Legal

Privacypolicy

Last updated: July 2026

About this translation

This is an English translation of the Dutch privacy policy, offered for convenience. In case of any difference in meaning, the Dutch version is the one that applies.

Who is responsible?

Kimberley van Ruiven is the data controller within the meaning of the General Data Protection Regulation (GDPR).

Business
Kimberley van Ruiven
Chamber of Commerce (KvK)
98007033
VAT identification number
NL005302885B48

Which data is processed?

This website collects no personal data through forms or tracking. For visitor statistics the site uses Cloudflare Web Analytics: a privacy-friendly form of measurement that uses no cookies, stores no personal data and cannot identify individual visitors. A cookie banner is therefore not needed.

When you get in touch through this website (by email or through a scheduling link) or use external services, the privacy terms of those services apply:

  • Google Calendar: for booking an intro call. Google processes data in line with its own privacy policy.
  • LinkedIn: when visiting the profile or sending messages.
  • GitHub: when viewing code and projects through the links on this site.

Legal basis and retention

If you get in touch by email, I process your name, your email address and whatever you write to me. The legal basis for this is the performance of a contract, or my legitimate interest in being able to answer a question. I keep those messages for as long as the conversation runs, and for at most two years afterwards, so that I can find an earlier exchange. If you become a client, the statutory retention period of seven years applies to the administration.

The visitor statistics contain no personal data and are kept in aggregate, so nothing in them can be traced back to you as a person.

Hosting and processors

This website runs on Cloudflare. Like any web server, Cloudflare records technical data in order to deliver and secure the site, including your IP address temporarily. Cloudflare’s standard data processing agreement, which forms part of its subscription agreement, applies to that use, and the transfer outside the EU is covered by the European Commission’s standard contractual clauses.

Cookies

This website places no tracking or analytics cookies of its own; the visitor statistics work entirely without cookies. External parties (such as those named above) may place cookies when you visit their services. That falls outside the responsibility of Kimberley van Ruiven.

Your rights under the GDPR

Under the GDPR you have the following rights:

  • Right of access: you can request which data about you is stored.
  • Right to rectification: having incorrect data corrected.
  • Right to erasure: having data deleted (the “right to be forgotten”).
  • Right to restriction: having the processing of your data limited.
  • Right to object: objecting to processing based on legitimate interest.
  • Right to data portability: requesting your data in a machine-readable format.

For questions or to exercise your rights: info@kimberleyvanruiven.nl. You also have the right to lodge a complaint with the Dutch data protection authority, the Autoriteit Persoonsgegevens.

AI transparency and the EU AI Act

In line with the EU AI Act, and because of my own values around ethical technology, I am open about the use of AI tools. This website was developed partly with the help of AI (for design, text and code, among other things); the content has been checked, reviewed and approved by me, Kimberley van Ruiven. In advisory work I use AI as a support: conclusions and recommendations are always human work and fall under my professional responsibility. This website makes no automated decisions about you.

Exactly how I work with AI, which tools I use and when I deliberately leave AI alone is set out in how I work with AI.

Changes

This privacy policy may be amended when the services or the law change. The most current version is always the one on this page.