1. Who are we?
This privacy policy is issued by ITS-Vision, trading under the name The Portal Guys, located at Nieuwstad 70-2, 6811 BM Arnhem.
- KvK: 09154530
- BTW: NL001227326B14
- Email: info@theportalguys.com
- Phone: +31 (0)26 66 90 210
The Portal Guys is the controller for the personal data we process through this website, contact requests, quotations, customer relationships, projects, administration and business communication.
2. Which personal data do we process?
We only process personal data that is necessary for our services, communication, administration and security. This may include, among other things:
- name, company name, position, email address, telephone number and business address details;
- data you enter in a contact form or send to us by email, such as subject, message, requirements, documents and technical context;
- quotation, contract, project, support and invoice data;
- payment and administrative data, including bank account number when necessary for payment or refund;
- technical data about website use, such as IP address, browser, device, pages visited, time of visit and server logs;
- data needed for security, spam detection, error analysis, abuse prevention and the availability of our systems.
We do not intentionally request special-category personal data. Please do not send such data unless it is strictly necessary for your question or assignment.
3. What do we use personal data for?
We process personal data for the following purposes:
- answering contact requests and messages;
- preparing and following up quotations, proposals and agreements;
- performing agreements, projects, support, management and advice;
- relationship management and business communication with customers, suppliers and partners;
- invoicing, payment, accounting, tax obligations and internal administration;
- securing, testing, monitoring and improving our website, systems and services;
- handling complaints, requests, disputes and legal obligations.
4. On which legal bases do we process data?
We only process personal data when there is a valid legal basis. Depending on the situation, that basis is:
- performance of an agreement or steps prior to entering into one, for example for quotations, projects and support;
- legal obligation, for example for statutory tax retention obligations and administration;
- legitimate interest, for example for business communication, security, abuse prevention, evidentiary position and improvement of our services;
- consent, when we explicitly ask for it. Consent can always be withdrawn.
5. Contact form and website
If you contact us through the website, we use the data provided to answer your question and handle your request. We may store technical data to prevent spam, abuse and security incidents.
Our website may use functional cookies and similar technologies that are necessary for the site to work properly. Cookies or tracking that require consent are only placed after consent has been given.
6. With whom do we share personal data?
We do not sell personal data. We only share personal data when necessary for our services, business operations or legal obligations. This may include:
- hosting, IT, email, security and backup providers;
- accounting, payment providers, banks and administrative service providers;
- project, support, CRM and documentation systems;
- legal, tax or other professional advisers;
- government authorities, regulators or courts when required by law.
When third parties process personal data on our behalf, we make arrangements about security, confidentiality and use of that data.
7. Transfers outside the EEA
We prefer to work with parties that process personal data within the European Economic Area. If processing outside the EEA is necessary, we ensure appropriate safeguards, such as an adequacy decision, standard contractual clauses or other measures permitted under the GDPR.
8. How long do we retain data?
We do not retain personal data longer than necessary for the purpose for which we received it, unless a statutory retention period or legitimate interest requires a longer period. In practice, we use, among others, the following periods:
- contact requests and prospect data: in principle no more than 24 months after the last substantive contact, unless a customer relationship is established;
- customer, project and support data: for as long as the relationship continues and afterwards for as long as necessary for management, evidence, warranty, disputes or limitation periods;
- administration, invoices and tax data: 7 years, or longer if required by law;
- server, security and error logs: in principle no more than 12 months, unless longer retention is necessary for security, investigation or legal handling;
- data based on consent: until consent is withdrawn, unless we must retain evidence of consent or withdrawal.
9. Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure and alteration. These include access restrictions, secure connections, updates, backups, logging and agreements with engaged parties.
No digital environment is completely risk-free. If you suspect that data is not properly secured or there are signs of misuse, please contact us immediately.
10. Your rights
Within the limits of the GDPR, you have the right to:
- access your personal data;
- have incorrect data corrected;
- have data deleted;
- have processing restricted;
- object to processing;
- transfer data to yourself or another party;
- withdraw previously given consent.
Send your request to info@theportalguys.com. We may ask for additional information to verify your identity. If you believe that we are not handling your data properly, you can submit a complaint to the Dutch Data Protection Authority.
11. Changes
We may amend this privacy policy when our website, services, legislation or internal processes change. The most current version is always available on this page.