Privacy Policy
Last updated: 12 July 2026
Introduction
Year 3000 ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use and protect personal data when you visit our website.
1. Data we collect
Contact form: When you fill in the contact form, we collect your name, email address and message. This data is used to contact you and answer your questions.
Automatically collected data: When you visit our website, we automatically collect certain information via cookies and similar technologies, such as:
- IP address (anonymized in Google Analytics)
- Browser type and version
- Pages visited and timestamps
- Referring website
- Device information
Important: IP addresses are anonymized before being sent to Google Analytics, to protect your privacy.
2. Cookies
Our website uses cookies to improve your experience and to analyze how the website is used.
Necessary Cookies
These cookies are essential for the website to function and cannot be disabled. They are usually only set in response to actions you take.
Analytics Cookies
These cookies help us understand how visitors use the website by collecting and reporting information. We use Google Analytics for this purpose. You can decline these cookies via the cookie settings.
You can adjust your cookie preferences at any time via the cookie settings on our website.
3. Purposes and legal basis for data processing
We use your personal data for the following purposes:
- Answering your questions and requests
- Improving our website and services
- Analyzing website usage and trends
- Complying with legal obligations
Legal basis (GDPR Article 6)
- Contact form: Basis "Consent" (Article 6(1)(a) GDPR) - you give consent by submitting the form. You can withdraw this consent at any time by contacting us.
- Analytics cookies: Basis "Consent" (Article 6(1)(a) GDPR) - you give consent via the cookie banner. You can withdraw this consent at any time via the cookie settings.
- Necessary cookies: Basis "Necessary for the performance of a contract" (Article 6(1)(b) GDPR) - necessary for the website to function.
Important: Providing personal data via the contact form is not mandatory, but is necessary for us to answer your questions. You can choose not to provide personal data, but then we may not be able to respond to your request.
4. Your rights
Under the General Data Protection Regulation (GDPR) you have the following rights:
- Right of access: You have the right to know what data we hold about you
- Right to rectification: You can have incorrect data corrected
- Right to erasure: You can request deletion of your data
- Right to restriction: You can restrict the processing of your data
- Right to object: You can object to certain forms of processing
- Right to data portability: You can receive your data in a structured format
- Right to withdraw consent: Where processing is based on consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing before the withdrawal
To exercise these rights, you can contact us via info@year3000.nl.
Right to complain
You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we are not processing your data correctly. You can contact the Autoriteit Persoonsgegevens via www.autoriteitpersoonsgegevens.nl.
5. Data security
We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction or alteration. Our website uses SSL encryption and we only work with reliable service providers.
6. Data sharing
We do not share your personal data with third parties, except:
- With your explicit consent
- When legally required to do so
- With service providers who help us carry out our services
Data processing agreements
We work with service providers (Google Analytics, Resend) with whom we have concluded data processing agreements, as required by Article 28 GDPR.
Transfers to third countries
Google Analytics may process personal data in the United States. This transfer is based on the EU-US Data Privacy Framework (DPF), which provides an adequate level of protection for personal data transferred to the US.
7. Retention period
We do not keep your personal data longer than necessary for the purposes for which it was collected, or as required by law.
- Contact form data: Kept for as long as needed to handle your request (a maximum of 3 months), then for up to 1 year for administrative purposes, unless you request deletion.
- Analytics data: Kept for 14 months, as configured in our Google Analytics account.
8. Contact
For questions about this privacy policy or about your personal data, you can contact us:
Year 3000
Email: info@year3000.nl