Legal
Privacy Policy
Last updated:
Enterprise IT Solutions Group (EISG) respects your privacy. This policy explains what personal data we process, why we do so, and your rights under the General Data Protection Regulation (GDPR).
1. Who is responsible?
EISG (Enterprise IT Solutions Group) is the data controller for personal data processed through this website and our services, unless otherwise stated in a separate agreement.
Contact: hello@eisg.nl · Head office: Keizersgracht 241, 1016 EA Amsterdam, Netherlands · Rotterdam office: Wijnhaven 107, 3011 WN Rotterdam, Netherlands.
2. What data do we process?
Depending on how you interact with us, we may process:
- Identity and contact details (e.g. name, email, phone, company)
- Content of messages sent via the contact form or email
- Technical data (e.g. IP address, browser, device, timestamps) when you visit the website
- Cookie and similar technical data, where applicable (see Cookies)
- Data required to perform a contract or quote (project scope, billing details)
3. Why we use your data
We process personal data only for clear, legitimate purposes, including:
- Responding to enquiries and handling contact requests
- Preparing quotes, delivering projects, and customer support
- Improving our website, security, and user experience
- Complying with legal obligations (e.g. records and compliance)
- Marketing communications only where you have consented or where permitted on legitimate-interest grounds, with opt-out options
4. Legal basis (GDPR)
We rely on one or more of: contract performance, legitimate interests (e.g. security and service improvement), legal obligation, and — where required — your consent (e.g. certain cookies or newsletters).
You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
7. Processors and agreements
We use data processors under GDPR-compliant agreements. Sub-processors are selected carefully and bound by appropriate safeguards.
8. Retention periods
We keep personal data no longer than necessary for the purpose collected, unless a longer period is required by law.
Contact enquiries are typically retained for up to 24 months after handling, unless an ongoing relationship or legal retention requires longer. Project and contract data are kept in line with tax and civil retention rules.
9. Your rights
Under the GDPR you have rights including:
- Access to your personal data
- Rectification or erasure (where applicable)
- Restriction of processing and objection to processing based on legitimate interests
- Data portability (where processing is based on consent or contract and automated)
- Withdrawal of consent
- Lodge a complaint with your supervisory authority (in the Netherlands: Autoriteit Persoonsgegevens)
To exercise your rights, contact us at hello@eisg.nl. We respond within the statutory period (generally within one month).
10. Security
We implement appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, or disclosure, including access controls, encryption where appropriate, and team awareness.
No internet transmission is completely secure; we aim for a level of protection proportionate to the data and risk.
11. Transfers outside the EEA
We aim to process data within the European Economic Area (EEA). If data is processed outside the EEA, we ensure an adequate level of protection, e.g. through an adequacy decision or the European Commission's Standard Contractual Clauses (SCCs).
12. Children
Our website and services are not directed at anyone under 16. We do not knowingly collect children's data. Please contact us if you believe we have processed such data.
13. Changes to this policy
We may update this policy from time to time, for example when laws or our services change. The current version is always published on this page with the last updated date at the top.