Privacy & Cookie Policy – TokenMe B.V.

Privacy Policy

Last updated: October 7, 2025

1. Introduction

TokenMe B.V. (“we”, “our”, “us”) respects the privacy of all visitors to our website and customers.
This Privacy & Cookie Policy explains how we collect, use, store, and protect personal data, as well as your rights under the EU General Data Protection Regulation (GDPR) and the Dutch Implementation Act (UAVG).
This policy applies to our website www.token-me.com and all related services.

2. Data Controller

TokenMe B.V.
Wilhelmina van Saturnusstraat 60, unit 22, 2516 AH The Hague, The Netherlands
Chamber of Commerce: 78523036
Email: info@token-me.com

3. Personal Data We Collect and Why

We only collect personal data necessary for specific purposes. Typical examples include:
- Website management and security (IP address, device logs)
- Contact form responses (name, email, message content)
- Client and billing data (name, address, VAT, invoice details)
- Marketing and newsletters (name, email – only with consent)
- Analytics and cookies (aggregated and anonymised usage data)

Legal bases: performance of a contract, legitimate interest, legal obligation, or consent.

4. Cookies and Tracking Technologies

Our website uses cookies to enhance functionality and user experience. Types of cookies used:
- Functional cookies (required for site functionality)
- Analytical cookies (used to understand website traffic; anonymised where possible)
- Tracking/marketing cookies (only used with prior consent)

You can manage or withdraw your consent at any time via your browser settings or our cookie banner.

5. Data Sharing and Processing

We only share personal data with trusted third parties (processors) when necessary for service provision, legal compliance, or with your explicit consent.
When data is transferred outside the EEA, it is done with appropriate safeguards such as EU adequacy decisions or Standard Contractual Clauses.

6. Data Retention

We retain personal data only as long as necessary for the purposes collected or as required by law. Examples:
- Customer and invoice data: up to 7–10 years (legal obligation)
- Contact form and correspondence: up to 1 year after last contact
- Analytics: typically 6–24 months

7. Security

We apply appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse. In the event of a data breach, we will notify the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and affected individuals where required.

8. Your Rights

Under the GDPR, you have the right to:
- Access your data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing (including profiling and marketing)
- Withdraw consent at any time

Requests can be submitted via info@token-me.com.

We respond within one month (extendable by one additional month for complex requests).

9. Automated Decision-Making

TokenMe does not use automated decision-making or profiling that produces legal or significant effects on individuals.

10. Changes to This Policy

We may update this Privacy & Cookie Policy from time to time. Updates will be posted on our website with a new effective date. We encourage you to review this page periodically.

11. Contact & Complaints

If you have any questions or complaints about this policy or your personal data, please contact us at info@token-me.com.
If you believe your data protection rights have been violated, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): https://autoriteitpersoonsgegevens.nl/en