Privacy Policy

This Privacy Policy explains how graviroluxae B.V. collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring transparency in our data processing practices.

Last Updated: January 2026

Data Controller Information

graviroluxae B.V. is the data controller for the personal data we collect and process. You can contact us using the information provided in the contact section below.

Company Details:

• Company Name: graviroluxae B.V.
• Registration Number: KvK64312597
• VAT Number: NL642536174B02
• Address: Rozengracht 127, 3077 NA Rotterdam, South Holland, Netherlands

Data We Collect

The data we collect includes information you provide directly to us and information automatically collected through your use of our website and services. We collect the following types of personal data:

Information You Provide

• Contact information (name, email address, phone number)
• Institution details and professional information
• Messages and communications sent through our contact forms
• Service preferences and requirements
• Account information for our analytics platform

Automatically Collected Information

• Website usage data and analytics information
• IP address and location data
• Device and browser information
• Cookies and similar tracking technologies
• Page views, session duration, and navigation patterns

How We Use Your Information

We use the personal data we collect for legitimate business purposes, including how we use your information to provide our services, improve our platform, and communicate with you effectively:

• Providing and delivering our educational analytics services
• Responding to your enquiries and providing customer support
• Improving our website and services based on user feedback
• Sending relevant updates about our services and industry insights
• Complying with legal obligations and protecting our rights
• Analysing website performance and user engagement
• Preventing fraud and ensuring platform security

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Legitimate Interest: For business operations, website analytics, and service improvement
• Contract Performance: To provide our analytics services and fulfil contractual obligations
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information with:

• Service providers who assist in delivering our services
• Analytics providers (such as Google Analytics) to understand website usage
• Legal authorities when required by law or to protect our rights
• Business partners with your explicit consent

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this privacy policy. The data retention periods vary depending on the type of information and the purpose for processing:

• Contact form submissions: 3 years from last contact
• Website analytics data: 26 months (Google Analytics default)
• Customer account data: Duration of service relationship plus 7 years for legal compliance
• Marketing communications: Until you unsubscribe or withdraw consent

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing based on consent

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection practices
• Secure hosting and infrastructure providers

International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal data, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last Updated" date.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out using the following contact information:

• Privacy Email: privacy@graviroluxae.pro
• General Contact: contact@graviroluxae.pro
• Phone: +31 108789675
• Address: Rozengracht 127, 3077 NA Rotterdam, South Holland, Netherlands

Supervisory Authority

You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not complied with applicable data protection laws. You can contact them at autoriteitpersoonsgegevens.nl.