Privacy Policy
Last updated: May 07, 2026
Noldus Information Technology BV ("Noldus", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website noldus.cloud (the "Website").
1. Company Information
Noldus Information Technology BV
Nieuwe Kanaal 5
6709 PA Wageningen
The Netherlands
Email: [email protected]
Phone: +31 317 473 300
2. Data We Collect
2.1 Information You Provide
- Contact Information: Name, email address, phone number, company name when you contact us or request information
- Account Information: Username, password, and profile information if you create an account
- Communication Data: Information in correspondence when you contact us
- Transaction Data: Purchase history, billing information, and payment details
2.2 Information Collected Automatically
- Usage Data: Pages visited, time spent, links clicked, and navigation patterns
- Device Information: Browser type, operating system, device type, and screen resolution
- IP Address: Anonymized IP address (last 2 octets masked for privacy)
- Cookies and Tracking: See our Cookie Policy for details
3. How We Use Your Data
We use your personal data for the following purposes:
- Service Delivery: To provide and maintain our services, process transactions, and fulfill orders
- Communication: To respond to inquiries, send updates, and provide customer support
- Website Improvement: To analyze usage patterns and improve website functionality
- Marketing: To send promotional materials (only with your consent)
- Legal Compliance: To comply with legal obligations and protect our rights
- Security: To detect, prevent, and address technical issues and fraud
4. Legal Basis for Processing (GDPR)
We process your personal data based on:
- Consent: You have given explicit consent for specific purposes (e.g., marketing, analytics cookies)
- Contract: Processing is necessary to fulfill a contract with you
- Legal Obligation: Processing is required by law
- Legitimate Interest: Processing is necessary for our legitimate business interests (e.g., website security, fraud prevention)
5. Data Sharing and Disclosure
We may share your data with:
- Service Providers: Third-party vendors who assist with website hosting, analytics, payment processing, and customer support
- Analytics Services: Matomo Analytics (self-hosted, privacy-focused) for website usage analysis
- Legal Authorities: When required by law or to protect our rights
- Business Transfers: In connection with mergers, acquisitions, or asset sales
We do not sell your personal data to third parties.
6. Data Retention
We retain your personal data only as long as necessary:
- Account Data: Until you request deletion or close your account
- Transaction Data: 7 years (legal requirement for accounting purposes)
- Analytics Data: 26 months maximum
- Marketing Data: Until you withdraw consent or unsubscribe
7. Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restriction: Limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or for marketing
- Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
- Right to Lodge a Complaint: File a complaint with your national data protection authority
To exercise your rights, contact us at [email protected]
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience. For detailed information, please see our Cookie Policy.
You can manage your cookie preferences through our cookie consent banner or your browser settings.
9. Data Security
We implement appropriate technical and organizational measures to protect your data:
- SSL/TLS encryption for data transmission
- IP address anonymization (2 octets masked)
- Secure server infrastructure
- Access controls and authentication
- Regular security audits and updates
While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
10. International Data Transfers
Noldus operates globally with offices in multiple countries. Your data may be transferred to and processed in countries outside the European Economic Area (EEA).
When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
11. Children's Privacy
Our Website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
12. Third-Party Links
Our Website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.
13. Changes to This Privacy Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Significant changes will be communicated via email or website notice.
14. Contact Us
If you have questions about this privacy policy or wish to exercise your rights, please contact us:
Data Protection Officer
Noldus Information Technology BV
Nieuwe Kanaal 5
6709 PA Wageningen
The Netherlands
Email: [email protected]
Phone: +31 317 473 300
15. Supervisory Authority
If you are not satisfied with our response, you have the right to lodge a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ Den Haag
The Netherlands
Website: autoriteitpersoonsgegevens.nl