Privacy Policy

1. Data Controller

AutomateVia is the data controller for the personal data processed through this website and our business communication.

• Trading name: AutomateVia
• Chamber of Commerce (KvK): 99787113
• Privacy contact: hello@automatevia.com
• General contact: hello@automatevia.com

AutomateVia is a sole proprietorship and is not legally required to appoint a Data Protection Officer (DPO). For all privacy requests, please use the email address above.

2. What Personal Data We Process

We process the following categories of personal data:

• When you contact us via form, email or phone: name, business email, phone number, company name, job title, and the content of your message.
• For business outreach: business contact details (name, job title, work email, LinkedIn URL, company name, company address) sourced from public channels such as your employer's website, the Chamber of Commerce (KvK) register, LinkedIn, and professional business directories.
• When you visit the website: technical log data such as IP address, browser type, and pages visited (via Netlify hosting).
• For client engagements: additional data required to deliver the agreed services (such as credentials for systems we're authorised to work on), under a data processing agreement where applicable.

3. Purpose and Legal Basis

We process personal data for the following purposes:

• Responding to inbound enquiries and preparing quotes — basis: performance of or preparation for a contract (Art. 6(1)(b) GDPR).
• Business outreach to professionals at potentially relevant companies (email, LinkedIn) — basis: legitimate interest (Art. 6(1)(f) GDPR). Our interest is identifying businesses that may benefit from AI automation; we focus exclusively on business contact data in a B2B context, limit frequency, and honour every opt-out immediately.
• Delivery of client engagements — basis: performance of contract (Art. 6(1)(b) GDPR).
• Legal obligations (e.g. 7-year retention of accounting records) — basis: legal obligation (Art. 6(1)(c) GDPR).
• Improving our website and services based on aggregated, non-identifiable data — basis: legitimate interest (Art. 6(1)(f) GDPR).

4. Retention Periods

• Contact form and email correspondence: up to 2 years after last contact, unless a client relationship forms.
• Outreach lists and communication logs: up to 2 years after last interaction, or earlier on request.
• Client data and invoicing: 7 years, based on tax retention requirements.
• Server and website logs: up to 12 months.

5. Sharing with Third Parties and Processors

We don't sell personal data. We share data only with processors that support us in delivering our services, under a data processing agreement. Currently these include:

• Hosting and infrastructure providers (incl. Netlify, Google Workspace)
• Email and outreach tooling (e.g. Resend, LinkedIn, SendPilot)
• Accounting and invoicing software

Where processing takes place outside the EEA, we ensure an appropriate level of protection via EU Standard Contractual Clauses (SCCs) or an adequacy decision.

6. Security

We take appropriate technical and organisational measures to protect personal data against loss or unlawful processing, including encrypted connections (HTTPS), access control, and separated storage of client environments. Despite these measures, no method of transmission or storage over the internet is 100% secure.

7. Cookies

This website does not place tracking or marketing cookies. For basic functionality and security, strictly necessary cookies may be used; these don't require consent under the GDPR and ePrivacy Directive. Analytics, if used, are deployed strictly aggregated and without personal identification.

8. Your Rights

Under the GDPR you have the right to:

• Access the personal data we process about you;
• Request correction of inaccurate or incomplete data;
• Request erasure of your data ("right to be forgotten");
• Restrict or temporarily suspend processing;
• Request data portability in a common format;
• Object to processing based on legitimate interest — in particular, to direct marketing / outreach. We honour such objections immediately and unconditionally.
• Withdraw consent previously given.

Send your request to hello@automatevia.com. We respond within 30 days. For verification we may ask for additional information.

9. Opt-out for Business Outreach

If you receive email or LinkedIn messages from us and no longer want them, the following applies:

• Reply to an email with "STOP", "unsubscribe" or similar — we'll remove you from our lists immediately.
• Use the unsubscribe link at the bottom of each message where available.
• Email hello@automatevia.com with "remove me".

Your opt-out is processed within 7 business days. After that we keep only an unsubscribe record (email + date) so we don't accidentally contact you again.

10. Filing a Complaint

Can't resolve an issue with us? You have the right to file a complaint with the Dutch Data Protection Authority at autoriteitpersoonsgegevens.nl.

11. Changes

We may update this privacy policy when our services or regulations require it. The current version is always on this page, with the date of the latest update at the top.

12. Contact

Questions about this privacy policy or the processing of your personal data? hello@automatevia.com.