Privacy Policy

Privacy Statement | Caribu B.V. (i.o.)

Last Updated: January 9, 2026

​

At Caribu B.V. (i.o.), we value the trust you place in us and are committed to protecting your personal data. This Privacy Statement explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (GDPR) and the Dutch Implementation Act of the GDPR (Uitvoeringswet AVG).

​

1. Our Contact Information

Caribu B.V. is currently in the process of incorporation (in oprichting). Until incorporation is complete, the founders are responsible for the processing of your data.

• Company Name: Caribu B.V. (i.o.)

• Address: Clarenburgweg 9, 3984 RD, Odijk, The Netherlands

• Email: hello@teamcaribu.com 

​

2. What Personal Data We Collect

We only collect personal data that is strictly necessary to provide our services. This includes:

• Identity & Contact Data: Name, job title, company name, business address, email address, and phone number.

• Financial Data: Bank account details (IBAN/BIC) and VAT number for invoicing and payment processing.

• Project Data: Information contained in project agreements (Statements of Work), briefs, and business correspondence.

• Usage Data: (If applicable) IP address and website interaction data via cookies (see Section 7).

​

3. Why We Process Your Data

We process your data based on the following legal grounds defined in Article 6 of the GDPR:

​

 

​

​

​

​

​

​

​

​

​

​

​

​

​

4. How Long We Keep Your Data

We do not store your data longer than is necessary for the purposes for which it was collected:

• Financial Records: We are legally required by the Dutch Tax Authorities (Belastingdienst) to retain invoices and financial administration for 7 years.

• Project Documents: We generally retain project-related data for 2 years after the conclusion of our business relationship to handle follow-up queries or legal claims.

• Contact Data: If no contract is signed, we delete your contact information 1 year after our last interaction.

​

5. Sharing Data with Third Parties

We do not sell your data. We only share your information with third parties if it is necessary for our services or required by law. These "Processors" may include:

• IT Service Providers: (e.g., Google Workspace, or CRM providers).

• Financial Services: Our accounting software and external accountant.

• Legal Authorities: Only if we are legally compelled to do so.

Note: If we transfer data to providers outside the European Economic Area (EEA), we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to guarantee your privacy.

​

6. Security Measures

We take the protection of your data seriously. Caribu B.V. (i.o.) implements appropriate technical and organizational measures to prevent loss, unauthorized access, or misuse. This includes using encrypted connections (SSL), secure password management, and restricted access to personal files within our team.

​

7. Your Rights

Under the GDPR, you have the right to:

• Access your personal data.

• Rectify any inaccurate or incomplete data.

• Erase your data under certain conditions.

• Restrict or object to our data processing.

• Receive a copy of your data in a machine-readable format (data portability).

• Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe your rights have been violated.

​

8. Complaints

If you have any questions or wish to exercise your rights, please contact us at: hello@teamcaribu.com or +310612208803.

If you feel we are not handling your data correctly, please reach out to us first.

You also have the right to lodge a complaint with the Dutch Data Protection Authority: Autoriteit Persoonsgegevens PO Box 93374 2509 AJ DEN HAAG www.autoriteitpersoonsgegevens.nl