Privacy

Privacy Policy

Last updated: 15.11.2025

1. Introduction

This Privacy Policy explains how we collect, use, store and protect your personal data when you visit our website. We comply with the General Data Protection Regulation (GDPR) and all applicable Dutch and EU data-protection laws.

The controller responsible for processing your personal data is:

Mitra Europe
Division of Holsman BV
Coenecoop 346
2741 PM Waddinxveen, The Netherlands
E-mail: info@mitra.mn
Phone: +31 653 773661

2. Personal Data We Collect

2.1. Data processed when visiting the website

The following data is automatically stored in server log files:

  • IP address
  • Date and time of access
  • Requested URL / file
  • User-agent (browser type and version)
  • Referrer URL (if provided)
  • HTTP status codes

These data are technically necessary to deliver the website securely and reliably. They are automatically deleted after a short retention period (typically 7–14 days).

2.2. Contact Form

If you contact us via the contact form, we process:

  • Name
  • E-mail address
  • Any message content or attachments

This data is used only to answer your inquiry.

3. Cookies

Our website uses only essential cookies required for secure operation.

3.1. Session Cookie

Used to maintain temporary session information for technical functionality. This cookie does not contain personal data and expires after the browser session.

3.2. CMS Login Cookie (for administrators only)

Used solely for authentication when logging into the CMS backend. This cookie is not used for tracking and is accessible only to authorized users.

No analytics, marketing, tracking, or third-party cookies are used.

4. Purpose and Legal Basis

We process your data based on the following legal grounds:

  • Art. 6(1)(b) GDPR – processing necessary to respond to your contact request
  • Art. 6(1)(f) GDPR – legitimate interest in secure and stable operation of the website (server logs and security)
  • Art. 6(1)(c) GDPR – compliance with legal obligations

No data is sold or forwarded to commercial third parties.

5. Hosting and Data Storage

Our website is hosted by:

DigitalOcean, Frankfurt (Germany)
All data is stored exclusively in Germany.
DigitalOcean acts as a processor under a GDPR-compliant Data Processing Agreement (Art. 28 GDPR).

6. Data Retention

  • Server logs: deleted after 7–14 days unless required for security
  • Contact form submissions: stored only as long as necessary to process your request
  • CMS login data: stored only for administrative access and security

7. Data Sharing

We do not share personal data with third parties except:

  • Technical service providers (e.g., hosting provider) under GDPR-compliant agreements
  • Authorities, if legally required

Your data is not otherwise disclosed, transferred or sold.

8. Your Rights Under the GDPR

You have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)

To exercise your rights, contact us at the information provided above.

You also have the right to lodge a complaint with the Dutch supervisory authority:

Autoriteit Persoonsgegevens
https://autoriteitpersoonsgegevens.nl

9. Security

We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, and alteration.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to comply with legal requirements or improve transparency. The latest version is always available on this website.