Skip to content
HOIST IT

Privacy Policy

Privacy policy of HOIST IT B.V. — how we handle your personal data.

Effective date: 2026-03-04

Introduction

HOIST IT B.V. (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and protect your personal information when you visit our website or use our services.

Data Controller

HOIST IT B.V. is the data controller responsible for your personal data. If you have any questions about this privacy policy or our data practices, please contact us at:

HOIST IT B.V. Atoomweg 63, 3542 AA Utrecht, The Netherlands KvK: 97960845

Data We Collect

We do not use analytics scripts, tracking pixels, or advertising cookies. The only personal data we process is information you explicitly share with us, for example through our contact form. This may include:

  • Identity data: name, job title, company name
  • Contact data: email address, phone number

In addition, our security provider Cloudflare processes limited technical data as described in the section below.

How We Use Your Data

We use the data you provide solely for the following purposes:

  • To respond to your inquiry or request
  • To follow up on a conversation you initiated
  • To comply with legal obligations

We do not use your data for marketing, profiling, or automated decision-making.

We process your personal data based on:

  • Your consent — by submitting our contact form, you consent to us processing the data you provide
  • Legitimate interests — to respond to your inquiry and conduct our business

Data Sharing

We do not sell, rent, or trade your personal data. We may share your data with trusted service providers, subject to confidentiality agreements. We may also disclose your data if required by law.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for a maximum of 12 months after our last communication, unless a longer retention period is required by law.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access — request a copy of your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data (“right to be forgotten”)
  • Restriction — request limitation of processing
  • Portability — request transfer of your data to another party
  • Objection — object to processing based on legitimate interests

To exercise any of these rights, please contact us at [email protected].

Security & Bot Protection (Cloudflare)

We use Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to protect our website from DDoS attacks, malicious traffic, and automated bots. As part of this service, Cloudflare processes technical data including IP addresses, HTTP headers, and browser characteristics. Cloudflare may set technically necessary cookies (__cf_bm, cf_clearance) to distinguish legitimate users from automated traffic.

The legal basis for this processing is our legitimate interest in maintaining the security and availability of our website (Art. 6(1)(f) GDPR). Data may be transferred to the United States under Standard Contractual Clauses and the EU-U.S. Data Privacy Framework. We have concluded a Data Processing Agreement with Cloudflare. For more information, see Cloudflare’s Privacy Policy.

We are actively evaluating European alternatives to replace this service.

Cookies

Our website does not use analytics, advertising, or tracking cookies. The only cookies that may be placed are strictly necessary cookies set by Cloudflare for security and bot protection purposes:

  • __cf_bm — used to distinguish humans from bots. Expires after 30 minutes of inactivity.
  • cf_clearance — set after a user successfully passes a Cloudflare challenge. Expires based on security settings.

These cookies are essential for the secure operation of our website and do not require consent under the GDPR. No consent toggle is needed for these cookies, but we disclose them here for transparency.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this privacy policy or wish to exercise your rights, please contact us at [email protected].

Frequently Asked Questions

You can reach us at [email protected] or through the contact form on our website.
We only collect data that you explicitly share with us, for example through the contact form. We do not use cookies, tracking, or analytics.
Send an email to [email protected] requesting deletion. We will process your request within 30 days.
All our agreements are governed by Dutch law. Disputes are submitted to the competent court in Arnhem, the Netherlands.
Contact form submissions are retained for a maximum of 12 months after our last communication, unless a longer period is required by law.
HOIST IT

Atoomweg 63, 3542 AA Utrecht

LinkedIn

Legal

Copyright 2026 HOIST IT. All Rights Reserved