Privacy Policy

Last updated: January 2026

Introduction

BrightConsortium B.V. ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or use our services.

As a company based in the Netherlands and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and all applicable data protection laws.

Data Controller Information

The data controller for your personal information is:

BrightConsortium B.V.
Molenweg 67
1312 PB Almere
Flevoland, Netherlands
Registration Number: NL56473822
VAT Number: NL001564738B01

Data Collection

We collect personal data that you voluntarily provide to us and information that is automatically collected when you use our website. The data we collect includes:

  • Contact Information: Name, email address, phone number, company name, and business address when you contact us or request our services
  • Communication Data: Messages, enquiries, and correspondence you send to us through our contact forms or email
  • Technical Information: IP address, browser type, device information, operating system, and website usage patterns
  • Analytics Data: Website interaction data, page views, session duration, and user behaviour patterns collected through analytics tools
  • Marketing Data: Preferences for receiving marketing communications and responses to our marketing campaigns

How We Use Your Information

We use your personal data for the following purposes, based on legitimate business interests and legal obligations:

  • Service Provision: To provide our retail consultancy and e-commerce services, respond to your enquiries, and manage our business relationship
  • Communication: To contact you regarding your requests, provide customer support, and send important service-related notifications
  • Business Operations: To improve our services, conduct market research, and develop new products and solutions
  • Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our terms and conditions
  • Marketing: To send you relevant marketing communications about our services, with your consent where required
  • Website Improvement: To analyse website usage, improve user experience, and optimise our digital presence

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Legitimate Interests: For business operations, service improvement, and marketing communications
  • Contract Performance: To fulfil our contractual obligations when providing services
  • Consent: For marketing communications and certain types of cookies, where required
  • Legal Obligation: To comply with applicable laws and regulations

Data Sharing and Third Parties

We may share your personal data with trusted third parties in the following circumstances:

  • Service Providers: Technology partners, analytics providers, and other service providers who assist in our operations
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Transfers: In connection with a merger, acquisition, or sale of business assets
  • Consent: When you have explicitly consented to the sharing

We ensure that all third parties are bound by appropriate data protection agreements and maintain adequate security measures.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy:

  • Contact Information: Retained for up to 7 years after last contact for business and legal purposes
  • Marketing Data: Retained until you withdraw consent or for 3 years of inactivity
  • Analytics Data: Typically retained for 26 months in accordance with Google Analytics settings
  • Legal Records: Retained as required by applicable law and regulation

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request access to your personal data and information about how we process it
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of processing in specific situations
  • Right to Data Portability: Request transfer of your data to another organisation
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the information provided below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Employee training on data protection principles
  • Incident response procedures

International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules or other approved mechanisms

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Privacy Officer
Email: [email protected]
Phone: +31 367735384
Address: Molenweg 67, 1312 PB Almere, Netherlands

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information.

This Privacy Policy is governed by Dutch law and the General Data Protection Regulation (GDPR). For any disputes arising from this policy, the courts of the Netherlands shall have jurisdiction.