Free Strategy Call

Privacy Policy

Last updated: December 2025

Maxiality (“we”, “us”, “our”) is committed to protecting your privacy.
This Privacy Policy explains what data we collect through our website, how we use it, and what rights you have.

1. Who we are

Maxiality (based in the Netherlands) is the data controller for Maxiality.com.
If you have questions about this policy, you can reach us at: [email protected]

2. What data we collect

a) Information you provide

When you use our contact forms or sign up for our newsletter, we may collect:

  • Your name
  • Your email address
  • Any information you include in your message

We use this information to respond to your inquiry or send you the content you requested.

b) Information collected automatically

When you visit our website, we collect basic technical data such as:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referring URLs
  • Cookies (see section 5)

This data helps us understand website performance and improve user experience.

3. Why we collect your data (legal bases)

We process your data for the following purposes:

PurposeExampleLegal basis
Responding to your contact form messagesanswering inquiriesConsent
Sending newslettersonly when you sign upConsent
Improving our websiteanalytics insightsLegitimate interest
Website security & performancevia hosting & DNSLegitimate interest
Fulfilling legal obligationstax or compliance requirementsLegal obligation

You can withdraw consent at any time by contacting us.

4. How we store and protect your data

Your data is stored on servers hosted by Flexwebhosting (Part of Versio), located in the Netherlands, with appropriate security measures.

We use Cloudflare for DNS management, but Cloudflare does not store your browsing data since we do not use their proxy/CDN services.

We take reasonable technical and organizational measures to keep your data safe.

5. Cookies & analytics

Essential cookies

Our website uses only essential cookies required for basic functionality, security, and performance. These cookies do not store personally identifiable information and cannot be used to track you across other websites. Because they are strictly necessary, they do not require a cookie banner under the ePrivacy Directive.

Examples of essential purposes include:

  • remembering basic technical settings
  • ensuring secure communication with our servers
  • protecting the site from abuse (e.g., firewall or anti-bot measures)

Google Analytics 4 (GA4)

We use Google Analytics 4 to understand how visitors use our website and to improve performance.
Our GA4 setup is configured in a GDPR-compliant, privacy-focused manner, which includes:

  • IP addresses are not logged or stored
  • No advertising features (e.g., Ads Personalization, Remarketing)
  • No User-ID tracking
  • No cross-site identifiers
  • Data retention set to the minimum necessary
  • Only aggregated, anonymized reports are generated
  • No personally identifiable information is sent to Google

Because GA4 is configured without tracking cookies that require consent and without identifiers that can single out a user, a cookie banner is not required.

Google may process aggregated data outside the EU. In such cases, Google relies on Standard Contractual Clauses (SCCs) to ensure GDPR-compliant protection.

You may still choose to disable analytics in your browser settings or via privacy tools if you prefer.

6. How long we keep your data

  • Contact form messages: up to 12 months
  • Newsletter data: until you unsubscribe
  • Analytics cookies: according to GA4’s retention settings (14–26 months)
  • Server logs: up to 90 days, for security and troubleshooting

After that, data is deleted or anonymized.

7. When we share data

We only share data with trusted service providers that help us run our website:

  • Flexwebhosting / Versio (hosting)
  • Google (analytics)
  • Cloudflare (DNS only)

These providers process your data only as instructed and must keep it secure.
We never sell your data.

8. Your GDPR rights

You have the right to:

  • Access your personal data
  • Correct your data
  • Delete your data
  • Restrict processing
  • Object to certain processing
  • Transfer your data to another provider
  • Withdraw consent at any time

To exercise your rights, email [email protected].
We aim to respond within one month.

You may also lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

9. Children

Our website is not intended for individuals under 16, and we do not knowingly collect data from minors.

10. Links to external sites

Our website may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to read their policies.

11. Changes to this policy

We may update this Privacy Policy periodically.
The latest version will always be available on this page.

12. Contact

If you have any questions about this Privacy Policy or your data, contact us at: [email protected]