NL EN
Request AI Startscan

Privacy statement

Last updated: 28 January 2026

Visstick AI Consultancy attaches great importance to protecting your personal data. In this privacy statement we explain what data we collect, why we do so and what rights you have. We process personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data controller

The controller responsible for your personal data is:

Visstick AI Consultancy

Chamber of Commerce number: 89586069

Address: Baambrugse Zuwe 53

Email: dennisvandongen@visstickconsultancy.nl

Phone: +31 6 44 32 58 95

2. What data we collect

Depending on the service you use or how you contact us, we process the following categories of personal data:

Contact details

  • Full name
  • Email address
  • Phone number
  • Company name and job title

AI Agent interaction data

  • Chat histories and conversation logs
  • Questions asked and information entered
  • Performance analyses of the agent

Technical data

  • IP addresses
  • Browser information and device data
  • Usage logs and session data

3. Purposes of processing

We process your personal data for the following purposes:

  • Delivery of services through AI agents
  • Answering customer questions and providing customer support
  • Optimising our services and analysing usage
  • Contract management and invoicing
  • Marketing communications (solely on the basis of consent)
  • Compliance with legal obligations

4. AI and automated processing

Visstick AI Consultancy uses AI systems in the delivery of its services. We ensure that automated processing is carried out transparently. For decisions with significant consequences for data subjects, human review is always available.

Data processed through AI systems is secured by encryption and is processed solely for the agreed purposes. We do not use profiling for automated decision-making within the meaning of Article 22 GDPR without explicit consent.

5. Retention periods

We do not retain your personal data for longer than necessary for the purposes for which it was collected:

Category Retention period
Contract data Duration of the agreement + 7 years
Conversation histories Maximum of 2 years
Marketing data Until consent is withdrawn
Technical logs Maximum of 1 year

6. Sharing with third parties

We share your personal data only in the following cases:

  • With processors with whom we have concluded a GDPR-compliant data processing agreement
  • With AI service providers who meet the requirements of the GDPR
  • Where we are legally required to do so

We never sell your personal data to third parties.

7. Data processing agreement

Where we act as a processor for your organisation, we conclude a data processing agreement in accordance with Article 28 GDPR. This sets out:

  • Processing solely on the basis of your instructions
  • Appropriate technical and organisational security measures
  • Confidentiality obligations for the staff involved
  • Cooperation in facilitating the exercise of data subjects' rights

8. Security

We take appropriate technical and organisational measures to protect your personal data against loss, unauthorised access or misuse:

  • SSL/TLS encryption for data transport
  • Access control and authentication
  • Regular updates and security monitoring
  • Storage in EU data centres
  • Backup and recovery procedures

9. Your rights

Under the GDPR you have the following rights in relation to your personal data:

  • Right of access — You can request which data we process about you.
  • Right to rectification — You can have inaccurate data corrected.
  • Right to erasure — You can request that your data be deleted.
  • Right to restriction — You can restrict the processing of your data.
  • Right to data portability — You can receive your data in a structured format.
  • Right to object — You can object to processing based on legitimate interest.
  • Right to withdraw consent — You can withdraw consent given at any time.

Requests are handled within one month. Send your request to dennisvandongen@visstickconsultancy.nl.

10. Cookies

We use functional cookies (necessary for the website to work) and analytical cookies (to gain insight into website usage). No tracking cookies are placed without your consent.

You can adjust your cookie preferences through your browser settings.

11. Data breaches

In the event of a data breach that poses a risk to your rights and freedoms, we will report it to the Dutch Data Protection Authority within 72 hours. Where the data breach poses a high risk to data subjects, we will also notify the individuals concerned directly.

12. Changes

We may update this privacy statement periodically. The date of the last change is shown at the top of this document. In the event of significant changes, we will actively inform data subjects.

13. Complaints

Do you have a complaint about the way we handle your personal data? Please contact us first at dennisvandongen@visstickconsultancy.nl. We are happy to resolve it together.

You also have the right to lodge a complaint with the supervisory authority:

Autoriteit Persoonsgegevens (Dutch Data Protection Authority)

Postbus 93374, 2509 AJ The Hague, Netherlands

www.autoriteitpersoonsgegevens.nl