Privacy Policy

1. Who We Are

Huce Digital is an AI systems agency based in Putten, Netherlands. We build custom AI-powered platforms and automation systems for growing businesses.

Contact Information:

• Email: privacy@hucedigital.com
• General inquiries: info@hucedigital.com
• Website: huce.digital

2. What Information We Collect

2.1 Personal Information

When you contact us or work with us, we may collect:

• Full name
• Email address
• Phone number
• Company name and role
• Billing and invoice details
• Project-related information you share with us

2.2 Automatically Collected Information

When you visit our website, we automatically collect:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent
• Referral source (how you found us)
• Device information

2.3 Cookies and Tracking

We use cookies and similar technologies to improve user experience and analyze website traffic. You can control cookie preferences in your browser settings.

3. How We Use Your Information

We use collected information for the following purposes:

• Service Delivery: To provide AI systems development and consulting services
• Communication: To respond to inquiries and provide customer support
• Project Management: To manage and execute development projects
• Billing: To process payments and maintain financial records
• Marketing: To send updates about our services (only with your consent)
• Improvement: To analyze and improve our website and services
• Legal Compliance: To comply with applicable laws and regulations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

• Contract Performance: Processing necessary to fulfill our service agreements
• Legitimate Interests: Improving our services and business operations
• Consent: Marketing communications (you can withdraw consent anytime)
• Legal Obligations: Compliance with tax, accounting, and legal requirements

5. How We Protect Your Data

We implement industry-standard security measures:

• Encryption: SSL/TLS encryption for data transmission
• Secure Storage: Data stored on secure, encrypted servers
• Access Control: Limited access to personal data (need-to-know basis)
• Regular Audits: Periodic security reviews and vulnerability assessments
• Vendor Security: We only work with GDPR-compliant service providers

6. Data Sharing and Third Parties

We do not sell your personal data. We may share information with:

Service Providers

• Hosting: Vercel (USA) - servers located in EU regions
• Email: Email service providers for transactional and marketing emails
• Analytics: Vercel Analytics for website performance monitoring
• Payment Processing: Stripe or similar payment processors (when applicable)

All third-party processors:

• Are GDPR-compliant
• Process data only as instructed by us
• Have appropriate data protection agreements in place

Legal Requirements

We may disclose information if required by law, court order, or to protect our legal rights.

7. International Data Transfers

We primarily operate within the European Union. When data is transferred outside the EU (e.g., to service providers in the USA), we ensure adequate safeguards through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with GDPR-compliant providers
• Adequacy decisions where applicable

8. Your Rights Under GDPR

As an EU resident, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing communications
• Right to Lodge a Complaint: File a complaint with your national data protection authority

To exercise any of these rights, contact us at: privacy@hucedigital.com

We will respond to your request within 30 days as required by GDPR.

9. Data Retention

We retain your personal data for:

• Active Clients: Duration of contract + 7 years (tax/legal requirements)
• Inquiries: 2 years from last contact
• Marketing Contacts: Until you unsubscribe or 3 years of inactivity
• Analytics Data: Aggregated and anonymized after 26 months

10. AI Systems and Data Processing

As an AI systems agency, we may process client data as part of developing AI solutions. In such cases:

• We act as a Data Processor under GDPR (our clients are Data Controllers)
• We enter into formal Data Processing Agreements (DPAs) with clients
• Client data used for AI model training or fine-tuning is only done with explicit permission
• We implement appropriate technical measures for AI system security
• We ensure AI vendors we use (OpenAI, Anthropic) are GDPR-compliant

11. Children's Privacy

Our services are directed at businesses, not individuals under 16. We do not knowingly collect data from children. If you believe we have inadvertently collected such data, contact us immediately.

12. Changes to This Privacy Policy

We may update this policy periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated via:

• Email notification (for active clients)
• Website banner
• Updated "Last Updated" date at the top of this page

13. Contact Us

For questions about this Privacy Policy or to exercise your rights:

• Privacy Inquiries: privacy@hucedigital.com
• General Contact: info@hucedigital.com
• Address: Huce Digital, Putten, Netherlands

14. Supervisory Authority

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

• Website: autoriteitpersoonsgegevens.nl
• Phone: (+31) - (0)70 - 888 85 00