Legal

Privacy Policy

This Privacy Policy describes how Purificationouea collects, uses, stores, and protects your personal data when you visit our website or use our consulting services.

Last updated:

1. Data Controller

The data controller responsible for the processing of your personal data is:

Purificationouea
Hoogstraat 56-A
3011 PT Rotterdam
Netherlands
Email: assist@purificationouea.world
Phone: +31 30 267 6204

For any questions regarding this Privacy Policy or the exercise of your data protection rights, you may contact us using the details above.

2. Scope and Applicable Law

This Privacy Policy applies to all personal data processed by Purificationouea in connection with our website at purificationouea.world and our daily diet variety consulting services. We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Dutch Implementation Act (Uitvoeringswet AVG), and other applicable European and Dutch privacy legislation.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website and services.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

When you contact us through our contact form, email, telephone, or during consulting sessions, we may collect the following categories of personal data:

  • Identity data: full name, title
  • Contact data: email address, telephone number, postal address
  • Communication data: messages, inquiries, and correspondence content
  • Consulting-related data: dietary preferences, household size, and goals you voluntarily share during sessions
  • Consent records: timestamps and details of consents you have provided

3.2 Data Collected Automatically

When you visit our website, we may automatically collect certain technical data through cookies and similar technologies, including:

  • Device and browser information: IP address, browser type and version, operating system
  • Usage data: pages visited, time spent on pages, referral source, click patterns
  • Cookie identifiers and preference settings

For detailed information about cookies, please refer to our Cookie Policy.

4. Purposes and Legal Bases for Processing

We process your personal data only for specified, explicit, and legitimate purposes. The table below outlines our primary processing activities and their legal bases under the GDPR:

4.1 Responding to Inquiries

Purpose: To receive, process, and respond to your contact form submissions, emails, and telephone inquiries.
Legal basis: Article 6(1)(b) GDPR — processing is necessary for steps taken at your request prior to entering into a contract; Article 6(1)(f) GDPR — legitimate interest in managing customer communications.

4.2 Providing Consulting Services

Purpose: To deliver daily diet variety consulting, educational products, and related programs you have requested.
Legal basis: Article 6(1)(b) GDPR — performance of a contract or pre-contractual measures.

4.3 Website Functionality and Security

Purpose: To ensure the proper functioning, security, and stability of our website.
Legal basis: Article 6(1)(f) GDPR — legitimate interest in maintaining a secure and functional online presence.

4.4 Analytics and Website Improvement

Purpose: To analyse website usage patterns and improve user experience, subject to your cookie consent.
Legal basis: Article 6(1)(a) GDPR — consent.

4.5 Marketing Communications

Purpose: To send informational newsletters about our consulting services and educational content, only where you have opted in.
Legal basis: Article 6(1)(a) GDPR — consent.

4.6 Legal Compliance

Purpose: To comply with legal obligations, including tax record-keeping and responding to lawful requests from authorities.
Legal basis: Article 6(1)(c) GDPR — compliance with a legal obligation.

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law. Our standard retention periods are as follows:

  • Contact form inquiries: Twelve (12) months from the date of submission, unless a consulting relationship is established
  • Consulting client records: Five (5) years following the end of the consulting engagement, in accordance with Dutch commercial record-keeping requirements
  • Contract and billing data: Seven (7) years, as required by Dutch tax legislation
  • Cookie consent records: Twelve (12) months from the date of consent
  • Analytics data: Twenty-six (26) months, subject to the analytics provider's settings
  • Marketing consent records: Until consent is withdrawn, plus three (3) years for proof of consent

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be associated with you.

6. Data Sharing and Recipients

We do not sell, rent, or trade your personal data to third parties. We may share your data with the following categories of recipients, strictly to the extent necessary:

  • Service providers (processors): Hosting providers, email service providers, analytics platforms, and payment processors who process data on our behalf under written data processing agreements compliant with Article 28 GDPR
  • Professional advisers: Lawyers, accountants, and auditors bound by confidentiality obligations
  • Public authorities: Where required by law, court order, or regulatory request

Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.

7. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted through our website
  • Access controls limiting personal data access to authorised personnel on a need-to-know basis
  • Regular security assessments of our systems and third-party providers
  • Secure storage of physical and digital records
  • Staff training on data protection principles and incident response procedures
  • Incident response procedures for detecting, reporting, and investigating data breaches

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to notifying the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and affected individuals within seventy-two (72) hours of becoming aware of a breach that poses a risk to your rights, where required by law.

8. Your Rights Under the GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of access (Article 15): Request confirmation of whether we process your data and obtain a copy
  • Right to rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to erasure (Article 17): Request deletion of your data where legally applicable
  • Right to restriction of processing (Article 18): Request limitation of processing under certain circumstances
  • Right to data portability (Article 20): Receive your data in a structured, machine-readable format where processing is based on consent or contract
  • Right to object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent (Article 7(3)): Withdraw consent at any time without affecting the lawfulness of prior processing
  • Right not to be subject to automated decision-making (Article 22): We do not engage in automated decision-making or profiling that produces legal effects

To exercise any of these rights, please contact us at assist@purificationouea.world. We will respond within one (1) month of receiving your request, extendable by two (2) further months where necessary due to complexity. We may request proof of identity to verify your request.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl).

9. Children's Privacy

Our website and consulting services are not directed at individuals under the age of sixteen (16). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete such information promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this page periodically. Where changes materially affect your rights, we will provide additional notice where required by law.

11. Contact Information

For privacy-related inquiries, data subject requests, or concerns about our data handling practices, please contact:

Purificationouea
Hoogstraat 56-A, 3011 PT Rotterdam, Netherlands
Email: assist@purificationouea.world
Phone: +31 30 267 6204