Privacy Policy

Introduction

Commonix B.V. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, process, and protect your personal data when you use our website and services, in compliance with the General Data Protection Regulation (GDPR) and Dutch privacy laws.

Data Controller

Commonix B.V. is the data controller responsible for your personal information. Our contact details are:

Data Collection

The data we collect includes personal information that you voluntarily provide to us and information that is automatically collected when you visit our website. We collect the following types of information:

• Personal identification information (name, email address, phone number)
• Business information (company name, job title, business requirements)
• Communication data (messages, inquiries, support requests)
• Website usage data (IP address, browser type, pages visited, time spent)
• Cookies and tracking data (as described in our Cookie Policy)

How We Use Your Information

We explain how we use your information for various legitimate business purposes. The use of your data is based on the following legal grounds under GDPR:

• Contract Performance: To provide our commercial leasing services and fulfill our contractual obligations
• Legitimate Interest: To improve our services, communicate with you, and conduct business operations
• Consent: For marketing communications and non-essential cookies (where required)
• Legal Obligation: To comply with applicable laws and regulations

Legal Basis for Processing

Under GDPR, we process your personal data based on one or more of the following legal bases: your consent, performance of a contract, compliance with legal obligations, protection of vital interests, performance of tasks in the public interest, or our legitimate interests in providing and improving our services.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• With trusted service providers who assist us in operating our business
• When required by law or to protect our legal rights
• In connection with a business transaction (merger, acquisition, etc.)
• With your explicit consent for specific purposes

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Generally, we retain contact information for active business relationships and for up to 7 years after the last contact for potential future business opportunities, unless you request deletion or a shorter retention period is required by law.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request information about the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing where applicable

Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments.

International Data Transfers

As we operate primarily within the European Union, your data is generally processed within the EU. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services constitutes acceptance of the revised policy.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding privacy matters, please reach out using the following contact information:

Supervisory Authority

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.