Privacy Policy

Fides IT, trading as Utisha, respects your privacy and protects your personal data. This policy describes how we handle information collected through our marketing website, www.utisha.com. It doesn't apply to the Utisha platform itself, which is typically self-hosted by our customers.

1. Data Controller

Fides IT is the data controller for the personal data processed through this website.

Entity Name: Fides IT Trade Name: Utisha Chamber of Commerce (KvK): 57282196 Email: privacy@utisha.com

2. Data We Collect and Why

We process personal data for specific purposes based on valid legal grounds under the GDPR.

2.1 Website Visits and Analytics

When you browse our site, we collect technical information through Google Analytics (ID: G-Q0DZJ00CZP). This includes your IP address, browser type, device information, and how you interact with our pages. We use this data to understand website performance and improve our content.

  • Legal Basis: Legitimate interest (Article 6(1)(f) GDPR). We have a legitimate interest in maintaining and optimizing our marketing presence.
  • Note: We've configured Google Analytics to anonymize IP addresses where possible.

2.2 Contact Form Submissions

If you reach out via our contact form, we collect your name, email address, company name, and the content of your message. We use this information to respond to your inquiry and provide requested details about our services.

  • Legal Basis: Performance of a contract or pre-contractual steps (Article 6(1)(b) GDPR). We need this data to handle your request before you potentially become a customer.

2.3 Newsletter and Marketing

If we offer a newsletter in the future, we'll only collect your email address if you explicitly opt in. You'll always have the option to unsubscribe immediately.

  • Legal Basis: Consent (Article 6(1)(a) GDPR).

3. How We Store and Process Data

Your data is stored on secure servers within the European Economic Area (EEA) whenever possible. We apply strict access controls to ensure only authorized personnel can view your information. Our team processes your data solely for the purposes mentioned above.

4. Data Retention

We don't keep your data longer than necessary.

  • Analytics Data: Google Analytics data is retained for 14 months.
  • Contact Inquiries: We keep contact form submissions for up to 2 years after our last interaction, unless a contract is signed or legal obligations require longer storage.
  • Marketing Consent: We retain your email for newsletter purposes until you withdraw your consent.

5. Third-Party Processors

We share data with trusted service providers who help us operate our website.

  • Google Ireland Limited: Provides analytics services.
  • Email Service Provider: Handles our outgoing and incoming communications.
  • Hosting Provider: Maintains the physical infrastructure for our website.

These parties are bound by data processing agreements that ensure they protect your data according to GDPR standards.

6. International Data Transfers

Some of our service providers, such as Google, are based in or use servers in the United States. While we prioritize EEA-based processing, data may be transferred to the US. We rely on the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of protection.

7. Your Data Subject Rights

You have several rights regarding your personal data under the GDPR:

  • Access: You can request a copy of the data we hold about you.
  • Rectification: You can ask us to correct inaccurate or incomplete information.
  • Erasure: You can request that we delete your data under certain conditions.
  • Portability: You can ask for your data in a structured, machine-readable format.
  • Restriction: You can request that we limit how we process your data.
  • Objection: You can object to our processing based on legitimate interests.

To exercise these rights, please contact us at privacy@utisha.com. We'll respond to your request within 30 days.

8. Security Measures

We implement technical and organizational measures to protect your data against unauthorized access, loss, or alteration. This includes using SSL/TLS encryption for all website traffic and maintaining up-to-date security patches on our infrastructure.

9. Complaints

If you believe we're processing your data incorrectly, please contact us first. You also have the right to lodge a complaint with the Dutch Data Protection Authority:

Autoriteit Persoonsgegevens PO Box 93374 2509 AJ THE HAGUE The Netherlands Website: https://autoriteitpersoonsgegevens.nl

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a new "Last Updated" date.

Last Updated: March 2026