Privacy Policy

Introduction

westenzlue B.V. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our services, visit our website at westenzlue.top, or interact with us. We are the Data Controller for the purposes of the General Data Protection Regulation (GDPR) and Dutch privacy laws.

Data Controller Information

The Data Controller responsible for your personal data is:
westenzlue B.V.
Kerkstraat 153, 1395 FM Almere, Netherlands
Registration Number: B52014932
VAT Number: NL63015647B01
Email: privacy@westenzlue.top
Phone: +31 308178835

Data Collection

The data we collect includes personal information such as your name, email address, phone number, and any health-related information you provide when booking our recovery and mobility services. We also collect information about your use of our website, including your IP address, browser type, and pages visited. Additionally, we may collect payment information when you purchase our services, though this is processed securely through third-party payment processors.

Types of Personal Data We Collect:

• Contact information (name, email, phone number, address)
• Health and medical information relevant to our services
• Appointment and service history
• Payment and billing information
• Website usage data and cookies
• Communication records and preferences

How We Use Your Information

We explain how we use your information in this section to ensure transparency about our data processing activities. Your personal data is used to provide and improve our recovery and mobility services, including scheduling appointments, delivering personalised treatments, processing payments, and maintaining communication about your care. We also use your data to comply with legal obligations, protect our legitimate business interests, and ensure the safety and security of our services.

Legal Basis for Processing:

• Contract Performance: To provide our services and fulfill our contractual obligations
• Consent: Where you have given explicit consent for specific processing activities
• Legitimate Interests: For business operations, service improvement, and customer support
• Legal Compliance: To meet our legal and regulatory obligations
• Vital Interests: To protect your health and safety during treatment

Data Sharing and Disclosure

We do not sell, trade, or transfer your personal data to third parties without your consent, except as described in this policy. We may share your information with trusted service providers who assist us in operating our business, such as payment processors, appointment scheduling systems, and IT support services. These providers are bound by confidentiality agreements and are only permitted to use your data for the specific services they provide to westenzlue.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal requirements, and resolve disputes. Generally, we retain client records for a period of seven years after your last appointment, in accordance with Dutch healthcare and business record-keeping requirements. Marketing communications data is retained until you withdraw consent or we determine it is no longer needed for our legitimate business purposes.

Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encrypted data transmission, secure storage systems, access controls, and regular security assessments. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

International Data Transfers

Your personal data is primarily processed within the European Union. If we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission. We will always inform you of such transfers and the safeguards we have implemented.

Cookies and Website Analytics

Our website uses cookies and similar technologies to enhance your browsing experience and analyze website usage. For detailed information about our cookie practices, please refer to our Cookie Policy. You can manage your cookie preferences through your browser settings or our cookie consent tool.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16 without appropriate parental consent. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately so we can take appropriate action.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by sending you a direct communication. Your continued use of our services after such changes indicates your acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us using the following contact information:

Supervisory Authority

If you believe we have not adequately addressed your privacy concerns or if you wish to file a complaint, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):