Privacy Statement

SIRON B.V.
Last updated: 24 april 2026

1. Who we are

This Privacy Statement explains how SIRON B.V. collects, uses, and protects personal data when you visit our website siron.eu or engage with our services. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Dutch Implementation Act (Uitvoeringswet AVG).

Contact details of the controller

SIRON B.V.
Holterhofweg 280a
7534 PT Enschede
The Netherlands

  • Chamber of Commerce (KVK): 08147849
  • VAT number: NL815869903B01
  • Phone: +31 53 750 30 44
  • Email: [email protected]

SIRON is the “controller” (verwerkingsverantwoordelijke) for the personal data processed through this website.

2. What personal data we collect

When you use our contact form or request a quote

  • Name
  • Business email address
  • Phone number
  • Company name
  • Any additional information you choose to include in your message

When you apply for a job via our Careers page

  • Name and contact details
  • CV, motivation letter, and any further information you choose to share

Automatically when you visit our website

  • IP address
  • Browser type and version
  • Operating system and device type
  • Referring website (if any)
  • Pages viewed, time on site, click behaviour
  • Approximate location (city / country level)
  • Date and time of visit

When you accept cookies

Data collected through analytics and functional cookies (see our Cookie Statement).

3. Why we process your data and on what legal basis

Purpose

Legal basis (GDPR Art. 6)

Responding to your inquiry or quote request

Performance of a contract or pre-contractual steps — Art. 6(1)(b)

Managing ongoing customer relationships and delivering services

Performance of a contract — Art. 6(1)(b)

Improving our website through analytics

Your consent — Art. 6(1)(a)

Protecting our forms and website against spam and abuse via Cloudflare Turnstile

Our legitimate interest in preventing fraud and abuse — Art. 6(1)(f)

Processing job applications

Your consent and pre-contractual steps — Art. 6(1)(a) / (b)

Complying with legal, tax, and accounting obligations

Legal obligation — Art. 6(1)(c)

We do not use your personal data for automated decision-making or profiling with legal effects.

4. Third parties we share data with

We only share personal data with third parties where necessary for the purposes above, and only with parties that meet GDPR requirements. Where the law requires it, we have entered into a Data Processing Agreement (verwerkersovereenkomst) with these parties.

Categories of recipients

  • Hosting provider — stores our website and its data on secure servers
  • Google Ireland Ltd. / Google LLC — Google Analytics and Google Tag Manager, loaded only after you give consent through our cookie banner
  • YouTube (Google) / Vimeo — when you choose to play an embedded video, these providers may receive information about your visit. Videos are blocked until you give consent.
  • Cloudflare, Inc. — content delivery, security services, and Cloudflare Turnstile (bot and spam protection on our forms); may process IP addresses to protect and serve our website
  • IT and communication service providers — e.g. our email provider, where strictly necessary
  • Legal, accounting, or tax advisors — only where required by law or by the performance of a contract
  • Supervisory authorities or law enforcement — only when we are legally obliged to do so

We do not sell your personal data. We do not share your data with third parties for their own marketing purposes.

5. Transfers outside the European Economic Area

Some of our service providers (such as Google and Cloudflare) may process personal data outside the European Economic Area (EEA), particularly in the United States. We rely on these providers only where an appropriate safeguard is in place, such as:

  • Certification under the EU–U.S. Data Privacy Framework (DPF), or
  • Standard Contractual Clauses (SCCs) adopted by the European Commission, combined with supplementary technical and organisational measures where needed.

You can request more information about these safeguards by contacting us.

6. How long we keep your data

Category

Retention period

Contact form submissions and quote requests

Up to 2 years after last contact, unless a commercial relationship arises

Commercial contracts and related correspondence

7 years (Dutch fiscal retention obligation under Art. 52 AWR)

Job application data (unsuccessful applicants)

4 weeks after the procedure ends — or up to 1 year with your explicit consent

Website analytics data

Up to 14 months

Cookie consent records

Up to 12 months

Server log files

Up to 6 months

After these periods, data will be deleted or fully anonymised.

7. Your rights

Under the GDPR/AVG you have the following rights regarding your personal data:

  • Right of access — obtain confirmation of whether we process your data, and a copy of it
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure — request deletion (“right to be forgotten”) where applicable
  • Right to restriction — ask us to limit how we process your data
  • Right to data portability — receive your data in a structured, commonly used, machine-readable format
  • Right to object — object to processing based on our legitimate interest
  • Right to withdraw consent — at any time, without affecting the lawfulness of processing before the withdrawal

To exercise any of these rights, contact us at [email protected]. We will respond within one month. To verify your identity we may ask for additional information.

If you believe we are not handling your data correctly, you also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

https://autoriteitpersoonsgegevens.nl

8. Cookies

Our website uses cookies and similar technologies. Details on which cookies we use, their purposes, retention periods, and how you can manage your preferences are described in our Cookie Statement.

You can change your cookie preferences at any time by clicking “Cookie Settings” in the footer of our website.

9. Security

We take appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, alteration, or disclosure. These include encrypted connections (HTTPS/TLS), restricted access, access logging, and regular security reviews.

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the Autoriteit Persoonsgegevens within 72 hours and, where legally required, inform the individuals concerned.

10. Changes to this Privacy Statement

We may update this Privacy Statement from time to time, for example when we add new services or when legislation changes. The most recent version will always be available on this page, and the “Last updated” date at the top will reflect any revision.

11. Contact

For any question about this Privacy Statement or about how we handle your personal data, please contact:

SIRON B.V.
Holterhofweg 280a,
7534 PT Enschede, The Netherlands
Email: [email protected]
Phone: +31 53 750 30 44