Legal

Privacy Policy

Last updated: February 27, 2026

1. Introduction

Tricion Consultancy ("we", "us", or "our"), operated by Ivan van der Schuit, is committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website at tricionstudio.com or engage with our services.

2. Data Controller

The data controller responsible for your personal data is:

Tricion Consultancy

Ivan van der Schuit

The Netherlands

Email: [email protected]

3. Data We Collect

We collect and process the following categories of personal data:

3.1 Data You Provide Directly

  • Contact form submissions: name, email address, and message content
  • Email correspondence: any personal data you include in direct emails

3.2 Data Collected Automatically

  • Technical data: IP address, browser type and version, operating system, referral source, device type
  • Usage data: pages visited, time spent on pages, navigation paths
  • Cookie data: see our Cookie Policy for details

4. Legal Basis for Processing

Under Article 6 of the GDPR, we process your personal data on the following legal bases:

  • Consent (Art. 6(1)(a)): when you submit a contact form or accept non-essential cookies
  • Contractual necessity (Art. 6(1)(b)): to perform or prepare a consulting engagement
  • Legitimate interests (Art. 6(1)(f)): to operate and improve our website, ensure security, and respond to inquiries
  • Legal obligation (Art. 6(1)(c)): to comply with applicable laws and regulations

5. Purpose of Processing

We use your personal data for the following purposes:

  • Responding to your inquiries and contact form submissions
  • Providing consulting services and managing client relationships
  • Operating, maintaining, and improving our website
  • Ensuring the security and integrity of our website
  • Complying with legal obligations

6. Data Sharing and Third Parties

We do not sell your personal data. We may share your data with the following categories of recipients:

  • Email service provider (Resend): to process and deliver contact form submissions
  • Hosting provider (Vercel): to host and serve our website

These third parties process data on our behalf and are contractually bound to protect your data in compliance with GDPR.

7. International Data Transfers

Some of our third-party service providers (such as Vercel and Resend) may process your data outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including EU-approved Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission, in accordance with Chapter V of the GDPR.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Contact form data: retained for up to 12 months after your last interaction, unless a client relationship is established
  • Client data: retained for the duration of the engagement plus 7 years for legal and tax purposes
  • Server logs: automatically deleted after 30 days

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15): obtain confirmation of whether we process your data and request a copy
  • Right to rectification (Art. 16): request correction of inaccurate or incomplete data
  • Right to erasure (Art. 17): request deletion of your personal data ("right to be forgotten")
  • Right to restriction (Art. 18): request restriction of processing in certain circumstances
  • Right to data portability (Art. 20): receive your data in a structured, machine-readable format
  • Right to object (Art. 21): object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3)): withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days.

10. Right to Lodge a Complaint

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

Autoriteit Persoonsgegevens

Hoge Nieuwstraat 8, 2514 EL Den Haag

The Netherlands

Website: autoriteitpersoonsgegevens.nl

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes HTTPS encryption for all data in transit and secure hosting infrastructure.

12. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

For any questions or concerns about this Privacy Policy or our data practices, contact us at:

Tricion Consultancy

Email: [email protected]