top of page

Privacy Policy

​

Effective Date: December 24, 2025

Version: 1.0

Data Controller: SILARA B.V. (or applicable legal entity)

Chamber of Commerce (KVK) No: [Insert Number]

Location: [City], The Netherlands

SILARA ("we", "us", "our") processes personal data in strict compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Dutch Implementation Act (Uitvoeringswet AVG).

This Policy describes how we process, store, and protect your data.

​

1. Data We Collect & Sources

We collect data through direct interaction and automated technologies.

A. Data You Provide

  • Identity Data: Name, username, date of birth.

  • Contact Data: Email address, telephone number, billing/delivery address.

  • Financial Data: Payment card details (processed directly by our PCI-DSS compliant payment providers; we do not store full card numbers).

  • Correspondence: Records of communications with our support team.

B. Data Collected Automatically

  • Technical Data: IP address, browser type/version, time zone setting, operating system.

  • Usage Data: Clickstreams, page response times, download errors, and page interaction methods.

  • Cookies: See Section 6 for details on Tracking Technologies.

​

2. Legal Basis for Processing

We process your data only when we have a specific legal ground to do so, as defined in GDPR Article 6:

Purpose of ProcessingType of DataLegal Basis

User Registration & Service DeliveryIdentity, ContactContractual Necessity: We cannot provide the service without this.

Processing PaymentsFinancial, IdentityContractual Necessity

Fraud Prevention & SecurityTechnical, Identity, UsageLegitimate Interest: To protect our platform and users from misuse.

Marketing CommunicationsContact, IdentityConsent: (If you opted in) OR Legitimate Interest: (For existing customers, subject to opt-out).

Analytics & OptimizationTechnical, UsageConsent: (Via Cookie Banner)

Legal Compliance (Tax/Gov)Transaction DataLegal Obligation: (e.g., Dutch tax retention laws).

 
3. Data Sharing & Third Parties

We do not sell your data. We share data only with the following categories of Data Processors who act on our behalf under strict Data Processing Agreements (DPAs):

  • Payment Gateways: (e.g., Stripe, Adyen, PayPal).

  • Hosting Services: (e.g., AWS, Azure, DigitalOcean).

  • Analytics Providers: (e.g., Google Analytics).

  • Email/CRM Services: (e.g., Mailchimp, HubSpot).

  • Legal/Regulatory Authorities: Only if required by a court order or binding Dutch law.

A full list of our current sub-processors is available upon request at privacy@silara.com.

​

4. International Data Transfers

SILARA is based in the Netherlands (EEA). Some of our third-party service providers (e.g., Google, Stripe) may process data in the United States or other non-EEA countries.

To ensure your data remains protected, we rely on:

  1. Adequacy Decisions: Transfers to countries deemed "safe" by the European Commission.

  2. Standard Contractual Clauses (SCCs): Where no adequacy decision exists, we implement the EU Commission’s SCCs with our providers to legally protect your data transfer.

 
5. Automated Decision Making & Profiling

We may use automated tools to detect fraud or personalize your experience (e.g., recommending products).

  • Fraud Detection: Decisions are made automatically to block suspicious transactions. You have the right to request human intervention to contest a decision.

  • Profiling: We do not engage in legal or similarly significant profiling without your explicit consent.

​

6. Cookies

We use cookies to distinguish you from other users.

  • Essential Cookies: Loaded automatically; necessary for the site to function.

  • Non-Essential Cookies (Analytics/Ads): Loaded only after you have given consent via our Cookie Banner.

  • You may withdraw consent at any time via the "Cookie Settings" link in the footer.

 
7. Data Retention

We retain data only as long as necessary:

  • Account Data: While your account is active + 2 years inactive.

  • Transaction Data: 7 years (Mandatory under Dutch Tax Law - Belastingdienst).

  • Marketing Data: Until you opt-out/unsubscribe.

 
8. Your Rights (GDPR)

You possess the following rights regarding your data:

  1. Right to Access: Request a copy of all data we hold on you.

  2. Right to Rectification: Correct inaccurate data.

  3. Right to Erasure ("Right to be Forgotten"): Request deletion of data (unless we are legally required to keep it).

  4. Right to Restrict Processing: Pause processing while a dispute is resolved.

  5. Right to Portability: Receive your data in a JSON/CSV format.

  6. Right to Object: Object to processing based on "Legitimate Interest" (including marketing).

To exercise these rights, email privacy@silara.com. We are legally required to respond within one month.

​

 
9. Security

We implement appropriate technical and organizational measures (TOMs) including SSL encryption, 2FA for internal access, and regular vulnerability scanning. In the event of a high-risk data breach, we will notify the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) within 72 hours, and affected users without undue delay.

 
10. Contact & Complaints

If you believe we have infringed your rights, we encourage you to contact us first:

SILARA B.V.

[Address]

[Zip Code, City, NL]

Email: privacy@silara.com

You also have the right to lodge a formal complaint with the supervisory authority:

Autoriteit Persoonsgegevens

Postbus 93374, 2509 AJ Den Haag

bottom of page