Privacy Statement

This privacy statement was last updated on 22 May 2025 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via https://empact.nu/en/. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

• we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
• we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
• we first request your explicit consent to process your personal data in cases requiring your consent;
• we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
• we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

1.1 Contact - Through phone, mail, email and/or webforms

For this purpose we use the following data:

• A first and last name
• An email address
• A telephone number

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We determine the retention period according to fixed objective criteria: Persoonsgegevens worden niet langer bewaard dan noodzakelijk is voor de doeleinden waarvoor ze zijn verzameld. Zodra de gegevens niet langer relevant zijn voor het leveren van diensten, het ondersteunen van klanten of het naleven van wettelijke verplichtingen, worden deze verwijderd of geanonimiseerd. Persoonsgegevens die nodig zijn voor administratieve, juridische of beveiligingsdoeleinden, kunnen worden bewaard zolang de onderneming actief is of totdat het doel waarvoor ze zijn verzameld is vervallen.

1.2 Newsletters

For this purpose we use the following data:

• A first and last name
• An email address
• A telephone number

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We determine the retention period according to fixed objective criteria: Persoonsgegevens worden niet langer bewaard dan noodzakelijk is voor de doeleinden waarvoor ze zijn verzameld. Zodra de gegevens niet langer relevant zijn voor het leveren van diensten, het ondersteunen van klanten of het naleven van wettelijke verplichtingen, worden deze verwijderd of geanonimiseerd. Persoonsgegevens die nodig zijn voor administratieve, juridische of beveiligingsdoeleinden, kunnen worden bewaard zolang de onderneming actief is of totdat het doel waarvoor ze zijn verzameld is vervallen.

1.3 To support services or products that a customer wants to buy or has purchased

For this purpose we use the following data:

• A first and last name
• An email address
• A telephone number

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We determine the retention period according to fixed objective criteria: Persoonsgegevens worden niet langer bewaard dan noodzakelijk is voor de doeleinden waarvoor ze zijn verzameld. Zodra de gegevens niet langer relevant zijn voor het leveren van diensten, het ondersteunen van klanten of het naleven van wettelijke verplichtingen, worden deze verwijderd of geanonimiseerd. Persoonsgegevens die nodig zijn voor administratieve, juridische of beveiligingsdoeleinden, kunnen worden bewaard zolang de onderneming actief is of totdat het doel waarvoor ze zijn verzameld is vervallen.

1.4 To be able to comply with legal obligations

For this purpose we use the following data:

• A first and last name
• An email address
• A telephone number

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We determine the retention period according to fixed objective criteria: Persoonsgegevens worden niet langer bewaard dan noodzakelijk is voor de doeleinden waarvoor ze zijn verzameld. Zodra de gegevens niet langer relevant zijn voor het leveren van diensten, het ondersteunen van klanten of het naleven van wettelijke verplichtingen, worden deze verwijderd of geanonimiseerd. Persoonsgegevens die nodig zijn voor administratieve, juridische of beveiligingsdoeleinden, kunnen worden bewaard zolang de onderneming actief is of totdat het doel waarvoor ze zijn verzameld is vervallen.

1.5 Compiling and analyzing statistics for website improvement.

For this purpose we use the following data:

• Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We determine the retention period according to fixed objective criteria: Persoonsgegevens worden niet langer bewaard dan noodzakelijk is voor de doeleinden waarvoor ze zijn verzameld. Zodra de gegevens niet langer relevant zijn voor het leveren van diensten, het ondersteunen van klanten of het naleven van wettelijke verplichtingen, worden deze verwijderd of geanonimiseerd. Persoonsgegevens die nodig zijn voor administratieve, juridische of beveiligingsdoeleinden, kunnen worden bewaard zolang de onderneming actief is of totdat het doel waarvoor ze zijn verzameld is vervallen.

2. Sharing with other parties

We only share or disclose this data to processors for the following purposes:

3. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy. 

4. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

6. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

• You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
• Right of access: You have the right to access your personal data that is known to us.
• Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
• If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
• Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
• Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

9. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.

10. Contact details

Empact Consulting B.V.
Gonnetstraat 26, 2011 KA Haarlem
Netherlands
Website: https://empact.nu/en/
Email: info@ex.comempact.nu
Phone number: +31 (0)6 45 77 08 09

Annex

Solid Security

 

What personal data do we collect and why do we collect it?

 

Cookies

 

- Magic links: A temporary cookie called "itsec-ml-lockout-bypass" is created that allows users to log in via a link in their email. This cookie references session data with the user ID and IP address and expires automatically after 30 minutes.

- Security cookie: A cookie called "itsec_interstitial_browser" is created to track a user's login process and implement enhanced security features.

- Login page: When visiting the login page, a temporary cookie is set to support compatibility with some alternative login methods. This cookie contains no personal data and expires after 1 hour.

 

Security logs

 

- The IP address of visitors, user ID of logged-in users and username of login attempts are conditionally recorded to detect malicious activity and protect the site from specific types of attacks.

- Examples of situations where logging occurs include login attempts, logout requests, suspicious URL requests, site content changes and password updates.

- These records are kept for 60 days.

 

With whom do we share your data?

 

SolidWP Security Check:

 

- During the security check, solidwp.com is consulted to determine if the site supports TLS/SSL requests. No personal information is sent to solidwp.com. Only the URL of the site is sent. Please refer to the SolidWP Privacy Policy for more information.

 

Malware scanner:

 

- This site is being scanned for possible malware and vulnerabilities by the SolidWP Site Scanner. No personal information is sent to the scanner, but information publicly posted on the site (such as in comments) may be found by the scanner.

 

Data integrity:

 

- Solid Security retrieves data from wordpress.org, solidwp.com, ithemes.com and amazonaws.com to ensure file integrity. No personal data is sent to these sites.

- Requests to wordpress.org include the WordPress version, site location, a list of installed plugins and their versions.

- Requests to solidwp.com and amazonaws.com include installed SolidWP products and their versions. Please refer to the WordPress Privacy Policy, the SolidWP Privacy Policy and the Amazon Web Services Data Privacy Policy for more information.

 

How long do we keep your data?

 

- Security logs: Security log details are kept for 60 days.

- Backups: Backups of security logs are kept for 9 days.

- Backups of databases are sent via e-mail. Check the retention policy of the e-mail host used.

 

Important: You may be required to respect previous requests to delete personal data, even when restoring a backup of the site. Establish an internal policy to ensure this obligation is met.

 

Where do we send your data?

 

- This site is part of a network of sites that protects against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log in is shared with a service provided by solidwp.com. Please refer to the SolidWP Privacy Policy for more information.

- Database backups are sent via email. Depending on your email host and your site's compliance requirements, you may need to mention that this information is sent to the host and include a link to their privacy policy.