Logo
+31684058746
info@netherlandsit.nl

Privacy & GDPR

Last updated: Apr 18, 2026

NetherlandsIT.nl — AdMun / KVK 84121998 Version: 2.0  |  Effective: 10 April 2026  |  Jurisdiction: Netherlands & EU
Privacy & GDPR Policy

Privacy, Data & Cookie Policy

This policy governs how NetherlandsIT / AdMun collects, uses, stores, shares and protects your data. It applies to all visitors, registered users, and customers of our platform, services, and applications — including products in pre-registration and beta testing phases.

📅 Effective: 10 April 2026 🌎 Scope: Netherlands & EU/EEA 🔒 GDPR compliant by design
Important Notice — Please Read Before Using Our Platform: By accessing any part of NetherlandsIT.nl, its sub-platforms, APIs, or associated applications, you confirm that you have read and accepted this Privacy Policy in its entirety. Continued use constitutes ongoing acceptance. This policy applies equally to products in pre-registration mode and beta testing mode.

1 Who We Are

NetherlandsIT, operating under the trade names AdMun, AdMun EU, NLIT, and NLEBIKE, is an IT and HR technology company registered in the Netherlands as an Eenmanszaak (sole proprietorship) under the Handelsregisterwet 2007.

N

NetherlandsIT / AdMun

KVK: 84121998 • Founded: 06-10-2021
Oudemansstraat 315, 2522SW 's-Gravenhage, The Netherlands
info@netherlandsit.nlchishty@admun.eu
www.netherlandsit.nl

We are the Data Controller under GDPR Art. 4(7) for all personal data collected through our website, platform, and applications. Where we process data on behalf of business clients, we act as Data Processor under GDPR Art. 28.

2 Scope & Application Status

NetherlandsIT develops and operates multiple digital products and services at different stages of readiness:

✓ Live & Active ▶ Beta Testing Mode ● Pre-Registration Mode
Beta & Pre-Registration Notice: Applications in pre-registration mode or beta testing mode are subject to enhanced data collection for testing and improvement purposes. By registering or using these applications, you explicitly consent to extended analytics use of your interaction data to improve those applications. Features and behaviours in these environments may change without notice.

3 Information We Collect

3.1 Information you provide directly

  • Full name, email address, phone number, and job title
  • Company name, KVK number, and business address
  • Account credentials (username and hashed password)
  • Communication preferences and language settings
  • Support requests, feedback, and form submissions
  • Contract and service agreement data

3.2 Information collected automatically

  • IP address, browser type, operating system, and device identifiers
  • Pages visited, time spent, click paths, and browsing behaviour on our platform
  • Session data, referring URLs, and search queries used within the platform
  • Feature usage patterns, API call frequency, and interaction logs
  • Cookies, pixels, and local storage data (see Section 9)

3.3 Information from third parties

  • Verification data from the KVK Handelsregister
  • Visa and work permit status from IND integrations (where applicable)
  • Payroll and financial data from integrated partners (NMBRS, AFAS, Finqle, BrynQ, Salure)
  • Candidate profile data from job boards or third-party ATS connectors (with appropriate consent)
What we do NOT collect as identifiable data: We do not store raw BSN (burgerservicenummer) numbers, bank account numbers (IBAN), or government-issued ID document numbers in plain text in our primary application database. Where such data is required for payroll or legal compliance, it is handled exclusively by certified payroll processors (NMBRS, AFAS) or encrypted specialist storage. See Section 7 for full details.

4 How We Use Your Information

We process personal data on the following legal bases under GDPR Art. 6:

Contract — Art. 6(1)(b)

Service Delivery

Account management, subscriptions, and contracted services.

Legal Obligation — Art. 6(1)(c)

Regulatory Compliance

VBAR/DBA classification, Waadi checks, and tax obligations.

Legitimate Interest — Art. 6(1)(f)

Security & Analytics

Fraud prevention, uptime monitoring, AI model improvement.

Consent — Art. 6(1)(a)

Marketing & Communications

Newsletters, product updates, and targeted communications.

5 Marketing Use of Your Data

Right to Use for Marketing: NetherlandsIT expressly reserves the right to use certain personal data for marketing and business development purposes as detailed below. Where required by law, this use is subject to your consent or a legitimate interests assessment.

