Puterize

Privacy Policy

Last updated: March 2026

1. Introduction

Puterize ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web-based applications and services (the "Service").

This policy complies with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Dutch Implementation Act of the GDPR (UAVG), and the EU Artificial Intelligence Act (Regulation (EU) 2024/1689).

2. Data Controller and Data Protection Officer

The data controller responsible for your personal data is:

  • Puterize
  • Registered Address: [Address in the Netherlands]
  • Email: privacy@puterize.com

Our Data Protection Officer can be reached at dpo@puterize.com. If you have any questions about this Privacy Policy or our data practices, including questions about how we process your personal data or wish to exercise your GDPR rights, please contact us using the details above.

You have the right to lodge a complaint with the Dutch supervisory authority (Autoriteit Persoonsgegevens, AP) at https://www.autoriteitpersoonsgegevens.nl or by mail to P.O. Box 25174, 2502 CL The Hague, Netherlands.

3. Personal Data We Collect

We may collect the following categories of personal data:

3.1 Identity Data

  • Full name
  • Email address
  • Phone number (optional)
  • Profile picture (optional)
  • Company name (if applicable)

3.2 Technical Data

  • IP address
  • Browser type and version
  • Operating system
  • Device information (device type, operating system version)
  • Access times and pages viewed
  • Time zone setting
  • Browser plug-in types and versions

3.3 Usage Data

  • Features used within the Service
  • Interaction data with the Service
  • Click patterns and navigation paths
  • Session duration

3.4 Content Data

  • Timeline events you create
  • Tasks and projects you manage
  • Articles and series you publish
  • Files and documents you upload
  • Comments and messages you send
  • Any content you submit to the Service

3.5 Location Data

  • Geographic location derived from IP address
  • Precise location (only when you explicitly enable it)

3.6 Marketing and Communications Data

  • Marketing preferences
  • Communication preferences
  • Survey responses (if applicable)

4. Legal Basis for Processing

We process your personal data based on the following GDPR legal bases:

4.1 Performance of Contract (Art. 6(1)(b) GDPR)

Processing necessary for the performance of a contract to which you are a party, such as providing the Service you request. This includes: account creation, authentication, providing access to the Service, processing and storing your content, and providing customer support.

4.2 Legitimate Interests (Art. 6(1)(f) GDPR)

Processing necessary for our legitimate interests, which include:

  • Improving and developing our Service
  • Ensuring network and information security
  • Preventing fraud and abuse
  • Direct marketing of similar services to existing customers
  • Internal administrative purposes
  • Establishing, exercising, or defending legal claims

We have conducted a legitimate interests assessment to ensure your rights and freedoms do not override our interests. You have the right to object to this processing (see Section 9).

4.3 Consent (Art. 6(1)(a) GDPR)

Where you have provided consent, such as for:

  • Marketing communications
  • Optional location services
  • Non-essential cookies and tracking technologies
  • Enhanced personalization features

You may withdraw your consent at any time by contacting us or updating your preferences.

4.4 Legal Obligation (Art. 6(1)(c) GDPR)

Processing necessary for compliance with legal obligations we are subject to, including: tax and accounting obligations, responding to legal requests from authorities, and complying with anti-money laundering regulations.

5. How We Use Your Data

We use your personal data for the following purposes:

  • Service Provision: Providing, maintaining, and improving the Service
  • Account Management: Creating and managing your account, authenticating your identity, and providing access
  • Payment Processing: Processing your transactions and subscriptions
  • Customer Support: Responding to your comments, questions, and requests
  • Communications: Sending you technical notices, updates, support messages, and security alerts
  • Marketing: Communicating with you about products, services, and events that may interest you (with your consent)
  • Analytics: Monitoring and analyzing trends, usage, and activities to improve the Service
  • Security: Detecting, investigating, and preventing fraudulent transactions, abuse, and security incidents
  • Legal Compliance: Complying with legal obligations and responding to lawful requests
  • Business Transfers: Evaluating or conducting mergers, sales of company assets, or acquisitions

6. Data Recipients and Transfers

We may share your personal data with the following categories of recipients:

6.1 Service Providers (Data Processors)

Companies that provide services on our behalf, bound by data processing agreements:

  • Cloud hosting providers (infrastructure)
  • Payment processors
  • Analytics providers
  • Email and communication service providers
  • Customer support systems
  • Security and monitoring services

6.2 Business Transfers

In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business. In such cases, your data may be transferred as a business asset.

6.3 Legal Requirements

When required by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, regulatory requests). We will only disclose information necessary to comply with the legal obligation.

6.4 Protection of Rights

To protect our rights, privacy, safety, or property, including enforcing our Terms of Service, and to investigate potential violations thereof.

We do NOT sell your personal data to third parties. We do not provide your personal data to third parties for their own marketing purposes without your explicit consent.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including countries that may not provide the same level of data protection as your home country.

When we transfer personal data outside the EEA, we ensure that appropriate safeguards are in place:

  • EU Standard Contractual Clauses: We use the European Commission's Standard Contractual Clauses (SCCs) for transfers to third countries
  • Adequacy Decisions: For transfers to countries with an adequacy decision from the European Commission
  • Binding Corporate Rules: For intra-group transfers within our corporate group

You may request a copy of the safeguards we have implemented by contacting us at privacy@puterize.com.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it. The retention period depends on the type of data and the purpose of processing:

  • Account Data: Retained for the duration of your account and for 2 years after account deletion for legal compliance and dispute resolution
  • Content Data: Retained until you delete your content or account; deleted content is removed within 30 days
  • Usage Analytics: Retained for 12 months in anonymized form
  • Marketing Data: Retained until you withdraw consent or object to processing
  • Transaction Records: Retained for 7 years for tax and accounting compliance
  • Security Logs: Retained for 12 months for security purposes

When we no longer need your personal data, we will securely delete or anonymize it. Where we are required by law to retain certain data (e.g., for tax purposes), we will restrict processing of that data to the legally required purposes only.

