our services and industry insights, only with your consent (Legal basis: Consent)
• Legal Compliance: To comply with legal obligations and protect our rights and interests (Legal basis: Legal obligation)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with:

• Service Providers: Third-party companies that provide services on our behalf, such as website hosting, analytics, and email services
• Professional Advisers: Legal, accounting, and other professional advisers when necessary for business operations
• Legal Authorities: When required by law or to protect our rights and interests
• Business Transfers: In connection with any merger, acquisition, or sale of business assets

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Specifically, we retain contact information for up to 7 years after our last interaction, website usage data for up to 2 years, and business consultation data for up to 10 years as required by Dutch business regulations. When data is no longer needed, we securely delete or anonymise it.

International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved mechanisms to protect your data.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

• Access: Request access to your personal data and information about how we process it
• Rectification: Request correction of inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data in certain circumstances
• Restriction: Request restriction of processing in certain circumstances
• Portability: Request transfer of your personal data to another organisation
• Objection: Object to processing based on legitimate interests or for marketing purposes
• Withdraw Consent: Withdraw consent where processing is based on consent

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have questions about this Privacy Policy, want to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Supervisory Authority

If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).