Zarioh Digital Solutions · KVK 82309442 · Version January 2026
Contents
This privacy policy applies to all services of Zarioh Digital Solutions, located at Overvliet 142, 3545 NH Utrecht, registered with the Chamber of Commerce under number 82309442. We process your personal data in accordance with the GDPR.
Zarioh Digital Solutions, located at Overvliet 142, 3545 NH Utrecht and registered with the Chamber of Commerce under number 82309442 (hereinafter: 'we', 'us' or 'Zarioh'), attaches great importance to protecting your personal data.
This privacy policy explains which personal data we collect, why we process it, how long we retain it and what rights you have. This policy applies to all services of Zarioh Digital Solutions.
We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Dutch implementing legislation.
We process only the personal data necessary for the delivery of our services. This covers the following categories:
Contact details: name, email address, phone number and company name. We receive these when you fill in our contact form, request an intake or conclude an agreement.
Invoice details: name, address, VAT number and bank account number. These are necessary for invoicing and financial administration.
Communication data: content of emails, support tickets and chat messages you send to us.
Technical data: IP address, browser type and page visits via cookies (see article 8). These are processed anonymously for analytical purposes.
We process your personal data for the following purposes:
Performance of the agreement: delivering the agreed services, such as Microsoft 365 implementation, web and hosting services, AI solutions and other IT services.
Communication: answering questions, handling support requests and maintaining contact about ongoing projects.
Invoicing and administration: sending invoices, processing payments and maintaining our financial records.
Improvement of our services: anonymised analysis of website visits to improve the user experience.
Legal obligations: complying with tax and administrative retention requirements.
We process your data on the basis of the following legal grounds under the GDPR:
Contract (Art. 6(1)(b) GDPR): processing is necessary for the performance of the agreement we have concluded with you.
Legal obligation (Art. 6(1)(c) GDPR): processing is necessary to comply with a legal obligation, such as the seven-year tax retention requirement.
Legitimate interest (Art. 6(1)(f) GDPR): processing is necessary for our legitimate interests, such as improving our services and securing our systems.
Consent (Art. 6(1)(a) GDPR): for non-essential cookies we ask for your explicit consent.
We do not retain your personal data longer than necessary for the purpose for which it was collected, unless a statutory retention period requires a longer term.
Client data and contracts: 7 years after termination of the agreement (statutory fiscal retention obligation).
Invoices and financial records: 7 years under Dutch tax law.
Contact forms and emails: a maximum of 2 years after the last contact, unless an ongoing agreement justifies longer retention.
Support tickets: a maximum of 1 year after resolution.
Website analytics (anonymised): a maximum of 26 months.
We never sell your personal data to third parties. We may share your data with the following categories of recipients:
Processors: third parties who process data on our behalf, such as our hosting provider, accounting software and Microsoft 365. We have concluded a data processing agreement with all such parties.
Sub-processors: suppliers of SaaS solutions that we implement for you. We will inform you which parties are involved in executing your assignment.
Legal obligations: government bodies or supervisory authorities, to the extent required by law.
We do not transfer personal data to parties outside the European Economic Area (EEA), unless adequate safeguards have been put in place in accordance with the GDPR.
We take appropriate technical and organisational measures to protect your personal data against loss, unauthorised access, alteration or disclosure.
Our security measures include: encrypted connections (TLS/SSL), access controls with two-factor authentication, regular backups and restricted access to systems on a need-to-know basis.
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) in accordance with the statutory reporting obligation.
Under the GDPR you have the following rights regarding your personal data:
Right of access (Art. 15 GDPR): you may request an overview of the personal data we process about you.
Right to rectification (Art. 16 GDPR): you may have incorrect or incomplete data corrected.
Right to erasure (Art. 17 GDPR): you may request deletion of your data, unless statutory obligations prevent this.
Right to restriction (Art. 18 GDPR): you may request that processing be restricted in certain circumstances.
Right to data portability (Art. 20 GDPR): you may receive your data in a structured, commonly used format.
Right to object (Art. 21 GDPR): you may object to processing based on our legitimate interest.
You can submit your request to contact@zarioh-ds.nl. We will respond within 4 weeks. You also have the right to lodge a complaint with the Dutch Data Protection Authority at autoriteitpersoonsgegevens.nl.
We reserve the right to amend this privacy policy. Changes will be published on this page with the date of the latest revision.
We recommend that you consult this privacy policy periodically to stay informed of any changes. In the event of significant changes, we will actively notify you by email.
For questions about this privacy policy or the processing of your personal data, please contact us:
Zarioh Digital Solutions
Overvliet 142, 3545 NH Utrecht
Email: contact@zarioh-ds.nl
Tel: 030 760 0060
KVK: 82309442
Zarioh Digital Solutions
Overvliet 142
3545 NH Utrecht
