Privacy Policy
Last updated: March 2026
1. Introduction
Aardvark Hosting ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website at aardvark-hosting.nl and use our services.
This policy is in accordance with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and other applicable Dutch and European data protection legislation.
Data Controller:
| Company | Aardvark Hosting |
| Address | Mariahof 3, 5056 SG, Berkel-Enschot, The Netherlands |
| Phone | +31 13-4700020 |
| KvK | 68957157 |
| BTW | NL001778406B98 |
| Privacy inquiries | Via our contact form |
2. What Personal Data We Collect
We collect personal data in the following ways:
2.1 Contact Form
When you submit our contact form, we collect the following information:
- Name (required) — to address you personally in our response
- Email address (required) — to reply to your inquiry
- Phone number (optional) — to contact you by phone if preferred
- Subject selection — to route your inquiry to the right team member
- Message (required) — the content of your inquiry
The legal basis for processing this data is Article 6(1)(b) GDPR (performance of a contract or steps prior to entering into a contract) and Article 6(1)(f) GDPR (our legitimate interest in responding to inquiries).
2.2 Website Analytics (Google Analytics)
With your consent, we use Google Analytics (GA4) to collect anonymized data about how visitors use our website. This includes:
- Pages visited and time spent on pages
- Referring website or source
- Browser type and device information
- Approximate geographic location (country/city level, based on anonymized IP)
- Interaction events (clicks, scrolls)
IP anonymization is enabled, meaning your full IP address is never stored by Google Analytics.
The legal basis for analytics is Article 6(1)(a) GDPR (your consent). You can manage your consent preferences at any time via the cookie settings on our website. Analytics data is only collected if you have explicitly accepted analytics cookies.
2.3 Technical Data
Our hosting platform (Microsoft Azure Static Web Apps) automatically collects certain technical data in server logs, including:
- IP address
- Date and time of access
- Requested URL
- HTTP status code
- Browser user agent string
This data is processed for security purposes and to ensure the proper functioning of our website. The legal basis is Article 6(1)(f) GDPR (legitimate interest in website security and performance).
3. How We Process Your Data
3.1 Contact Form Submissions
When you submit the contact form on our website, your data is transmitted securely (via HTTPS) and delivered to us using Microsoft Azure Communication Services for email delivery. This means:
- Your form data is sent from our website to an Azure Function (serverless backend)
- Azure Communication Services sends an email containing your inquiry to our team
- The data is processed within Microsoft Azure's European data centers
- We do not store your contact form submissions in a separate database — they are delivered as email
3.2 Analytics Processing
Google Analytics data is processed by Google LLC. Google acts as a data processor on our behalf. We have a Data Processing Agreement with Google in place. Google may transfer data to servers in the United States; however, appropriate safeguards are in place (including Standard Contractual Clauses) to ensure adequate protection of your data.
4. Cookies
Our website uses the following types of cookies:
4.1 Necessary Cookies
These cookies are essential for the website to function properly. They include:
- Cookie consent preference — stored in your browser's localStorage to remember your cookie choices. No personal data is sent to our servers.
These do not require consent as they are strictly necessary.
4.2 Analytics Cookies
If you accept analytics cookies, Google Analytics places the following cookies:
- _ga — distinguishes unique visitors (expires after 2 years)
- _ga_* — maintains session state (expires after 2 years)
These cookies are only set if you explicitly consent via our cookie banner. You can withdraw consent at any time by clearing your cookies or using the cookie settings on our website.
5. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data. We share your data only with the following parties, solely for the purposes described in this policy:
- Microsoft Azure (including Azure Communication Services) — for hosting our website and processing contact form submissions. Microsoft acts as a data processor. Data is processed in EU data centers.
- Google LLC (Google Analytics) — for website analytics, only with your consent. Google acts as a data processor.
We have Data Processing Agreements in place with all third-party processors in accordance with Article 28 GDPR.
6. Data Transfers Outside the EU/EEA
Google Analytics may involve data transfers to the United States. These transfers are safeguarded by:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- The EU-U.S. Data Privacy Framework (where applicable)
Our hosting (Azure Static Web Apps) and email delivery (Azure Communication Services) are configured to use European data centers, and data remains within the EU/EEA.
7. Data Retention
- Contact form inquiries: We retain email correspondence for up to 2 years after the last communication, or longer if a business relationship is established (in which case, retention follows our general client data retention policy).
- Analytics data: Google Analytics data is retained for 14 months, after which it is automatically deleted.
- Server logs: Technical server logs are retained for up to 90 days.
- Cookie consent preferences: Stored in your browser's localStorage until you clear your browser data.
8. Your Rights Under GDPR
As a data subject, you have the following rights under the GDPR:
- Right of access (Article 15) — You may request a copy of the personal data we hold about you.
- Right to rectification (Article 16) — You may request that we correct any inaccurate or incomplete data.
- Right to erasure (Article 17) — You may request that we delete your personal data ("right to be forgotten"), subject to legal obligations.
- Right to restriction of processing (Article 18) — You may request that we restrict how we process your data in certain circumstances.
- Right to data portability (Article 20) — You may request to receive your personal data in a structured, commonly used, machine-readable format.
- Right to object (Article 21) — You may object to processing based on legitimate interests.
- Right to withdraw consent (Article 7(3)) — Where processing is based on consent (e.g., analytics cookies), you may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
To exercise any of these rights, please contact us through our contact form with the subject "Privacy Request". We will respond to your request within 30 days, as required by the GDPR.
9. Data Security
We take appropriate technical and organisational measures to protect your personal data, including:
- SSL/TLS encryption for all data transmitted to and from our website
- Hosting on Microsoft Azure, which maintains ISO 27001, SOC 2, and other security certifications
- Access to personal data is limited to authorised personnel only
- Regular security reviews of our systems and processes
10. Children's Privacy
Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will promptly delete it.
11. Complaints
If you believe that we have not handled your personal data properly, you have the right to lodge a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens
Bezuidenhoutseweg 30, 2594 AV The Hague
Telephone: +31 70-8888 500
Website: autoriteitpersoonsgegevens.nl
We would appreciate the opportunity to address your concerns before you contact the supervisory authority. Please reach out to us first via our contact form.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.
13. Contact
If you have any questions about this Privacy Policy or our data processing practices, please contact us:
- Contact form: aardvark-hosting.nl/contact
- Phone: +31 13-4700020
- Address: Aardvark Hosting, Mariahof 3, 5056 SG, Berkel-Enschot, The Netherlands