We waarderen uw privacy

We gebruiken cookies om uw browse-ervaring te verbeteren, gepersonaliseerde advertenties of inhoud weer te geven en ons verkeer te analyseren. Door op ‘Alles accepteren’ te klikken, stemt u in met ons gebruik van cookies.

Powered by

    Privacy Policy

    This privacy policy (“Policy”) applies to Score Agency and was last updated February 2026. We may change or update this Policy at any time and we will update it here.

    We believe you should always know what data we collect from you, why we use it, and that you should be able to make informed choices about what you share with us.

    This Policy explains
    (i) how and why we collect, store, and use your personal data when you interact with us
    (ii) the rights you have regarding your personal data

    1. Who we are

    Score Agency is the controller for the processing described in this Policy.

    Email: info@scoreagency.nl

    2. Scope and types of users

    Your personal data relationship with Score Agency depends on how you interact with us. For this Policy, you may be (i) a visitor to our website (“Visitor”) (ii) a person who contacts us via a form or email (“Contact Requester”) (iii) a customer or prospective customer receiving services from us (“Customer”)

    TYPE OF USER VISITOR CONTACT REQUESTER CUSTOMER
    WHAT DATA WE MAY COLLECT 1. Approximate location derived from IP address

    2. Website usage and interaction data such as pages visited and time spent

    3. Device and browser information

    4. Cookie data and similar technologies

    5. Where applicable, a pseudonymous analytics identifier     		1. Name

    2. Email address

    3. Phone number if provided

    4. Company name if provided

    5. Any information you include in your message     		1. Contact details of representatives

    2. Contract and billing details where applicable

    3. Communication content and project related information you share with us

    4. Service delivery information needed to perform the agreement
    HOW AND WHY WE USE IT To understand website performance, improve usability, and maintain security and integrity of the website. To respond to your request, provide support, and communicate with you. Marketing communications are sent only where allowed by law and where consent is required. To deliver services, manage the customer relationship, administer agreements, and handle invoicing where applicable.

    3. Legal bases for processing

    We process personal data only when we have a valid legal basis under applicable data protection law, including the GDPR.

    PURPOSE LEGAL BASIS
    Responding to contact requests Performance of a contract or steps at your request prior to entering into a contract, and where applicable legitimate interest
    Delivering services to customers Performance of a contract, and where applicable compliance with a legal obligation
    Website analytics and improvement Consent where required for analytics cookies, and where applicable legitimate interest for basic website measurement and improvement
    Marketing communications Consent where required, and where applicable legitimate interest in maintaining business relationships

    4. Cookies and analytics

    Our website uses cookies and similar technologies to improve user experience, maintain security, and understand website usage. Where required, we ask for your consent before placing analytics cookies.

    We use Google Analytics for general website analytics. Google Analytics may collect information such as device and browser details, pages visited, and interactions on the site.

    COOKIE CATEGORY EXAMPLES PURPOSE
    Necessary Session and security cookies To operate the website, enable core functionality, and protect against abuse.
    Analytics Google Analytics cookies To measure website traffic and usage patterns and improve the website.
    Marketing Only where used and allowed To understand campaign effectiveness and deliver relevant communications where permitted.

    You can control cookies through your browser settings. You can also withdraw cookie consent at any time through the cookie preferences on our website, if available.

    5. Sharing personal data with third parties

    We do not sell your personal data. We share personal data only when needed to run our website or provide our services, or when required by law. We may share data with service providers such as hosting providers, email providers, analytics providers, and other vendors acting on our instructions. Where required, we put appropriate agreements in place to protect your data.

    RECIPIENT TYPE WHY WE SHARE
    Website and hosting providers To host and secure the website and ensure reliable delivery of content.
    Analytics providers To measure and analyze website usage and improve performance.
    Communication and productivity tools To manage inquiries, customer communication, and service delivery.
    Professional advisers and authorities To comply with legal obligations and protect our rights and safety where required.

    6. International transfers

    Some of our service providers may process data outside the European Economic Area. Where this happens, we take steps required by law to ensure adequate safeguards are in place, such as Standard Contractual Clauses and additional technical and organizational measures where appropriate.

    7. Data retention

    We keep personal data only for as long as needed for the purposes described in this Policy, unless a longer retention period is required or permitted by law.

    DATA CATEGORY TYPICAL RETENTION
    Contact requests Up to 24 months after last contact, unless a customer relationship follows or legal obligations require longer retention
    Customer and contract data For the duration of the agreement and thereafter as required for legal, tax, and accounting obligations
    Analytics data As configured in the analytics settings and in line with our legitimate interests and legal requirements

    8. Security

    We take appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include access control, least privilege, logging where appropriate, encryption in transit, and secure vendor management practices.

    MEASURE DESCRIPTION
    Access control Access to personal data is limited to authorized personnel on a need to know basis.
    Encryption We use encryption in transit where applicable and apply appropriate security controls for stored data.
    Monitoring and incident response We maintain processes to detect, respond to, and manage security incidents.
    Vendor management We work with vendors that provide appropriate safeguards and we contractually require protection of personal data.

    9. Your rights under the GDPR

    Subject to applicable law, you may have the following rights regarding your personal data.

    RIGHT WHAT IT MEANS
    Right to be informed You have the right to know how and why we use your personal data.
    Right of access You can request a copy of the personal data we hold about you.
    Right to rectification You can ask us to correct inaccurate or incomplete personal data.
    Right to erasure You can ask us to delete your personal data in certain situations.
    Right to restrict processing You can ask us to limit how we use your personal data in certain situations.
    Right to object You can object to processing based on legitimate interests and you can always object to direct marketing.
    Right to data portability You can request your personal data in a structured, commonly used, machine readable format where applicable.
    Right related to automated decision making You have rights related to decisions based solely on automated processing, where applicable.

    To exercise your rights, contact us at info@scoreagency.nl. We may ask you to verify your identity before responding. If you believe your rights have been infringed, you can lodge a complaint with your local supervisory authority.

    10. Compelled disclosure

    We may disclose personal data if required by law or legal process, or if needed to protect our rights, safety, and property, or those of others.

    11. Changes to this Policy

    We may update this Policy from time to time. The latest version will always be published on this page with an updated revision date.

    12. Data Protection Officer

    For questions regarding this Policy, GDPR compliance, or our ISO 27001 information security management, you may contact our Data Protection Officer.

    Sven van Hees
    sven@scoreagency.nl
    053 870 0020

    Your rights under GDPR

    Under the General Data Protection Regulation (GDPR), you have the right to have your personal data deleted. Use the form below to submit a deletion request.

    Data Deletion Request

    In accordance with GDPR Article 17

    Use the email address you registered with us.

    What happens after your request?

    • We will process your request within 30 days
    • You will receive a confirmation email
    • All personal data will be permanently deleted

    Gecertificeerd & Compliant

    Score Agency is ISO 27001 gecertificeerd en volledig AVG/GDPR compliant.

    ISO 27001AVGGDPRBekijk ons compliance portaal →