This privacy policy (“Policy”) applies to Score Agency and was last updated February 2026. We may change or update this Policy at any time and we will update it here.
We believe you should always know what data we collect from you, why we use it, and that you should be able to make informed choices about what you share with us.
This Policy explains
(i) how and why we collect, store, and use your personal data when you interact with us
(ii) the rights you have regarding your personal data
1. Who we are
Score Agency is the controller for the processing described in this Policy.
Email: info@scoreagency.nl
2. Scope and types of users
Your personal data relationship with Score Agency depends on how you interact with us. For this Policy, you may be
(i) a visitor to our website (“Visitor”)
(ii) a person who contacts us via a form or email (“Contact Requester”)
(iii) a customer or prospective customer receiving services from us (“Customer”)
| TYPE OF USER |
VISITOR |
CONTACT REQUESTER |
CUSTOMER |
| WHAT DATA WE MAY COLLECT |
1. Approximate location derived from IP address
2. Website usage and interaction data such as pages visited and time spent
3. Device and browser information
4. Cookie data and similar technologies
5. Where applicable, a pseudonymous analytics identifier
|
1. Name
2. Email address
3. Phone number if provided
4. Company name if provided
5. Any information you include in your message
|
1. Contact details of representatives
2. Contract and billing details where applicable
3. Communication content and project related information you share with us
4. Service delivery information needed to perform the agreement
|
| HOW AND WHY WE USE IT |
To understand website performance, improve usability, and maintain security and integrity of the website.
|
To respond to your request, provide support, and communicate with you. Marketing communications are sent only where allowed by law and where consent is required.
|
To deliver services, manage the customer relationship, administer agreements, and handle invoicing where applicable.
|
3. Legal bases for processing
We process personal data only when we have a valid legal basis under applicable data protection law, including the GDPR.
| PURPOSE |
LEGAL BASIS |
| Responding to contact requests |
Performance of a contract or steps at your request prior to entering into a contract, and where applicable legitimate interest
|
| Delivering services to customers |
Performance of a contract, and where applicable compliance with a legal obligation
|
| Website analytics and improvement |
Consent where required for analytics cookies, and where applicable legitimate interest for basic website measurement and improvement
|
| Marketing communications |
Consent where required, and where applicable legitimate interest in maintaining business relationships
|
4. Cookies and analytics
Our website uses cookies and similar technologies to improve user experience, maintain security, and understand website usage.
Where required, we ask for your consent before placing analytics cookies.
We use Google Analytics for general website analytics. Google Analytics may collect information such as device and browser details, pages visited, and interactions on the site.
| COOKIE CATEGORY |
EXAMPLES |
PURPOSE |
| Necessary |
Session and security cookies
|
To operate the website, enable core functionality, and protect against abuse.
|
| Analytics |
Google Analytics cookies
|
To measure website traffic and usage patterns and improve the website.
|
| Marketing |
Only where used and allowed
|
To understand campaign effectiveness and deliver relevant communications where permitted.
|
You can control cookies through your browser settings. You can also withdraw cookie consent at any time through the cookie preferences on our website, if available.
5. Sharing personal data with third parties
We do not sell your personal data. We share personal data only when needed to run our website or provide our services, or when required by law.
We may share data with service providers such as hosting providers, email providers, analytics providers, and other vendors acting on our instructions.
Where required, we put appropriate agreements in place to protect your data.
| RECIPIENT TYPE |
WHY WE SHARE |
| Website and hosting providers |
To host and secure the website and ensure reliable delivery of content.
|
| Analytics providers |
To measure and analyze website usage and improve performance.
|
| Communication and productivity tools |
To manage inquiries, customer communication, and service delivery.
|
| Professional advisers and authorities |
To comply with legal obligations and protect our rights and safety where required.
|
6. International transfers
Some of our service providers may process data outside the European Economic Area. Where this happens, we take steps required by law to ensure adequate safeguards are in place, such as Standard Contractual Clauses and additional technical and organizational measures where appropriate.
7. Data retention
We keep personal data only for as long as needed for the purposes described in this Policy, unless a longer retention period is required or permitted by law.
| DATA CATEGORY |
TYPICAL RETENTION |
| Contact requests |
Up to 24 months after last contact, unless a customer relationship follows or legal obligations require longer retention
|
| Customer and contract data |
For the duration of the agreement and thereafter as required for legal, tax, and accounting obligations
|
| Analytics data |
As configured in the analytics settings and in line with our legitimate interests and legal requirements
|
8. Security
We take appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.
These measures include access control, least privilege, logging where appropriate, encryption in transit, and secure vendor management practices.
| MEASURE |
DESCRIPTION |
| Access control |
Access to personal data is limited to authorized personnel on a need to know basis.
|
| Encryption |
We use encryption in transit where applicable and apply appropriate security controls for stored data.
|
| Monitoring and incident response |
We maintain processes to detect, respond to, and manage security incidents.
|
| Vendor management |
We work with vendors that provide appropriate safeguards and we contractually require protection of personal data.
|
9. Your rights under the GDPR
Subject to applicable law, you may have the following rights regarding your personal data.
| RIGHT |
WHAT IT MEANS |
| Right to be informed |
You have the right to know how and why we use your personal data.
|
| Right of access |
You can request a copy of the personal data we hold about you.
|
| Right to rectification |
You can ask us to correct inaccurate or incomplete personal data.
|
| Right to erasure |
You can ask us to delete your personal data in certain situations.
|
| Right to restrict processing |
You can ask us to limit how we use your personal data in certain situations.
|
| Right to object |
You can object to processing based on legitimate interests and you can always object to direct marketing.
|
| Right to data portability |
You can request your personal data in a structured, commonly used, machine readable format where applicable.
|
| Right related to automated decision making |
You have rights related to decisions based solely on automated processing, where applicable.
|
To exercise your rights, contact us at info@scoreagency.nl. We may ask you to verify your identity before responding.
If you believe your rights have been infringed, you can lodge a complaint with your local supervisory authority.
10. Compelled disclosure
We may disclose personal data if required by law or legal process, or if needed to protect our rights, safety, and property, or those of others.
11. Changes to this Policy
We may update this Policy from time to time. The latest version will always be published on this page with an updated revision date.
12. Data Protection Officer
For questions regarding this Policy, GDPR compliance, or our ISO 27001 information security management, you may contact our Data Protection Officer.
Sven van Hees
sven@scoreagency.nl
053 870 0020