Privacy Policy
At OnThatFlow, we respect your privacy and handle your personal data with care. This policy explains what information we collect, how we use it, and what rights you have under the EU General Data Protection Regulation (GDPR).
1- Who we are
On That Flow
Registered office: Fokkemast, 28 - 1034PW - Amsterdam, Netherlands
KVK number: 92758746
VAT number: NL004977706B72
Contact email: hello@onthatflow.com
We do not appoint a Data Protection Officer (DPO), but you can reach us directly via the email above for all privacy-related matters.
2- What data we collect
We collect only the data necessary to operate our website and provide our services. This may include:
Contact details (name, email, company name) when you fill forms or book a call.
Usage data such as IP address, browser type, device, and general analytics information.
Cookies and tracking data (see our Cookie Policy).
Meeting booking information (date, time, and name via Cal.com).
Any other information you voluntarily provide through our website or communication channels.
We do not collect sensitive personal information.
3- Why we collect data (lawful basis)
We process personal data only when necessary and based on the following lawful grounds:
Performance of a contract: to deliver our design services or respond to your requests.
Legitimate interest: to maintain and improve our website and services.
Consent: for analytics cookies or when you choose to share your data voluntarily.
4- How we use your data
We use your information to:
Respond to inquiries and manage meeting requests
Provide, improve, and personalize our services
Monitor and analyze website performance
Maintain communication regarding ongoing or potential projects
Comply with legal or regulatory requirements
We do not sell, rent, or trade your personal information.
5- Data processors and third parties
The Site may contain links to third-party websites and applications of interest, including advertisements and external services that are not affiliated with us.
Once you have used these links to leave the site, any information you provide to these third parties is not covered by this Privacy Policy, and we cannot guarantee the safety and privacy of your information.
6- Data retention
We keep personal data only as long as necessary:
Inquiry and contact data: up to 24 months after last interaction.
Contract and billing data: up to 7 years (as required by law).
Analytics data: anonymized or deleted after 14 months.
7- Data security
We apply technical and organizational safeguards, including encryption, access control, and secure connections (SSL), to protect your information against unauthorized access or misuse.
8- Data transfers outside the EU
Some service providers (e.g., Cal.com, Google) may process data outside the EU.
When this happens, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure GDPR compliance.
9- Your rights
Under the GDPR, you have the right to:
Access and receive a copy of your personal data
Rectify inaccurate or incomplete information
Request deletion of your data (“right to be forgotten”)
Restrict or object to processing in certain cases
Withdraw consent at any time
Data portability (receive your data in a structured format)
To exercise any of these rights, contact us at hello@onthatflow.com.
We will respond within 30 days.
10- Cookies
We use cookies and similar technologies to analyze traffic and improve functionality.
For details on how cookies are used and how to manage your preferences, please see our Cookie Policy.
11- Changes to this policy
We may update this Privacy Policy from time to time.
The “last updated” date at the top of this page indicates the most recent revision.
12- Governing law
This policy is governed by the laws of the Netherlands, and any disputes will be handled by the competent courts in the Netherlands.
