Privacy Policy

Introduction

SmartOpalium B.V. ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our services, or interact with us. This policy applies to all data we collect through our website and services.

Data Controller Information

The data controller responsible for your personal information is SmartOpalium B.V., a company registered in the Netherlands with registration number NL83726194. Our registered office is located at Hoofdstraat 212, 1336 RS Almere, Flevoland, Netherlands.

Data Collection

We collect personal data we collect through various means when you interact with our website and services. The types of personal information we may collect include:

• Contact information (name, email address, phone number, postal address)
• Professional information (occupation, investment experience, financial objectives)
• Communication records (emails, phone calls, meeting notes, enquiry forms)
• Website usage data (IP address, browser type, pages visited, time spent on site)
• Marketing preferences and communication history
• Any other information you voluntarily provide to us

How We Use Your Information

We process your personal data for various purposes based on legitimate business interests, your consent, or to fulfil our contractual obligations. Specifically, how we use your information includes:

• Providing property investment consultation and advisory services
• Responding to your enquiries and communicating with you
• Processing and managing your investment requirements
• Sending you relevant information about our services and market updates
• Improving our website functionality and user experience
• Complying with legal and regulatory obligations
• Protecting our business interests and preventing fraud

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds: legitimate interests for business operations and service improvement, contractual necessity for providing our services, legal compliance with regulatory requirements, and your explicit consent for marketing communications and optional data processing activities.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information with trusted service providers who assist us in operating our website and conducting our business, professional advisors such as lawyers and accountants, regulatory authorities when required by law, and third parties in connection with a business transfer or acquisition.

Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Generally, we retain client information for seven years after the end of our business relationship, marketing data until you withdraw consent, and website analytics data for 26 months.

Your Rights

Under GDPR and applicable data protection laws, your rights include:

• Right of access to your personal data
• Right to rectification of inaccurate or incomplete data
• Right to erasure (right to be forgotten)
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include secure data transmission protocols, access controls and authentication systems, regular security assessments and updates, and staff training on data protection practices.

International Data Transfers

As we operate primarily within the European Union, most of your personal data is processed within the EU/EEA. If we need to transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the following information:

Supervisory Authority

If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.