Specifically, NetherlandsIT may use the following data for marketing purposes:

  • Name and email address — to send service announcements, product updates, newsletters, promotional offers, and event invitations relating to NetherlandsIT products and partner services.
  • Phone number — for direct outreach by our sales or account management team, where you are an existing or prospective customer.
  • Browsing and platform behaviour data — including pages visited, features used, job categories browsed, and interaction patterns — to personalise marketing content, retarget advertising campaigns, and identify upselling and cross-selling opportunities relevant to your usage profile.
  • Company size, industry, and role information — to segment communications and ensure relevance.

Marketing communications are sent in compliance with the Telecommunicatiewet. You may opt out at any time by clicking the unsubscribe link in any email or contacting info@netherlandsit.nl. Opting out does not affect your access to services.

6 Third-Party Data Sharing

6.1 Operational integrations (data processors)

We engage third-party providers under Data Processing Agreements per GDPR Art. 28:

  • Payroll platforms: NMBRS, AFAS, BrynQ, Salure — for payroll calculation and statutory filings
  • Fintech partners: Finqle and similar — for payment processing and invoice financing
  • Cloud infrastructure: Google Cloud Platform (GCP) — hosting and AI processing within the EU/EEA
  • Government APIs: KVK, IND, Belastingdienst — for regulatory verification and compliance checks
  • Analytics & monitoring tools: platform performance, error tracking, and usage analytics
  • AI and vector database providers: Pinecone, Weaviate, or equivalent — for semantic search and candidate matching
Beta & Pre-Registration — Extended Third-Party Rights: For applications in pre-registration or beta testing mode, NetherlandsIT explicitly reserves the right to engage additional third-party software and analytics services for data preservation, performance analysis, A/B testing, error logging, and user behaviour research. Data shared in these contexts may include your name, email address, interaction logs, and feature usage data. Sensitive data — including BSN, IBAN, passport numbers, and medical or financial records — will never be shared with third-party beta analytics tools. By using a pre-registration or beta application, you consent to this extended data use.

6.2 Business transfers

In the event of a merger, acquisition, or restructuring, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

6.3 Legal disclosure

We may disclose personal data to the Nederlandse Arbeidsinspectie, Belastingdienst, Autoriteit Persoonsgegevens, and law enforcement where required by Dutch or EU law or pursuant to a lawful court order.

7 Protection of Sensitive & Special Category Data

Strict Protection: The following data categories are never stored in plain text in our primary database, never shared with marketing or analytics tools, and are exclusively processed for their specific legal or service purpose.
  • BSN (Burgerservicenummer) — processed exclusively for payroll and statutory reporting under Loonaangiftewet; encrypted at rest and in transit; accessible only to authorised payroll processors.
  • IBAN / Bank account numbers — processed solely for salary payments via certified payroll partners; never retained in NetherlandsIT’s own systems beyond transaction processing.
  • Passport, identity document, or visa details — processed only for IND High-Skilled Migrant checks under Vreemdelingenwet 2000; encrypted storage only.
  • Health and medical data — special category data under GDPR Art. 9; explicit worker consent required.
  • Criminal record data — handled under GDPR Art. 10 restrictions; only where a VOG is required for a role.

All sensitive data is encrypted under AES-256 at rest and TLS 1.3 in transit, per GDPR Art. 32. Used exclusively for user accessibility, statutory compliance, and payroll processing.

8 AI Systems, Automated Processing & Data Improvement

NetherlandsIT operates AI-powered features including the VBAR Classification Engine, Screener Agent, Compliance Crawler, and RAG (Retrieval-Augmented Generation) knowledge engine. We use your data — including interaction patterns, submitted documents, and platform usage — to continuously improve our AI models:

  • Anonymised interaction data is used to retrain and improve AI matching, classification, and compliance logic.
  • User feedback on AI outputs is logged and used to correct model behaviour.
  • Aggregated, anonymised usage patterns are used for product development and feature prioritisation.

Where AI produces a decision with significant legal effect (e.g. employment status classification), you have the right not to be subject to that decision on a solely automated basis under GDPR Art. 22. Request human review: info@netherlandsit.nl. All AI Output is advisory only — it does not constitute legal, tax, immigration, or HR advice.

9 Cookies & Tracking Technologies

We use cookies and similar technologies governed by Telecommunicatiewet Art. 11.7a and GDPR Art. 5.

Always Active

Strictly Necessary

Authentication, sessions, security. Cannot be disabled.

Consent Required

Analytics Cookies

Platform usage measurement and performance improvement.

Consent Required

Marketing Cookies

Retargeting and advertising personalisation.

Consent Required

Functional Cookies

Language preferences and personalisation settings.

