Privacy Policy

PRIVACY POLICY 1. Controller FDCL Defence B.V. Kluyverweg 1 2629 HS Delft The Netherlands Chamber of Commerce (KvK): 97131849 VAT number: NL867922977B01 Email: privacy@fdcl.nl FDCL Defence B.V., operating under the commercial name “Fiducial”, acts as data controller within the meaning of Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”) in respect of personal data collected through this website. 2. Categories of Personal Data 2.1 Data provided via the contact form We process personal data that you voluntarily provide when submitting a message through our website contact form, including: • Name • Company (if provided) • Email address • Message content This information is processed solely for the purpose of responding to your inquiry and, where applicable, communicating in relation to potential business matters. Where a message relates to potential employment, the information provided will be processed only to respond to that inquiry. 2.2 Technical data When you access the website, certain technical data may be processed automatically through our hosting and IT infrastructure for operational and security purposes. This may include: • IP address • Browser type • Device information • Date and time of access We do not engage in automated decision-making within the meaning of Article 22 GDPR, nor do we conduct systematic profiling of website visitors. 3. Purposes of Processing Personal data is processed for the following purposes: • Responding to contact requests; • Communicating regarding potential business relationships; • Responding to employment-related inquiries submitted via the contact form; • Ensuring the secure and proper functioning of the website; • Preventing misuse, spam, or abuse of the website; • Analyzing website performance and usage on an aggregated basis; • Complying with applicable legal obligations. Personal data is not processed for purposes incompatible with the above. 4. Legal Basis Depending on the context, processing is based on one or more of the following legal grounds under Article 6 GDPR: • Article 6(1)(b) GDPR — processing necessary to take steps at the request of the data subject prior to entering into a contract; • Article 6(1)(c) GDPR — processing necessary to comply with a legal obligation; • Article 6(1)(f) GDPR — processing necessary for the purposes of our legitimate interests, including secure website operation and handling business communications; • Article 6(1)(a) GDPR — consent, where required for the use of non-essential cookies or analytics technologies. Where processing is based on consent, such consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal. 5. Analytics and Website Technologies The website may use analytics or performance measurement tools to obtain insight into website usage and to improve functionality. Such tools may process technical data, including IP addresses and browsing information. Where required under applicable law, non-essential technologies are activated only after valid user consent. Analytics data is used exclusively for statistical and website optimization purposes and is not used for individual profiling. 6. Retention Personal data is retained only for as long as necessary in light of the purposes for which it was collected, unless a longer retention period is required by law. In general: • Contact requests are retained for up to 12 months after completion of the correspondence; • Employment-related inquiries submitted via the contact form are retained for up to 4 weeks after closure of the communication, unless further engagement follows; • Contract-related documentation is retained for the statutory fiscal retention period (currently seven years); • Technical or analytics data is retained in accordance with the configured retention settings of the relevant systems. Retention periods may be extended where necessary to establish, exercise, or defend legal claims. 7. Use of Processors For the technical operation, hosting, maintenance, and security of the website and related IT infrastructure, we engage service providers acting as processors within the meaning of Article 28 GDPR. Such processors may process personal data solely on our documented instructions and under contractual obligations ensuring confidentiality and compliance with applicable data protection law. Personal data is not disclosed to third parties for commercial exploitation. Where personal data is processed outside the European Economic Area, appropriate safeguards are implemented in accordance with Chapter V GDPR. 8. Security Measures We implement appropriate technical and organizational measures within the meaning of Article 32 GDPR to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Access to personal data is restricted to people who require such access for legitimate operational purposes. 9. Rights of Data Subjects Subject to the conditions set out in the GDPR, data subjects have the right to: • Request access to their personal data; • Request rectification of inaccurate or incomplete data; • Request erasure of personal data; • Request restriction of processing; • Receive personal data in a structured, commonly used, and machine-readable format; • Object to processing based on legitimate interests. Privacy-related requests may be submitted to: privacy@fdcl.nl Data subjects also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). 10. Cookies The website may use cookies or similar technologies necessary for its operation and performance. Where required under applicable law, non-essential cookies are used only after prior consent. 11. Amendments We may amend this Privacy Policy from time to time. The most recent version will always be made available on our website. Last updated: 03.02.2026