Privacy policy

Version of February 2026, governed by the laws of the Netherlands.

This Privacy Policy explains how Clausely (“Clausely”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal data when you visit or use www.clausely.eu (the “Website”) or use our services, including the Free AI Risk Scan, the AI Fix Plan, and any related compliance support services (together, the “Services”).

This Privacy Policy is intended for business users, website visitors, leads, and other individuals whose personal data we process in connection with our Website and Services.

1. Who We Are

Clausely is a business registered in the Netherlands and operating via www.clausely.eu

For the purposes of applicable data protection law, Clausely is the controller of the personal data described in this Privacy Policy, unless stated otherwise.

Contact details
Clausely
Registered in the Netherlands
Chamber of Commerce number: [KVK NUMBER]
VAT number: [VAT NUMBER]
Website: www.clausely.eu 
Email: hello@clausely.eu 

2. The Personal Data We Collect

We collect and process personal data only insofar as necessary for the purposes described in this Privacy Policy.

2.1 Data you provide directly

We may collect personal data you provide directly, for example when you:

  • contact us by email or through a contact form; 

  • complete the Free AI Risk Scan; 

  • request or purchase the AI Fix Plan or another Service; 

  • subscribe to our emails or marketing communications; 

  • otherwise communicate with us. 

This may include:

  • name; 

  • business name; 

  • job title; 

  • email address; 

  • phone number, if provided; 

  • billing information; 

  • company and webshop information; 

  • responses submitted through forms, questionnaires, or intake flows; 

  • any personal data included in your messages, attachments, or documents. 

2.2 Data collected automatically

When you use the Website, we may automatically collect certain technical and usage data, such as:

  • IP address; 

  • browser type and browser settings; 

  • device type and operating system; 

  • date and time of access; 

  • referring URLs; 

  • pages viewed; 

  • clicks, navigation behaviour, and other website usage data; 

  • approximate geographic location inferred from IP address. 

2.3 Data from third parties

We may receive personal data from third parties, such as:

  • analytics providers; 

  • advertising and social media platforms; 

  • payment service providers; 

  • CRM, email, automation, form, hosting, or scheduling tools; 

  • public sources, where relevant to a business inquiry. 

3. How We Use Personal Data

We process personal data for the following purposes:

  • to operate, secure, and improve the Website; 

  • to respond to inquiries, requests, and communications; 

  • to provide the Free AI Risk Scan; 

  • to assess whether our Services are suitable for a prospective Client; 

  • to provide the AI Fix Plan and other Services; 

  • to manage client relationships and administration; 

  • to process payments and maintain records; 

  • to send service-related communications; 

  • to send marketing communications where permitted; 

  • to analyse Website performance and campaign effectiveness; 

  • to prevent abuse, fraud, misuse, and security incidents; 

  • to comply with legal, tax, accounting, and regulatory obligations; 

  • to establish, exercise, or defend legal claims. 

4. Legal Bases for Processing

Under the GDPR, personal data must be processed on a valid legal basis, and privacy notices must explain those bases.

Depending on the context, we rely on one or more of the following legal bases:

4.1 Performance of a contract

We process personal data where necessary to take steps at your request before entering into a contract, or to perform a contract with you or your company, for example:

  • providing the Free AI Risk Scan at your request; 

  • preparing or delivering the AI Fix Plan; 

  • invoicing, payment handling, and service administration. 

4.2 Legitimate interests

We may process personal data where necessary for our legitimate interests, provided those interests are not overridden by your rights and interests. Legitimate interests may include:

  • operating and improving our Website and Services; 

  • handling business inquiries; 

  • maintaining client relationships; 

  • preventing fraud, abuse, and security issues; 

  • measuring basic website performance and service quality; 

  • protecting our legal and commercial interests. 

The EDPB has issued guidance on how legitimate interest should be assessed in practice.

4.3 Consent

We rely on consent where required, including for:

  • email marketing where consent is legally required; 

  • tracking or marketing cookies and similar technologies where consent is required.

Consent must be freely given, specific, informed, and unambiguous under GDPR guidance.

4.4 Legal obligation

We may process personal data where necessary to comply with legal obligations, including tax, accounting, record-keeping, and regulatory obligations.

5. Cookies and Similar Technologies

We use cookies and similar technologies on our Website.

