Last updated: August 2025
- Introduction
At NLCyber, we highly value your privacy. This policy explains which personal data we collect, why we do so, how we protect it, and what rights you have. We process your data strictly in accordance with the General Data Protection Regulation (GDPR) and applicable privacy laws.
- Who is responsible for your data?
NLCyber is a trade name of Qlibr B.V., based in the Netherlands and reachable via:
Email: privacy@nlcyber.com
Address: Slootjesbeemd 32, 5682 JG, Best, The Netherlands
Qlibr B.V. is the data controller for the personal data collected and processed through NLCyber.
- What data do we collect?
We only collect data that is necessary to provide and improve our services, such as:
Account data: name, email address, password (encrypted)
Profile information: selected topic preferences
Website usage: interactions with news, companies, and events
Communication data: messages exchanged with us or through NLCyber
Technical data: IP address, browser type, cookies (see our cookie policy)
We do not process special categories of personal data, such as health or political beliefs.
3a. Data collected outside the website
We may also process personal data that you share with us via email, phone, or in the context of business communication. This includes information provided when requesting or activating a company profile, responding to invitations, or asking specific questions. This data is used only to handle your request or deliver the requested service.
- Purposes of processing
We use your personal data solely for the following purposes:
Providing and improving our services
Personalizing content such as news, companies, or events based on your preferences
Sending our newsletter (only after opt-in)
Responding to your requests or messages
Securing our website and preventing abuse
Complying with legal obligations
We do not use your data for automated decision-making or profiling with legal consequences.
- Legal basis for processing
We process your personal data based on one of the following legal grounds:
Consent: for example, for newsletter subscriptions and cookies
Performance of a contract: for access to your account or services
Legal obligation: for fiscal or administrative purposes
Legitimate interest: such as improving our services or securing our platform, provided your privacy rights are respected
- Sharing data with third parties
We only share your personal data with third parties when strictly necessary, such as:
Service providers that support the operation of the website or handle communication
Legal authorities, if we are legally obliged to do so
We have data processing agreements in place with all external parties, ensuring confidentiality, security, and lawful processing. We never sell your personal data.
- International data transfers
If personal data is processed outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
An adequacy decision by the European Commission, or
Standard Contractual Clauses (SCCs) with additional security measures
- Data security
We take appropriate technical and organizational measures to protect your data, including:
Encrypted connections (SSL/TLS)
Encrypted password storage (hashed)
Access restrictions on personal data
Regular system and procedure audits
- Data retention
We do not store your personal data longer than necessary:
Account data: as long as your account is active
Newsletter data: until you unsubscribe
Cookies: in accordance with our cookie policy
Legal retention: for example, up to 7 years for tax administration
After these periods, your data is securely deleted or anonymized.
- Your rights
Under the GDPR, you have the following rights:
Access: to view what personal data we hold about you
Correction: to update inaccurate data
Erasure: to delete your data (‘right to be forgotten’)
Restriction: to temporarily pause data processing
Data portability: to receive your data in a structured, machine-readable format
Objection: to certain types of processing
Withdraw consent: at any time, without affecting prior processing
You can exercise your rights by contacting privacy@nlcyber.com. We will respond within 30 days.
- Complaints
If you believe your data is being processed improperly, you may file a complaint with the Dutch Data Protection Authority or your national supervisory authority.
- Changes to this policy
We may update this privacy policy if our services or the law changes. We recommend reviewing this page regularly. For significant changes, we will notify you directly, for example via email or through our website