Legal

Privacy Policy

Last updated: 1 april 2025

1. Data Controller

Qovre is a trade name of GetFromTR, registered in The Hague, the Netherlands. We are the data controller for the personal data described in this policy.

Contact:
Email: contact@qovre.nl
Website: https://www.qovre.nl

2. Data We Collect

Qovre processes personal data that you actively provide to us, including:

  • Name and email address (via contact forms and onboarding)
  • Company name and job title
  • Technical project information you voluntarily share
  • IP address and browser data (analytical cookies)
  • Communication history (email, WhatsApp)

3. Legal Basis for Processing

  • Contract performance: when you submit a request or enter into an engagement
  • Legitimate interest: to improve our services and communication
  • Consent: for analytical cookies and marketing communications
  • Legal obligation: for tax and administrative retention requirements

4. Retention Periods

We retain your data only as long as necessary for its original purpose. Contact form data is retained for the duration of the business relationship and up to seven (7) years after termination for tax compliance. Analytical data is anonymised after 26 months.

5. Third-Party Processors

  • Supabase Inc. – database storage (EU region)
  • Vercel Inc. – hosting and infrastructure
  • Resend Inc. – transactional email
  • Google LLC – analytics (with IP anonymisation)

We never sell your data to third parties.

6. Your GDPR Rights

  • Right of access to your data
  • Right to rectification of inaccurate data
  • Right to erasure (‘right to be forgotten’)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interest

Submit requests to contact@qovre.nl. We respond within 30 days.

7. Cookies

Qovre uses functional cookies (required for the website) and analytical cookies (Google Analytics 4) only after your consent. You can change your preferences at any time via browser settings.

8. Security

We implement appropriate technical and organisational measures including TLS encryption, role-based access control (RBAC), and regular security audits.