RippleCom B.V. Binnenhavenstraat 93, 7553 GH Hengelo, The Netherlands
Chamber of Commerce: 97582166 | VAT: NL868122087B01
Privacy contact: J.M.M. Klieverik
Email: joost@ripplecom.eu | Phone: +31 (0)85 060 25 09
WhatsApp: wa.me/31850602509
This privacy policy was last updated on 19 March 2026.
This privacy policy describes how RippleCom B.V. (hereinafter: "RippleCom", "we" or "us") processes personal data as data controller for its own business operations. This includes the website ripplecom.eu and associated subdomains, our own client relationships and business contacts.
Please note: this policy does not cover the processing of personal data we carry out as data processor on behalf of our clients through the RippleCom platform. The data processing agreement (Appendix B) and the DPIA assessment file (Appendix C) apply to those activities and are available at ripplecom.eu/en/data-processing-agreement.
We process personal data of:
When you start a conversation through the WhatsApp widget on our website, you are directed to WhatsApp. RippleCom receives your phone number and message content once you send a message. Meta Platforms Ireland Ltd. processes this traffic under its own terms.
| Purpose | Legal basis (GDPR) | Personal data |
|---|---|---|
| Responding to your enquiries and requests | Art. 6(1)(b) (performance of contract) or Art. 6(1)(f) (legitimate interest) | Name, contact details, message content |
| Performance of the agreement with clients | Art. 6(1)(b) | Name, organisation, contact details, billing data |
| Sending relevant service information about the platform | Art. 6(1)(f) (legitimate interest: client service) | Name, email address, phone number |
| Operation of the website (technically necessary) | Art. 6(1)(f) (legitimate interest: website management) | IP address, browser data, session data |
| Improvement of our website and services | Art. 6(1)(f) (legitimate interest: business optimisation) | Anonymised visitor behaviour |
| Compliance with legal obligations (accounting, tax) | Art. 6(1)(c) (legal obligation) | Billing data, correspondence |
| Processing job applications | Art. 6(1)(b) (pre-contractual measures) | Name, contact details, CV, motivation |
Where we rely on legitimate interest, we have carried out a balancing test between our interest and your privacy. If you would like to know more about this assessment, please contact us.
We only place functional cookies that are necessary for the operation of the website, such as session cookies and login cookies. No consent is required for these cookies.
We currently do not use any third-party tracking or analytical cookies (such as Google Analytics, Meta Pixel or similar services). Should this change in the future, we will update this policy and request your consent in advance via a cookie banner.
The WhatsApp widget on our website may share data with Meta Platforms Ireland Ltd. when you interact with it. This only occurs when you actively click the widget and start a conversation. We have no control over cookies Meta may place after redirecting you to WhatsApp.
The scheduling link (Cal.com) we use for booking sessions loads on an external page. Cal.com may place its own cookies. Please refer to Cal.com's privacy policy for further information.
| Category | Retention period | Reason |
|---|---|---|
| Client data (active clients) | Duration of the agreement | Performance of contract |
| Client data (after termination) | Up to 7 years after termination | Statutory tax retention obligation (Art. 52 AWR, Dutch tax law) |
| Website visitor data | Up to 6 months | Technical management and security |
| Correspondence (enquiries, complaints) | Up to 2 years after resolution | Client service and evidentiary purposes |
| Job application data | Up to 4 weeks after conclusion of procedure | Statutory period. With your consent, up to 1 year |
After the retention period, data is deleted or anonymised.
We do not sell your data. We do not share your data with third parties for marketing purposes.
We use the following service providers (sub-processors) for our own business operations:
| Service provider | Purpose | Location of data processing |
|---|---|---|
| Amazon Web Services (AWS) | Website hosting (Lightsail) | Frankfurt, Germany (EU) |
| Meta Platforms Ireland Ltd. | WhatsApp Business communication (WhatsApp Cloud API) | Ireland (EU). Limited metadata may be transferred to the US under SCCs (2021/914) |
| Cal.com | Scheduling of sessions | EU |
Data processing agreements have been concluded with all parties, or the European Commission's Standard Contractual Clauses (SCCs) apply where relevant.
We process and store your personal data within the European Economic Area (EEA). Our hosting is in Frankfurt, Germany (AWS EU-Central-1). Development takes place in the Netherlands.
In the event of transfers outside the EEA (limited metadata only, via Meta Platforms Ireland Ltd. to the US), appropriate safeguards are in place in the form of Standard Contractual Clauses (SCCs 2021/914) and supplementary technical measures. Refer to our DPIA assessment file for the full Transfer Impact Assessment.
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or destruction. These include:
Our security architecture is designed in accordance with ISO 27001 and NEN 7510 principles.
Under the GDPR, you have the following rights:
Right of access — You may request which personal data we process about you.
Right to rectification — You may request that we correct inaccurate or incomplete data.
Right to erasure — You may request that we delete your data, unless we are legally required to retain it.
Right to restriction — You may request that we temporarily restrict the processing of your data.
Right to data portability — You may receive your data in a structured, commonly used and machine-readable format.
Right to object — You may object to processing based on legitimate interest. We will cease processing unless we have compelling legitimate grounds that override your interests.
Right to withdraw consent — Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
Send your request to joost@ripplecom.eu or via WhatsApp on +31 (0)85 060 25 09. We may ask you to verify your identity. We will process your request within 30 days. For complex or multiple requests, this period may be extended by up to 60 days. We will inform you within 30 days if an extension is necessary.
If you disagree with how we process your data, please contact us first so we can find a solution together. You also have the right to file a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens
P.O. Box 93374, 2509 AJ The Hague, The Netherlands
autoriteitpersoonsgegevens.nl
Our website and services are not directed at persons under the age of 18. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, please contact us. We will delete such data immediately.
We may amend this privacy policy when required by legislation, our services or our policies. The most current version is always available at ripplecom.eu/en/privacy-policy. We will notify you of substantial changes via our website.
This privacy policy is governed by Dutch law, in particular the General Data Protection Regulation (GDPR) and the Dutch GDPR Implementation Act (UAVG).
RippleCom B.V. — So it arrives.
