Your Rights (EU and USA)
We respect your privacy and provide the following rights to all our users, regardless of location, though the specific legal mechanisms for exercising them may vary by region.
1. Rights for Residents of the Netherlands (EEA/GDPR)
If you are located in the Netherlands or the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):
Right of Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can ask us to correct inaccurate or incomplete information.
Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data under certain conditions.
Right to Restrict Processing: You can ask us to "pause" the processing of your data while we resolve a dispute.
Right to Data Portability: You can request that we provide your data in a structured, machine-readable format to move to another service.
Right to Object: You can object to us processing your data based on "legitimate interests" or for direct marketing.
Withdrawal of Consent: If we rely on your consent (e.g., for newsletters), you can withdraw it at any time.
2. Rights for Residents of the United States
Depending on your state of residence (including California, Colorado, Connecticut, Indiana, Kentucky, and others), you may have the following rights under state-specific laws:
Right to Know/Access: You have the right to know what personal information we collect, use, disclose, and sell.
Right to Delete: You can request the deletion of personal information we have collected from you.
Right to Correct: You can request that we fix inaccuracies in your personal data.
Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell your personal information or share it for targeted advertising.
Note: We honor Global Privacy Control (GPC) signals sent from your browser.
Right to Limit Use of Sensitive Personal Information: You can request that we limit the use of sensitive data (like precise geolocation or health data) to only what is necessary to provide our services.
Right to Non-Discrimination: We will not deny you goods or services, or charge different prices, if you exercise your privacy rights.
How to Exercise Your Rights
To submit a request, please contact us using one of the following methods:
Email: [Insert your privacy email, e.g., privacy@yourbusiness.com]
Web Form: [Insert link to a "Your Privacy Choices" form]
Phone: [Insert toll-free number, required if you meet certain US thresholds]
Verification: To protect your security, we may require you to verify your identity (e.g., via email confirmation or logging into your account) before we can fulfill your request. We will respond to Dutch/EEA requests within 30 days and US requests within 45 days.
Important Checklist for You:
GPC Signals: Ensure your website's cookie banner is technically set up to recognize "Global Privacy Control" signals, as this is a legal requirement in several US states as of 2026.
Sensitive Data: If you collect "Neural Data" or "Precise Geolocation" (within 1,750 feet), you now need explicit opt-in consent in states like Oregon and Connecticut.
Data Privacy Framework (DPF): If you are a US company, you should self-certify with the EU-U.S. DPF to legally move data from the Netherlands to the US.
Would you like me to draft the "Data Transfer" section specifically explaining how you move data between the US and the Netherlands?