9. Your GDPR Rights

You have the following rights regarding your personal data. To exercise any of these rights, please contact us at privacy@puterize.com:

9.1 Right to Access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and where so, to request access to your personal data and a copy of the data.

9.2 Right to Rectification (Art. 16 GDPR)

You have the right to request correction of inaccurate personal data and to have incomplete personal data completed.

9.3 Right to Erasure (Art. 17 GDPR)

You have the right to request deletion of your personal data ("right to be forgotten") in certain circumstances, such as where the data is no longer necessary for the original purpose, or where you withdraw consent.

9.4 Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing, meaning we may store your data but not further process it while a dispute is resolved.

9.5 Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller without hindrance.

9.6 Right to Object (Art. 21 GDPR)

You have the right to object to processing based on legitimate interests or public interest. We will stop processing unless we have compelling legitimate grounds that override your rights. You may also object to direct marketing at any time.

9.7 Right to Withdraw Consent (Art. 7(3) GDPR)

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing before the withdrawal.

Response Time: We will respond to your request within one month. This period may be extended by an additional two months for complex requests or if we receive multiple requests. We will inform you if an extension is necessary.

No Fee: We will not charge a fee for exercising your rights, except for manifestly unfounded or excessive requests.

Identity Verification: We may require you to verify your identity before processing your request to protect your data.

10. Automated Decision-Making and Profiling

We do not use fully automated decision-making with legal or similarly significant effects on you. Certain features may use automated processing for optimization purposes:

  • Content Recommendations: We may suggest content based on your usage patterns to improve your experience. These are not legally binding decisions.
  • Spam Detection: Automated systems detect and filter spam content.
  • Fraud Prevention: Automated systems analyze patterns to detect potentially fraudulent activity.

You have the right to request human review of decisions made by automated processing and to contest the decision. You may also opt out of personalization features where available.

11. AI Act Transparency (EU AI Act Compliance)

In compliance with the EU Artificial Intelligence Act (Regulation (EU) 2024/1689), we provide the following disclosures:

11.1 AI Systems Used

Our Service may incorporate AI-powered features to enhance user experience:

  • Content recommendations and suggestions
  • Automated categorization and tagging
  • Search optimization
  • Natural language processing for user support

11.2 Transparency Obligations

Where AI systems interact directly with users, we clearly inform users that they are communicating with an automated system. AI-generated content is clearly distinguished from human-created content where applicable.

11.3 Human Oversight

All significant AI-assisted decisions can be reviewed and overridden by humans. Users maintain full control over their content and can opt out of AI-assisted features where available.

11.4 No Prohibited Practices

We do not engage in prohibited AI practices as defined in the AI Act, including social scoring, manipulative techniques, or exploitation of vulnerabilities. We do not use AI systems that pose unacceptable risk as defined in the AI Act.

12. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption: TLS/SSL encryption for data in transit; AES-256 encryption for data at rest
  • Authentication: Secure password hashing (bcrypt) and multi-factor authentication options
  • Access Controls: Role-based access controls and principle of least privilege
  • Monitoring: Security logging and monitoring for suspicious activities
  • Regular Assessments: Regular security audits and vulnerability assessments
  • Staff Training: Mandatory data protection and security training for employees
  • Incident Response: Documented procedures for security incidents and data breaches

While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security.

13. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Dutch supervisory authority (Autoriteit Persoonsgegevens) within 72 hours of becoming aware of the breach.

Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, providing: a description of the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences of the breach, and measures taken or proposed to address the breach.

14. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Cookies are small text files stored on your device when you visit websites.

14.1 Types of Cookies We Use

  • Essential Cookies: Required for the Service to function (e.g., authentication, session management). Cannot be disabled.
  • Functional Cookies: Remember your preferences and settings.
  • Analytics Cookies: Help us understand how users interact with the Service (e.g., Google Analytics).
  • Marketing Cookies: Used to track visitors across websites for advertising purposes (only with your consent).

14.2 Cookie Management

You can control cookies through your browser settings. Most browsers allow you to: (i) see what cookies are stored, (ii) delete specific cookies, (iii) block certain types of cookies, or (iv) block all cookies. Note that disabling essential cookies may prevent the Service from functioning properly.

For more detailed information about the specific cookies we use, their purposes, and retention periods, please contact us at privacy@puterize.com.

You can also manage your cookie preferences through our Cookie Consent Banner that appears when you first visit the Service.

15. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at privacy@puterize.com.

Upon verification, we will delete such personal data from our records.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by: (i) posting the new Privacy Policy on this page; (ii) updating the "Last updated" date; and (iii) for significant changes, providing notice through the Service or email where you have provided a valid email address.

Your continued use of the Service after any changes constitutes acceptance of the new Privacy Policy. We encourage you to review this Privacy Policy periodically.

17. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your GDPR rights, or have concerns about how we handle your personal data, please contact us:

  • Email: privacy@puterize.com
  • Data Protection Officer: dpo@puterize.com
  • Mailing Address: Puterize, [Address], Netherlands

For the right to lodge a complaint with a supervisory authority: Autoriteit Persoonsgegevens (AP), P.O. Box 25174, 2502 CL The Hague, Netherlands. Website: https://www.autoriteitpersoonsgegevens.nl

Back to Home