EN
EN

Respecting and protecting your personal data

Privacy policy

You are here: / Home / Privacy Policy

Respecting and protecting your personal data 

Privacy policy 

Rohill is committed to respecting and protecting your personal data. By means of this privacy policy we would like to inform you on how we deal with personal data. 

What personal data is collected by Rohill? 

Below we list what personal data is collected by Rohill. Please keep in mind that although some of this information is collected through our website, information may also be collected through (indirect) contact with Rohill representatives. 

  • Name. 
  • Gender – used in our CRM for proper addressing. 
  • Contact details – business email and telephone number. 
  • Business details – such as the name and office address of your organisation. 
  • Contact preferences – only when you enter such information through our contact form. 
  • IP-Address – data gathered by Google Analytics, not used by Rohill for advertisements. 

Lawful basis for processing 

Under the GDPR, we must identify a lawful basis for processing your personal data. Depending on the activity, we rely on one or more of the following: 

  • Performance of a contract – where processing is necessary to fulfil an agreement with you or your organisation. 
  • Legitimate interests – for example, to maintain our business relationship, improve our services, and secure our systems, provided your interests and fundamental rights do not override these. 
  • Consent – for certain activities, such as sending you marketing communications, which you may withdraw at any time. 
  • Legal obligation – where we must process data to comply with applicable laws and regulations. 

International data transfers 

If we transfer your personal data to countries outside the European Economic Area (EEA), we will ensure that adequate safeguards are in place in accordance with GDPR Articles 44–50, such as the use of Standard Contractual Clauses approved by the European Commission, or transfers to countries with an adequacy decision. 

How do we use your personal data? 

We use personal data we receive from you directly, your colleagues, or your business partners. This includes information you fill in on the contact page of our website or provide to us in order to execute or fulfil an agreement between you and Rohill. 

We also collect information through cookies. Cookies help make our website work and provide information to us about how users interact with our website. We use this information to improve our website. We may use cookies to tell us whether you have visited the website before or to remember preferences that you choose when using the website. For example, we may store your chosen language in a cookie so that we can select this language when you return to the website. Nor we, nor any third party, uses these cookies for advertising or tracking. 

By using our website, you agree to the use of cookies. If you wish to remove them, you can manage this through your browser settings; however, please note that without cookies you may not be able to take full advantage of all our website features. 

Where required by applicable laws, we will request your explicit consent before placing non-essential cookies on your device. You can withdraw your consent at any time by adjusting your cookie settings. 

How do we protect your personal data? 

We take the security and confidentiality of your personal data very seriously. We maintain an Integrated Management System (IMS) aligned with the ISO/IEC 27001 standard, including: 

  • Regular risk assessments and updates to controls based on identified threats. 
  • Encryption of personal data at rest and in transit where technically feasible. 
  • Access control policies enforcing the principle of least privilege. 
  • Monitoring and logging of system access to detect and respond to security events. 

In addition, all our staff and consultants are obliged to confidentiality through signed agreements. Only authorised personnel may view and process your data. 

We have clear policies in place to ensure that we do not retain your personal data for longer than necessary for the purpose, or than legally allowed. 

Data breach notification 

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority in accordance with Articles 33 and 34 of the GDPR. 

Sharing of your personal data 

By default, we do not share your data with other parties. We do this only if there is good reason to do so, or if you have given us a specific consent. We comply with the strict rules that apply to the sharing of personal data. If we need to share personal data with third parties, we will make clear agreements with these parties, including permitted uses, storage duration, confidentiality, and security measures. 

Supplier and third-party management 

All third-party service providers with access to personal data are subject to security and privacy due diligence before engagement and are regularly reviewed to ensure ongoing compliance with contractual and legal obligations. 

Third party websites 

At times this website will contain links to the website of a third-party. You will know that you are on a third-party website because it will have a different appearance and the address bar on your browser will change. If you have questions about a third-party policy, please see the policy listed on their website. 

What are your rights? 

You have the right to: 

  • Access your personal data (Art. 15 GDPR). 
  • Rectify inaccurate personal data (Art. 16 GDPR). 
  • Erase your personal data or object to processing (Art. 17 & 21 GDPR). 
  • Data portability – receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller (Art. 20 GDPR). 

You may exercise your rights by contacting us using the details below. We will respond without undue delay, and in any case within one month as required by GDPR Article 12. 

Even if you have previously given specific permission for certain processing activities, you can revoke that permission at any time. 

About this privacy policy 

This privacy policy is last updated in August 2025. 

Rohill is continually improving its services and technology. Because of these ongoing changes, as well as changes in the law and the nature of technology, our data practices will change from time to time. When it proves necessary to change our policy, we will post any changes on this page so that you are always aware of what information we collect and how we use it. 

If we make material changes to this policy, we will provide a clear notice on our website and, where appropriate, notify you directly. 

Contact

If you have questions or comments regarding this privacy policy, or if you wish to exercise one of your rights mentioned above, please contact us through the contact details below.