Last updated:

Privacy Policy

This Privacy Policy explains how Ankleflushing collects, uses, stores, and protects personal data when you visit our website or use our services. We comply with the General Data Protection Regulation (GDPR), the Dutch Implementation Act (UAVG), and other applicable data protection legislation.

1. Data Controller

The data controller responsible for processing your personal data is:

Ankleflushing
Spuistraat 281 A-C
1012 VR Amsterdam
Netherlands
Email: assist@ankleflushing.world
Phone: +31 20 370 8851

For any questions regarding this Privacy Policy or the exercise of your data protection rights, please contact us using the details above.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through our website at ankleflushing.world, including when you browse our pages, submit a contact form, purchase educational products, participate in consulting sessions, or interact with us by email or telephone. It does not apply to third-party websites linked from our platform, which maintain their own privacy policies.

We provide general informational content about relaxation routines for busy people. Our services include consulting, personalized non-medical plans, and educational products. No medical data is collected or processed as part of our standard services.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

When you contact us via the contact form or email, we may collect your name, email address, message content, and any additional information you choose to include. If you purchase an educational product or enroll in a program, we may also collect billing address, payment details (processed by our payment provider), and scheduling preferences.

3.2 Data Collected Automatically

When you visit our website, we may automatically collect technical data including your IP address, browser type and version, operating system, referring URL, pages viewed, time and date of access, and device identifiers. This data is collected through cookies and similar technologies as described in our Cookie Policy.

3.3 Data from Third Parties

We may receive limited data from analytics providers, payment processors, and email delivery services. Such data is used solely to fulfil the purposes described in this policy and is governed by agreements ensuring GDPR-compliant processing.

4. Legal Bases for Processing

Under the GDPR, we process personal data on the following legal bases:

  • Consent (Article 6(1)(a)): When you submit the contact form, accept non-essential cookies, or subscribe to informational communications.
  • Contract performance (Article 6(1)(b)): When processing is necessary to deliver consulting services, educational products, or personalized plans you have requested.
  • Legitimate interests (Article 6(1)(f)): For website security, fraud prevention, improving our content, and responding to enquiries, provided your interests do not override ours.
  • Legal obligation (Article 6(1)(c)): When retention is required by tax, accounting, or other applicable laws.

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Responding to contact form submissions and email enquiries
  • Delivering consulting sessions, educational products, and personalized routine plans
  • Processing payments and issuing invoices
  • Maintaining website functionality and security
  • Analysing website usage to improve content and navigation (with consent)
  • Complying with legal and regulatory obligations
  • Communicating service updates relevant to your purchases or enquiries

We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form data: Up to 24 months after the last interaction, unless a business relationship continues.
  • Customer and transaction data: Up to 7 years after the end of the financial year in which the transaction occurred, as required by Dutch tax law.
  • Cookie and analytics data: As specified in our Cookie Policy, typically between 1 and 26 months depending on the cookie type.
  • Server log files: Up to 90 days for security monitoring purposes.

After the retention period expires, data is securely deleted or anonymised so it can no longer be associated with you.

7. Data Sharing and Recipients

We do not sell your personal data. We may share data with the following categories of recipients when necessary:

  • Payment processors for transaction handling
  • Email and hosting service providers operating under data processing agreements
  • Analytics providers (only with your consent for non-essential cookies)
  • Professional advisers such as accountants or legal counsel, bound by confidentiality
  • Public authorities when required by law

Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

8. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all website communications
  • Access controls limiting data access to authorised personnel
  • Regular review of security practices and vendor compliance
  • Secure storage of physical and digital records
  • Staff training on data protection principles

While we take reasonable precautions, no method of transmission over the internet is completely secure. We encourage you to use strong passwords and protect your own devices.

9. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no compelling reason for continued processing.
  • Right to restriction: Request limitation of processing in certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at assist@ankleflushing.world. We will respond within one month, extendable by two further months for complex requests. You also have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) at autoriteitpersoonsgegevens.nl.

10. Children's Privacy

Our website and services are intended for adults. We do not knowingly collect personal data from individuals under 16 years of age. If you believe we have inadvertently collected data from a minor, please contact us and we will promptly delete such information.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. The date at the top of this page indicates when the policy was last revised. Material changes will be communicated through a notice on our website. We encourage you to review this page periodically.

12. Contact Information

For privacy-related enquiries, please contact:

Ankleflushing
Spuistraat 281 A-C, 1012 VR Amsterdam, Netherlands
Email: assist@ankleflushing.world
Phone: +31 20 370 8851