Privacy & cookies
IT Mind respects the privacy of the executives, clients and visitors it works with. This statement explains which personal data we process, on what legal basis, for how long, and what rights you have under the EU General Data Protection Regulation (GDPR / AVG).
1. Controller
The controller for the processing of personal data described in this statement is:
- Practice
- IT Mind — Bert Feberwee
- Address
- The Netherlands
- KvK
- 34158192
- BTW / VAT
- NL810245814B01
- bert.feberwee@itmind.nl
- Phone
- +31 6 31 67 02 19
2. What we process and why
We process personal data only to the extent needed to deliver the advisory engagement, to comply with our legal obligations, and to maintain professional correspondence.
Contact & correspondence
If you contact us by email, telephone, LinkedIn or via this website, we process your name, contact details and the content of the message. Legal basis: legitimate interest (responding to a business enquiry) or, where you are a prospective client, the steps taken prior to entering into an agreement.
Engagement delivery
In the course of an advisory engagement we process the personal data of client representatives that is necessary for performance of the agreement — typically names, work email addresses, telephone numbers and role information. Legal basis: performance of a contract.
Invoicing & administration
For invoicing and the statutory financial administration we process billing details and transaction data. Legal basis: compliance with a legal obligation (Dutch tax law) and performance of a contract.
3. Retention
Personal data is kept no longer than necessary for the purpose for which it was collected:
- Email correspondence: up to 24 months after the last contact, unless part of an active engagement file.
- Engagement files: for the duration of the engagement and up to 7 years after, in line with the statutory retention period for financial records.
- Invoicing and accounting records: 7 years, as required under Dutch tax law.
4. Sharing with third parties
IT Mind does not sell personal data. Data is shared only with processors that support the practice — for example an accountant, email provider and hosting provider — under written processing agreements, and only where strictly necessary. Data is not transferred outside the European Economic Area unless an adequate level of protection is ensured under the GDPR.
5. Security
We take appropriate technical and organisational measures to protect personal data against loss, unauthorised access and other forms of unlawful processing — including encrypted email transport, access controls and limited data retention.
6. Your rights
Under the GDPR you have the right to request access to, rectification of or erasure of your personal data, to object to or restrict processing, and to data portability. To exercise any of these rights, please contact bert.feberwee@itmind.nl. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.
7. Cookies
This website does not use tracking cookies, advertising cookies or third-party analytics that profile visitors. Only strictly functional, first-party storage is used where required for the site to render correctly. No consent banner is shown because no consent-requiring cookies are set.
8. Changes to this statement
We may update this statement to reflect changes in legislation or in our practice. The "last updated" date at the top of the page reflects the most recent version.