Privacy and cookie statement
Last updated: 1 July 2026
Apptimate B.V. attaches great importance to the protection of your personal data. In this privacy and cookie statement we explain which personal data we process via our website and services, what we use it for and what rights you have. We handle your data with care and comply with the General Data Protection Regulation (GDPR).
1. Who we are (data controller)
Apptimate B.V. is responsible for the processing of personal data as described in this statement.
- CompanyApptimate B.V.
- AddressPostbus 2039, 1990 AA Velserbroek, the Netherlands
- Phone+31 (0)23 5333 538
- E-mailcontact@apptimate.nl
- Chamber of Commerce (KvK)89656202
For questions about this statement or about your personal data, you can contact us using the details above.
2. What data we collect and why
2.1 Contact form
When you fill in the contact form on our website, we process the data you enter yourself:
- Company name (optional)
- Name (required)
- E-mail address (required)
- Your message (required)
We use this data solely to handle your question or message and to contact you. The data you enter is sent to us by e-mail. The form is protected with a simple arithmetic sum (CAPTCHA) to prevent spam and abuse.
Legal basis: your consent and/or taking steps at your request prior to a possible agreement (Article 6(1)(a) and (b) GDPR).
2.2 Visit statistics
To improve our website, we keep limited records of how the website is used. For each visit we record:
- A random, temporary visitor identifier (not traceable to you as a person)
- The page(s) visited and the time of the visit
- The chosen language of the website
This data is stored on our own server and not shared with external analytics services such as Google Analytics. In doing so we do not collect or store IP addresses and use no persistent tracking cookies: the visitor identifier exists only during your browser session and expires afterwards. Automated traffic (bots and crawlers) is filtered out as much as possible and not counted.
Legal basis: our legitimate interest in being able to measure and improve the operation and usability of our website (Article 6(1)(f) GDPR).
2.3 Customers and services
When you purchase a product or service from us, we process the data required to perform the agreement, prepare quotations and handle invoices, such as your name, company details, contact details and invoice details.
Legal basis: the performance of the agreement and compliance with statutory (retention) obligations (Article 6(1)(b) and (c) GDPR).
3. Cookies and local storage
Our website uses only functional cookies and local storage that are necessary for the proper operation of the site. We do not use analytics or marketing cookies and do not place advertising or tracking cookies.
| Name | Type | Purpose | Retention |
|---|---|---|---|
PHPSESSID | Cookie | Functional session: remembers your language choice, the CAPTCHA and the temporary visitor identifier during your visit. | End of the browser session. |
ap-theme | Local storage | Remembers your theme preference (light or dark). | Until you clear it. |
ap-cookies-ok | Local storage | Remembers that you have seen the cookie notice. | Until you clear it. |
No consent is required for placing strictly necessary, functional cookies. You can always delete or block cookies and local storage via your browser settings; however, this may affect the operation of the website.
4. External services and recipients of data
To display our website, we use a few external services. When your browser loads components of these services, your IP address may be passed on to the relevant party, possibly outside the European Economic Area. These are:
- jsDelivr (CDN) – for loading standard layout and display files (Bootstrap and icons).
- Google Fonts – for loading the font in which the website is displayed.
We use these services solely for the correct display of the website and not to track visitors. In addition, data is processed by our hosting provider, which technically hosts our website and e-mail.
Where we engage other parties that process personal data on our behalf for our services, we conclude data processing agreements with them. We do not sell your data to third parties and only share it where necessary for the purposes mentioned above or where we are legally obliged to do so.
5. Artificial intelligence (AI)
We may use artificial intelligence (AI) systems in our services. The following principles apply:
- We do not use your personal data to train public or third-party AI models, unless you have explicitly consented to this.
- We do not take decisions with legal effect based solely on automated processing.
- Where we engage external parties for AI functionality that process personal data, we conclude data processing agreements with them.
6. Retention periods
We do not keep personal data longer than necessary for the purposes for which it was collected:
- Contact requests: up to 12 months after handling your request, unless a business relationship arises that requires longer retention or for which retention is legally required.
- Customer and contract data: for the duration of the agreement and afterwards for as long as necessary or legally required.
- Invoices and accounting: 7 years, based on the statutory retention obligation of the Dutch tax authorities.
- Visit statistics: a maximum of 12 months, after which the data is deleted or anonymised.
7. Security
We take appropriate technical and organisational measures to protect your personal data against loss or unlawful processing. For example, our website is offered over a secure connection (HTTPS) and the administration area is protected with a password. Where necessary, we report any data breaches to the Dutch Data Protection Authority and the data subjects concerned.
8. Your rights
Under the GDPR you have the following rights regarding your personal data:
- Access – you may request which data we process about you.
- Rectification – you may have incorrect data corrected.
- Erasure – you may request that your data be erased ("right to be forgotten").
- Restriction – you may have the processing restricted.
- Objection – you may object to processing based on legitimate interest.
- Portability – you may receive your data in a common format.
- Withdraw consent – where processing is based on your consent, you may withdraw it at any time.
You can submit a request via contact@apptimate.nl. We respond within the statutory period of no more than one month. To prevent abuse, we may ask you to identify yourself.
9. Filing a complaint
Do you disagree with how we handle your personal data? Then you can contact us. You also always have the right to file a complaint with the supervisory authority, the Dutch Data Protection Authority Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl). You may also contact the supervisory authority in your own country.
10. Changes
We may amend this privacy and cookie statement from time to time, for example in the event of changes to our website or to laws and regulations. You will always find the most current version on this page. We recommend that you consult this statement regularly.