These may include:

  • functional cookies, which are necessary for the Website to operate properly;

  • analytics cookies, to measure and improve website performance; 

  • tracking or marketing cookies, to measure campaign performance, build audiences, or show relevant ads.

The Dutch Data Protection Authority explains that only functional cookies, and in some cases limited analytical cookies, may be placed without consent; tracking cookies generally require consent.

If we use tracking or marketing cookies, we will ask for consent through our cookie banner before placing them, where required. Consent for cookies must meet GDPR standards.

You can also manage cookies through your browser settings. More detailed information can be included in a separate Cookie Statement.

6. Marketing Communications

If you sign up to receive updates, resources, or marketing emails from us, we may use your contact details to send those communications.

Where required by law, we will do so only with your consent. You can unsubscribe at any time by using the unsubscribe link in the email or by contacting us at hello@clausely.eu.

7. Sharing Personal Data

We do not sell personal data.

We may share personal data with:

  • hosting providers; 

  • website, analytics, and cookie tools; 

  • payment providers; 

  • email, CRM, and automation providers; 

  • form and survey providers; 

  • cloud storage and communication providers; 

  • professional advisers, such as lawyers, accountants, or insurers; 

  • authorities, regulators, courts, or law enforcement, where legally required; 

  • counterparties in the context of a corporate transaction such as a merger, acquisition, restructuring, or sale of assets.

Where third parties process personal data on our behalf, we require them to do so under appropriate contractual safeguards where applicable.

8. International Transfers

Some of our service providers may be located outside the European Economic Area (“EEA”) or may process personal data from outside the EEA.

Where we transfer personal data outside the EEA, we will ensure that appropriate safeguards are in place, for example:

  • an adequacy decision by the European Commission; or 

  • the European Commission’s Standard Contractual Clauses (“SCCs”), where required. 

9. Data Retention

The GDPR requires that personal data not be kept longer than necessary for the purposes for which it is processed.

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

In general:

  • inquiry and contact data: for as long as needed to handle the inquiry and follow-up;

  • client and project data: for the duration of the client relationship and a reasonable period thereafter;

  • invoices and financial records: for as long as required under applicable tax and accounting laws;

  • marketing data: until consent is withdrawn or you object, unless another lawful basis applies;

  • cookie data: according to the duration set out in our cookie settings or Cookie Statement.

10. Data Security

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

These measures may include:

  • access controls; 

  • use of password-protected systems; 

  • secure hosting environments; 

  • encryption in transit where appropriate; 

  • confidentiality obligations for persons handling data; 

  • vendor and tool selection with security in mind. 

However, no website, transmission, or storage system can be guaranteed to be completely secure.

11. Your Rights

Under the GDPR, individuals have rights regarding their personal data, including the right to:

  • request access to their personal data; 

  • request rectification of inaccurate data; 

  • request erasure in certain circumstances; 

  • request restriction of processing in certain circumstances; 

  • object to processing in certain circumstances; 

  • request data portability where applicable; 

  • withdraw consent at any time where processing is based on consent; 

  • lodge a complaint with a supervisory authority. These rights are laid down in the GDPR, including the right to complain to a supervisory authority.

If you want to exercise your rights, please contact us at hello@clausely.eu.

If you are located in the Netherlands, you may also lodge a complaint with the Autoriteit Persoonsgegevens. The right to lodge a complaint with a supervisory authority follows from Article 77 GDPR.

12. Obligation to Provide Data

You are generally not legally required to provide personal data to us. However, if you do not provide certain information, we may not be able to respond to your inquiry, provide the Free AI Risk Scan, deliver the AI Fix Plan, or otherwise perform our Services.

13. No Automated Decision-Making With Legal or Similar Significant Effects

We do not make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you.

If we use automated tools, AI-supported workflows, or form logic, these are used to support our internal processes or generate preliminary outputs, not to make legally significant decisions about individuals.

14. Third-Party Websites and Services

Our Website may contain links to third-party websites, tools, or platforms. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies separately.

15. Children

Our Website and Services are not intended for children under the age of 16, and we do not knowingly collect personal data from children.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

The most recent version will always be published on this page with the updated “Last updated” date. Where legally required, we will take additional steps to inform users of material changes.

17. Contact

If you have any questions about this Privacy Policy or our processing of personal data, please contact:

Clausely
Registered in the Netherlands
Chamber of Commerce number:
VAT number:
Website: www.clausely.eu 
Email: hello@clausely.eu