Privacy Policy
This privacy policy describes how Serenisec (“Serenisec” or “we”) collects and uses the personal data which you either leave through footprints and/or provide when you visit our website, serenisec.nl, and use the various services and activities we offer.
- Collection of personal data
- Use of personal data, purpose and legal basis
- Retention
- Consent
- Security
- Automated processing and security tools
- Your rights
- Links to other websites
- Amendments of this privacy policy
- Contact
1. Collection of personal data
We always inform you before we collect your personal data. The only personal data we collect is the data you voluntarily submit through our contact form or choose to send us by email. This may include your name, email address, telephone number, job title, and company name.
Please note that some personal data is necessary in order for us to respond to your request. Each relevant form will indicate whether it is mandatory or optional for you to provide the personal data. Mandatory fields are marked with a star (*). If you decide not to provide the personal data in question, you may not be able to use the function — for instance, we cannot reply to a request without your contact information.
If you provide personal data about persons other than yourself, you must ensure that you have obtained consent from those persons to share their personal data with us.
Personal data is collected when you:
- Fill in a contact form
- Send us an email
2. Use of personal data, purpose and legal basis
The personal data we collect is used solely for the following purposes:
- Handling requests received from you
- Providing customer support and communication
We will only use your personal data for the purposes stated above. We will not use your personal data for marketing activities without your prior and explicit consent.
In certain circumstances and according to legislation, it may be necessary to disclose data to public authorities. We may also disclose your personal data in order to establish, exercise or defend our legal rights.
3. Retention
Serenisec will delete your personal data when we no longer need it in order to fulfil the above-mentioned purposes. We may process your personal data for longer in an anonymised form, or if we are obliged or entitled to do so pursuant to applicable legislation.
4. Consent
When you use our website, we may collect and process your personal data based on your consent.
You may withdraw your consent at any time by contacting us (see section 9 below). If you withdraw your consent, we will stop processing your personal data, unless we are entitled or obliged to continue on another legal basis. Withdrawal of consent will not affect the lawfulness of processing prior to the withdrawal.
5. Security
We have implemented appropriate technical and organisational security measures to ensure an adequate level of security for your personal data. We use our best efforts to ensure the confidentiality and integrity of the personal data we process.
6. Automated processing and security tools
To protect the security of our website and infrastructure, we use CrowdSec, a collaborative cybersecurity solution. In this context, CrowdSec processes only contextualised IP addresses — specifically the date, time, and type of security incident associated with an IP address. No directly identifying personal data (such as your name or email address) is processed or shared through this mechanism.
CrowdSec uses automated techniques to assess the reliability of IP addresses and determine whether to include them on an exclusion list. This constitutes automated profiling within the meaning of the GDPR. You have the right to object to this profiling at any time by contacting us (see section 10 below).
Where members of the CrowdSec ecosystem apply restrictive measures based on this profiling — for example, blocking access to a website — this may constitute automated decision-making within the meaning of Article 22(1) GDPR, if such measures produce legal effects or similarly significantly affect the users of the IP addresses concerned. Please note that it is CrowdSec’s clients (including Serenisec) who carry out these automated decisions and are therefore responsible for such processing.
If you exercise your rights in connection with CrowdSec processing, your contact data will be retained solely to respond to your request. It will not be shared with other members of the CrowdSec ecosystem and will not appear in any lists of contextualised IP addresses.
7. Your rights
You have the right to access the personal data we process and store about you, subject to certain statutory exceptions. You also have the right to:
- Object to the collection and further processing of your personal data
- Request rectification of your personal data
- Request restriction of the processing of your personal data
- Request erasure of your personal data, unless we are required to retain it on another legal basis
- Request a portable copy of your personal data in a structured, commonly used and machine-readable format
To exercise any of these rights, please contact us (see section 10 below). We will reply to your request as soon as possible and no later than one month.
If you disagree with how we process your personal data, you may lodge a complaint with the Dutch data protection authority:
| Country | Contact details of the data protection authority |
|---|---|
| The Netherlands | Autoriteit Persoonsgegevens Postbus 93374 2509 AJ Den Haag Tel: +31 (0)70 888 85 00 Website: autoriteitpersoonsgegevens.nl |
| Estonia | Andmekaitse Inspektsioon (Data Protection Inspectorate) Tatari 39, 10134 Tallinn Tel: +372 627 4135 Website: aki.ee |
8. Links to other websites
Our website may contain links to other websites. We are not responsible for the content of third-party websites or for the procedures of such third parties for collecting and processing personal data. We recommend reading the privacy policy of any third-party website you visit.
9. Amendments of this privacy policy
We reserve the right to amend this privacy policy based on changes in legislation, new technical solutions, or improvements to our website.
10. Contact
If you wish to update, rectify or delete the personal data we hold about you, or if you have any questions regarding this privacy policy, please contact us:
Serenisec — The Netherlands Email: privacy@serenisec.nl
Serenisec — Estonia Email: privacy@serenisec.nl
Version 1 — March 3, 2026