Privacy Policy

Last updated: December 2024

Data Controller

Paxion B.V. is the data controller for the personal information collected through this website and our services. Our contact details are:

Data Collection and Sources

The data we collect includes personal information that you provide directly to us and information that is automatically collected when you visit our website. We collect this information to provide our commercial leasing services and improve your experience with Paxion.

Information You Provide

• Name and contact details (email, phone number, address)
• Company information and business requirements
• Property preferences and specifications
• Communication records and correspondence
• Financial information relevant to leasing transactions
• Any other information you choose to provide

Automatically Collected Information

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referring website and exit pages
• Cookies and similar tracking technologies

How We Use Your Information

We explain how we use your information for various purposes related to our commercial leasing services. The use of your data is based on legitimate business interests, contractual necessity, and your consent where required by law.

Primary Uses

• Providing commercial leasing services and property consultations
• Processing and responding to your enquiries
• Matching you with suitable commercial properties
• Facilitating lease negotiations and transactions
• Maintaining client relationships and providing ongoing support
• Complying with legal and regulatory requirements

Secondary Uses

• Improving our website and services
• Analysing market trends and client preferences
• Sending relevant property updates and market insights
• Preventing fraud and ensuring security
• Internal record keeping and business analytics

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contractual necessity: To perform our commercial leasing services
• Legitimate interests: To operate our business and improve our services
• Consent: For marketing communications and cookies (where required)
• Legal obligation: To comply with applicable laws and regulations

Data Sharing and Disclosure

We may share your information with trusted third parties who assist us in providing our services:

• Property owners and landlords for leasing arrangements
• Legal advisors and conveyancing services
• Financial institutions for lease processing
• Professional service providers (IT support, accounting)
• Regulatory authorities when legally required

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Our retention periods are:

• Client records: 7 years after the end of our business relationship
• Enquiry data: 3 years from last contact (unless you become a client)
• Website analytics: 26 months from collection
• Marketing data: Until you unsubscribe or withdraw consent
• Legal documents: As required by Dutch law and regulations

Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal information:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your data (subject to legal requirements)
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for consent-based processing

International Data Transfers

Your personal data is primarily processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard contractual clauses
• Binding corporate rules
• Certification schemes approved by supervisory authorities

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Employee training on data protection
• Incident response and breach notification procedures

Cookies and Tracking

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please see our Cookie Policy.

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy regularly.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please use the following contact information:

Supervisory Authority

If you believe we have not handled your personal data in accordance with this policy or applicable law, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):