Privacy Policy

Who we are

This privacy policy applies to vandijksecurity, a sole proprietorship registered in the Netherlands (KVK: 97411515), operating under the website vandijksecurity.com and vandijksecurity.nl.

Van Dijk Security provides custom AWS cloud solutions, web development, and related managed services to business clients. For the purposes of the General Data Protection Regulation (GDPR), Van Dijk Security acts as the data controller for personal data collected through this website.

Questions about this policy can be directed to: info@vandijksecurity.com

What data we collect

We only collect personal data that you voluntarily provide to us. This website does not use tracking scripts, third-party analytics, or advertising pixels.

We do not collect sensitive personal data (such as health data, financial details, or identification documents) through this website. We do not knowingly collect data from individuals under the age of 16.

Why we collect it

Personal data collected through this website is used solely for responding to your enquiry, message, requested quote, consultation, maintaining the website, and complying with legal obligations.

We will never use your contact details to send you unsolicited marketing emails. We will never sell, rent, or share your personal data with third parties for their own marketing purposes.

Legal basis for processing

Under the GDPR, we must have a legal basis for each way we process your personal data. Our legal bases are as follows:

Legitimate interests (Article 6(1)(f) GDPR) — Responding to enquiries you send us and maintaining server logs for website security are within our legitimate business interests, and we believe these interests are not overridden by your rights and freedoms.

Contract performance (Article 6(1)(b) GDPR) — If you engage vandijksecurity for a project or service, we process your data as necessary to fulfil that contract.

Legal obligation (Article 6(1)(c) GDPR) — We may process and retain certain data to comply with Dutch and EU legal requirements, including tax and accounting obligations.

How long we keep your data

We do not retain personal data longer than necessary for the purpose it was collected.

After the applicable retention period, data is securely deleted or anonymised.

Who we share your data with

Van Dijk Security does not sell or commercially share personal data. We may share data with the following categories of service providers where strictly necessary to operate the business:

Hosting & infrastructure providers — This website and associated services are hosted on Amazon Web Services (AWS), which may process technical data on our behalf as a data processor. AWS operates under a Data Processing Agreement and is certified under applicable frameworks.

Email providers — Emails you send to us are processed through our email provider. We use reputable providers operating within the EU or under Standard Contractual Clauses.

Legal or regulatory bodies — We may disclose data if required to do so by law, court order, or a competent Dutch or EU authority.

We do not transfer personal data outside the European Economic Area (EEA) unless appropriate safeguards are in place (such as Standard Contractual Clauses or an adequacy decision by the European Commission).

Your rights under the GDPR

As a resident of the EU/EEA, you have the following rights regarding your personal data. You can exercise any of these rights by contacting us at info@vandijksecurity.com. We will respond within 30 days.

Right of access - Request a copy of the personal data we hold about you.

Right to erasure - Ask us to correct inaccurate or incomplete data.

Right to erasure - Request deletion of your data ("right to be forgotten"), where no legal obligation requires us to retain it.

Right to restriction - Ask us to limit how we use your data in certain circumstances.

Right to portability - Receive your data in a structured, machine-readable format.

Right to object - Object to processing based on legitimate interests, including any direct marketing.

If you are unsatisfied with our response, you have the right to lodge a complaint with the Dutch data protection authority: Autoriteit Persoonsgegevens (AP) — autoriteitpersoonsgegevens.nl

Cookies

This website uses only essential cookies — small files placed on your device necessary for the website to function. We do not use analytics cookies (such as Google Analytics), advertising cookies, or social media tracking cookies.

Essential cookies do not require your consent under the Dutch Telecommunications Act (Telecommunicatiewet) and the ePrivacy Directive, as they are strictly necessary for the service you have requested.

If this changes in the future (for example, if we add analytics tools), we will update this policy and implement a proper cookie consent mechanism.

Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. Our website is served over HTTPS. Data is stored on AWS infrastructure with industry-standard access controls.

As a cloud solutions professional, security is central to how we build and operate all systems — including our own website and internal processes.

In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Autoriteit Persoonsgegevens within 72 hours as required by Article 33 GDPR, and inform affected individuals where required under Article 34 GDPR.

Contact & complaints

For any questions, requests, or concerns about this privacy policy or how we handle your data, please contact us directly on info@vandijksecurity.com. We prefer to resolve any issues informally before escalation to a supervisory authority.

This policy was last updated in March 2026. We reserve the right to update this policy at any time. Material changes will be communicated via a notice on this website.