Privacy Policy

1. Controller

Proofen B.V. ("Proofen", "we", "us") is the controller of personal data processed through this website and our services. We are located in Hendrik-Ido-Ambacht, Netherlands. You can reach us at info@proofen.nl.

2. Data We Collect

We collect personal data that you voluntarily provide to us, including:

• Contact information: name, email address, company name
• Account data: login credentials when you create an account
• Communication data: messages you send through our contact forms
• Device data: serial numbers, model information, and grading data for devices you submit for verification

We also automatically collect certain data when you visit our website, including IP address, browser type, pages visited, and referring URL. See our Cookie Policy for details.

3. Purpose and Legal Basis

We process your personal data for the following purposes:

• Contract performance: To provide our device verification services, generate reports, and manage your account.
• Legitimate interest: To improve our services, communicate with you about your inquiries, and ensure the security of our platform.
• Consent: To send you marketing communications if you have opted in (waitlist signups).
• Legal obligation: To comply with applicable laws, such as tax and accounting obligations.

4. Data Sharing

We do not sell your personal data. We may share data with service providers who help us operate our platform (hosting, email delivery, payment processing), all under strict data processing agreements. Device verification data (grades, reports) is shared with your designated buyers only when you explicitly share a batch URL.

5. Data Transfers

Your data is primarily stored within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

6. Data Retention

We retain your personal data for as long as necessary to provide our services or as required by law. Account data is retained until you request deletion. Device verification data is retained for 2 years after the last activity on your account, unless a longer retention period is required by law.

7. Your Rights

Under the GDPR, you have the following rights:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time

To exercise any of these rights, contact us at info@proofen.nl. We will respond within 30 days.

8. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or alteration. This includes encryption in transit and at rest, access controls, and regular security assessments.

9. Complaints

If you believe we are not handling your data correctly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

10. Changes

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "last updated" date. We encourage you to review this page periodically.