Privacy Policy

Last updated:
June 2024


Naq Cyber respects the privacy of its customers, suppliers, partners and employees. We have therefore formulated and implemented a policy on complete transparency regarding the processing of personal data, its purpose(s) and the possibilities to exercise your legal rights in the best possible way.  If you require any additional information about the protection of personal data, please visit one of the following websites: 


1. Party responsible for processing personal data:

  • European controller: Naq Cyber B.V., Vlamingstraat 4, 2712BZ Zoetermeer, Netherlands, 75310368. 
  • UK controller: Naq Cyber UK Ltd., Aldwych House, Aldwych, London, England, WC2B 4HN.

2. Data Protection Authority:

3. Data Protection laws:

  • The EU GDPR 2018;
  • The EU e-privacy directive 2002 (soon to be replaced by the EU e-privacy regulation);
  • The Dutch Implementation Act GDPR 2018 and Telecommunications Law 1998;
  • The UK Data Protection Act 2018 and the UK GDPR 2020.

Collection of data

  1. Your personal data will be collected by Naq Cyber and its data processors. 
  2. Personal data means any information relating to an identified or identifiable natural person (‘data subject’).
  3. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Customer Identification Information
Customer management, direct marketing, administration
Employee Identification Information
Employee management, administration
Supplier or partner Identification Information
Supplier management, administration
Customer Financial Information
Customer management, administration
Employee Financial Information
Employee management, administration
Supplier or partner Financial Information
Supplier management, administration
Employee employment or educational history
Legitimate interest/ consent
Employee management
Contracts with employees, customers and suppliers
Legitimate interest/consent
Employee, customer or supplier management, administration
Copies of ID
Legitimate interest/consent
Employee management, administration

How we collect, store or otherwise process your data

Customer Identification information
1. Use of website

2. AI tool
1. Hubspot; Google; Webflow

2. OpenAI
Customer Identification information; Customer Financial information; Contracts with customers
Performance of Naq service
Google; Amazon (hosting)
Customer Identification information; Employee identification information; Supplier or partner identification information; Supplier or partner financial information; Employee employment or educational history; Contracts with employees, customers and suppliers; Copies of ID
Customer Identification information; Employee identification information; Supplier or partner identification information; Customer financial information; Employee financial information; Supplier or partner financial information; Employee employment or educational history; Contracts with employees, customers and suppliers; Copies of ID
1.Cloud services for storage and exchange of personal data

2. cloud services for customer management

3. cloud services for signing documents

4. cloud services for maintaining financial administration

5. cloud payment processor

6. onboarding system
1. Google Workspace

2. Hubspot

3. DocuSign

4. SnelStart; FreeAgent

5. GoCardless

Customer, Employee and Partner or supplier identification information
1. Cloud work planning tool

2. Messaging tool
1. Asana

2. Google Chat

Storage and protection of data

Your data is protected by Naq Cyber and its processors in pursuance to all legal requirements set by the relevant data processing laws. Naq Cyber has taken technical and organizational security measures to protect your data and requires its data processors to meet the same requirements. Naq Cyber has signed processing agreements with its processors to ensure an adequate level of data protection. 

Where there is an international data transfer, Naq has put in place Standard Contractual clauses to ensure that the personal data is handled in accordance with the EU and/or UK GDPR.

Your rights regarding information

  1. Pursuant to Article 13 paragraph 2 sub b GDPR each data subject has the right to information on and access to, and rectification, erasure and restriction of processing of his personal data, as well as the right to object to the processing and the right to data portability.
  2. You can exercise these rights by contacting us at the following email address: gdpr@naqcyber.com and put “GDPR request” in the subject line of your email.
  3. Each request must be accompanied by a copy of a valid ID, on which you put your signature and state the address where we can contact you.
  4. Within one month of the submitted request, you will receive an answer from us. We will not charge you for submitting your request unless the request is manifestly unfounded or otherwise unreasonable in its nature.
  5. Depending on the complexity and the number of the requests this period may be extended to two months.


  1. You may receive commercial offers from Naq Cyber. If you do not wish to receive them (anymore), please send us an email to the following address: gdpr@naqcyber.com
  2. Your personal data will not be used by our partners for commercial purposes.
  3. If you encounter any personal data from other data subjects while visiting our website, you are to refrain from collection, any unauthorised use or any other act that constitutes an infringement of the privacy of the data subject(s) in question. The collector is not responsible in these circumstances.

Data retention

The collected data are used and retained for the duration determined by law. You may, at any time, request your data to be deleted from any Naq Cyber account, system or other data processing medium in accordance with the process described above.

Applicable law

These conditions are governed by Dutch law. The court in the district where the controller has its place of business has the sole jurisdiction if any dispute regarding these conditions may arise, save when a legal exception applies. 


For questions about this privacy policy, product information or information about the website itself, please contact: info@naqcyber.com