Presale waitlist

Website Data Handling Policy

Effective Date: 03-12-2025

DATA HANDLING IN WEBSITE POLICY

1. Scope

This Data Handling in Website Policy describes how data collected through the Organization’s website is processed, organised, protected, and retained.

This policy is supplemental to the Privacy Policy, which governs the processing of personal data in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 – “GDPR”) and the Dutch GDPR Implementation Act (“Uitvoeringswet AVG” or “UAVG“).

2. Applicability

This policy applies to:

  • Technical data automatically generated during website navigation.
  • Information required for the operation, maintenance, and security of the website.
  • Non-personal and anonymised data used to improve website performance and analyse general usage.

This policy does not cover the processing of personal data that falls under the scope of the Privacy Policy.

3. Types of Data Processed

3.1 Technical Data

When the website is used, the following technical information may be collected automatically:

  • IP address (anonymised where possible in accordance with Dutch supervisory guidance).
  • Device type, browser type, operating system, and related metadata.
  • Pages visited, session duration, click behaviour, and navigation paths.
  • Information obtained through strictly necessary or functional cookies.

Such data is necessary for ensuring website compatibility, performance, security, and stability.

3.2 Operational Information

Operational data processed for the maintenance and security of the website includes:

  • System and server logs.
  • Error and diagnostic information.
  • Data used to detect anomalies, intrusions, or potential security threats.

This processing is carried out to ensure compliance with Article 32 GDPR (security of processing).

4. Legal Basis for Processing

The processing of technical and operational data is based on:

  • Article 6(1)(f) GDPR (legitimate interest): ensuring the proper functioning, security, and optimisation of the website.
  • Article 6(1)(c) GDPR (legal obligation), where applicable, relating to security and incident-handling requirements.
  • Article 6(1)(a) GDPR (consent), if the user voluntarily agrees to non-essential cookies or analytics tools.

All processing is performed in accordance with the GDPR, the UAVG, and relevant guidance from the Dutch Data Protection Authority (“Autoriteit Persoonsgegevens“).

5. Purposes of Processing

Data is processed for the following purposes:

  • Ensuring operational availability, stability, and performance of the website.
  • Protecting the website against cybersecurity risks.
  • Analysing general usage to support improvements, provided such data is anonymised or collected with valid consent.
  • Verifying and monitoring system integrity and detecting security incidents.
  • Complying with applicable EU and Dutch regulatory obligations.

6. Tools and Technologies Used

To ensure a secure and efficient browsing experience, the Organization may use:

  • Strictly necessary and functional cookies.
  • Anonymised analytics tools compliant with GDPR and AP recommendations.
  • Server and infrastructure logs for system monitoring.
  • Security and intrusion-detection technologies to protect against external threats.

Non-essential cookies and analytics tools are only activated with explicit user consent, in compliance with Dutch Telecommunications Act (“Telecommunicatiewet“).

7. Authorised Access and Data Retention

Access to data is limited to authorised personnel who require it to fulfil operational duties.

Retention periods are:

  • Technical logs: retained only as long as required for security and troubleshooting.
  • Anonymised or aggregated data: may be stored for longer periods for statistical purposes.

All retention complies with GDPR principles of storage limitation (Article 5(1)(e) GDPR).

8. Data Protection Measures

In accordance with Articles 24, 25, and 32 GDPR, appropriate technical and organisational measures are implemented.

9. Rights of Website Users

To the extent personal data is processed under this policy, users may exercise their GDPR rights, including:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

Requests may be submitted using the contact details provided in the Organization’s Privacy Policy.

10. Contact Information

For questions regarding this Website Data Handling Policy or GDPR compliance, users may contact the Organization through the details listed in the Privacy Policy.

Join the Presale Waitlist

Ticket sales will start on January 5th. Join the exclusive presale waitlist today and unlock access to super early bird tickets plus free limited-edition merchandise available only for early supporters.