Manage cookie preferences via the Cookie Preference Centre in the website footer. Withdrawing consent does not affect lawfulness of prior processing.

10 Your Rights Under GDPR

As a data subject under GDPR Chapter III, you have the following rights:

  • Right of access Art. 15 — obtain a copy of your personal data.
  • Right to rectification Art. 16 — correct inaccurate or incomplete data.
  • Right to erasure Art. 17 — request deletion, subject to 7-year payroll retention obligations.
  • Right to restriction Art. 18 — limit how we process your data.
  • Right to data portability Art. 20 — receive your data in machine-readable format.
  • Right to object Art. 21 — object to processing based on legitimate interests, including direct marketing.
  • Rights on automated decisions Art. 22 — request human review of AI-generated decisions.

Submit requests to info@netherlandsit.nl. Response within 30 calendar days. Complaints: Autoriteit Persoonsgegevens.

11 Security, Data Breaches & Limitation of Liability

Limitation of Liability — Unexpected Security Events: NetherlandsIT implements industry-standard security measures including Zero-Trust Architecture, AES-256 encryption at rest, TLS 1.3 in transit, and role-based access controls, per GDPR Art. 32. However, the Company shall not be held liable for any data breach, cyber attack, ransomware incident, unauthorised access, or similar unexpected security event that occurs despite these measures, where such event is caused by circumstances beyond our reasonable control, including state-sponsored attacks, zero-day exploits, third-party API breaches, or user-side credential compromise.

In the event of a breach we will:

  • Notify the Autoriteit Persoonsgegevens within 72 hours per GDPR Art. 33.
  • Notify affected data subjects where there is high risk, per GDPR Art. 34.
  • Document the breach and remedial measures in our internal breach register.

Aggregate liability is capped at fees paid in the 12 months preceding the incident. Visitors use the platform at their own security risk. This limitation does not affect liability for intentional misconduct under BW Art. 6:74.

12 Service Bugs, Errors & Support Obligations

Bug & Error Disclaimer: NetherlandsIT does not guarantee the platform is free from bugs, errors, downtime, or unintended behaviours, particularly in features classified as beta or pre-registration. The Company shall not be liable for loss, data corruption, missed deadlines, or business disruption caused by software defects or service interruptions. The platform is provided on an “as-is” and “as-available” basis.

Notwithstanding the above, NetherlandsIT is committed to responsive customer support. Upon receiving a bug report or service feedback:

  • Acknowledgement within 1 business day.
  • Initial assessment and resolution timeline within 3 business days for production-affecting issues.
  • Immediate escalation for issues affecting payroll, compliance data, or user access.
  • Beta testers should use the feedback channels provided at registration.

Contact: info@netherlandsit.nl. Support commitments do not constitute an SLA unless separately contracted in writing.

13 Policy Changes & Our Right to Amend

Unilateral Right to Amend: NetherlandsIT expressly reserves the right to modify, update, or replace this Privacy Policy, the Terms of Service, Cookie Policy, and all other policies at any time, with or without prior notice. Such changes take effect immediately upon publication on our website unless a later date is specified. Your continued use of the platform after any amendment constitutes your acceptance of the revised policy.

While we reserve this right, in practice we aim to:

  • Post a prominent notice on the website for material changes.
  • Send registered customers an email notification for changes that significantly affect their rights, where commercially practical.
  • Maintain a version history of this policy available upon request.

If you do not agree with any amendment, you must immediately cease using the platform and contact us at info@netherlandsit.nl to close your account. It is your responsibility to check this page periodically. The “Effective Date” at the top of the page indicates when the current version was last revised.

14 Governing Law, Jurisdiction & Contact

This policy is governed by Dutch law and EU law including GDPR 2016/679 and the Telecommunicatiewet. Disputes are submitted to the courts of 's-Gravenhage (The Hague), The Netherlands. Consumers retain rights under GDPR Art. 79. EU ODR: ec.europa.eu/consumers/odr.

N

Privacy Contact — NetherlandsIT / AdMun

Email: info@netherlandsit.nl
Address: Oudemansstraat 315, 2522SW 's-Gravenhage, The Netherlands
Supervisory Authority: Autoriteit Persoonsgegevens
EU ODR Platform: ec.europa.eu/consumers/odr

© 2026 NetherlandsIT / AdMun — KVK 84121998 — Eenmanszaak registered in The Netherlands.
Privacy & GDPR Policy v2.0 — Effective 10 April 2026 — Terms of Service  |  Terms & Conditions  |  Disclaimer