ENECA B.V. Personal Data Processing Policy

This Personal Data Processing Policy (the "Policy") is designed to inform you about how ENECA B.V. ("we," "us," or "our") collects, uses, discloses, and protects your personal data in accordance with the applicable laws and regulations, including the General Data Protection Regulation (GDPR) (EU) 2016/679, the Dutch Data Protection Act (Uitvoeringswet Algemene verordening gegevensbescherming or UAVG), and any other relevant legislation in the Netherlands.

2.Data Controller
The data controller responsible for the processing of your personal data is:
Kabelweg 57
1014BA Amsterdam
The Netherlands
Email: info@eneca.nl
Phone: +31 970 10282186

This Policy applies to all personal data processing activities carried out by us, including the collection, storage, use, and disclosure of your personal data in connection with the products and services we offer, as well as any data processing performed on our website.

4.Personal Data We Collect
We collect personal data that you provide directly to us or that we obtain from third parties or other sources. The types of personal data we collect may include:
a. Contact information, such as your name, email address, postal address, and phone number;
b. Account information, such as your username, password, and account preferences;
c. Payment and billing information, such as your credit card or bank account details;
d. Usage information, such as your interactions with our website, products, and services;
e. Technical information, such as your IP address, browser type, operating system, and device information;
f. Any other information you choose to provide to us or that we may obtain with your consent.

5.Legal Basis for Processing
We process your personal data based on one or more of the following legal bases:
a. Your consent, which you can withdraw at any time;
b. The performance of a contract or to take steps at your request before entering into a contract;
c. Our legitimate interests or the legitimate interests of a third party, which are balanced against your rights and interests;
d. Compliance with legal obligations, including those arising under the GDPR, the Dutch Data Protection Act, and any other applicable laws.

6.Purposes of Processing
We process your personal data for various purposes, such as:
a. Providing, maintaining, and improving our products and services;
b. Processing transactions and sending related information, such as invoices and order confirmations;
c. Communicating with you, including responding to your inquiries, providing customer support, and sending you marketing communications;
d. Personalizing your experience with our products and services, including offering tailored content, features, and promotions;
e. Conducting research and analysis to improve our products, services, and overall business;
f. Complying with legal obligations, resolving disputes, and enforcing our agreements, including our terms of service and this Policy.

7.Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When we no longer need your personal data, we will securely delete or anonymize it in accordance with applicable laws and our internal data retention policies.

8.Data Sharing and Disclosure
We may share your personal data with third parties under certain circumstances, such as:
a. With your consent;
b. With our service providers, vendors, or partners who perform services on our behalf, subject to appropriate contractual safeguards;
c. To comply with legal obligations, respond to legal requests, or protect our rights and interests, including in connection with any legal proceedings, investigations, or disputes;
d. In connection with a corporate transaction, such as a merger, acquisition, or asset sale, subject to appropriate confidentiality and security measures;
e. With other third parties for legitimate purposes, provided that your rights and interests are protected and the sharing is in accordance with applicable laws.

10.Data Transfers
In some cases, we may transfer your personal data to countries outside the European Economic Area (EEA). When we do so, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with the GDPR and other applicable laws. These safeguards may include:
a. Standard contractual clauses approved by the European Commission;
b. Adequacy decisions issued by the European Commission regarding the recipient country;
c. Binding corporate rules or codes of conduct approved by the relevant data protection authority.

11.Your Rights
Under the GDPR and the Dutch Data Protection Act, you have certain rights in relation to your personal data, including the right to:
a. Access your personal data and receive a copy of it;
b. Rectify any inaccurate or incomplete personal data;
c. Erase your personal data, subject to certain conditions;
d. Restrict the processing of your personal data, subject to certain conditions;
e. Object to the processing of your personal data, particularly when it is based on our legitimate interests;
f. Receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another data controller, where technically feasible (data portability);
g. Withdraw your consent to the processing of your personal data, where applicable, without affecting the lawfulness of processing based on consent before its withdrawal;
h. Lodge a complaint with the relevant data protection authority, which in the Netherlands is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
To exercise any of your rights, please contact us at the contact information provided in Section 2 of this Policy. We will respond to your request within one month, or within the timeframe required by applicable law.

12.Data Security
We take appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures may include encryption, secure storage, access controls, and other security protocols. However, no data transmission or storage system can be guaranteed to be completely secure, and we cannot ensure or warrant the absolute security of your personal data.

13.Third-Party Websites
Our website may contain links to third-party websites or services. This Policy does not apply to the personal data processing activities of such third parties, and we are not responsible for their data protection practices. We encourage you to review the privacy policies of any third-party websites or services before providing them with your personal data.

14.Changes to This Policy
We may update this Policy from time to time to reflect changes in our data processing practices, the legal framework, or other factors. When we update this Policy, we will revise the "Effective Date" at the beginning of the Policy and notify you through our website or other appropriate communication channels.

15.Contact Us
If you have any questions, concerns, or requests related to this Policy or our processing of your personal data, please contact us using the contact information provided in Section 2 of this Policy.