Privacy Policy

Last updated: 30 October 2025

1. Introduction & Data Controller

BARE ALLIANCE (“we,” “us,” “our”) respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, and safeguard your personal information when you visit our website, bare-alliance.eu, and use our services.

The Data Controller responsible for your personal data is: * BARE ALLIANCE * Address: Prins Alexanderplein 8, 3067 GC Rotterdam (NL) * Email: info@bare-alliance.eu * Phone: +31 85 799 26 06

2. Personal Data We Collect & How We Collect It

This section outlines the personal information we collect and the methods we use to obtain it.

A. Categories of Personal Data

We may collect and process the following personal information:

  • Contact Data: Name, email address, phone number, company name.

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system and platform, and other technology on the devices you use to access this website.

  • Usage Data: Information about how you use our website, services, and products (pages visited, time spent, click patterns).

  • Communication Data: Messages, inquiries, feedback, and records of our communications with you.

B. How We Collect Your Data (Data Collection Policy)

We use different methods to collect data from and about you:

  • Direct Interactions: You may give us your data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes data you provide when you:

  • Apply for our services.

  • Subscribe to our service or publications.

  • Request marketing materials.

  • Give us feedback.

  • Automated Technologies or Interactions: As you interact with our website, we automatically collect Technical and Usage Data using cookies, server logs, and other similar technologies
    (For more details, see Section 8 and 9).

  • Third Parties: We may receive personal data about you from third parties, such as analytics providers (like Google), and business partners.

3. How and Why We Use Your Personal Data (Data Collection Policy)

We process your personal data for the following specific purposes:

  • To Provide and Manage Services: To fulfill our contractual obligations and manage our relationship with you.

  • To Communicate With You: To respond to your inquiries, provide customer support, and send service updates.

  • Website Improvement: To analyze how our website is used and to improve its functionality and content.

  • Marketing: To send you relevant information about our services, but only where you have given your explicit consent or where we have a legitimate interest to do so.

  • Compliance: To comply with legal or regulatory obligations.

4. Legal Basis for Processing

We will only process your personal data when we have a legal basis to do so under the GDPR. Our processing of your data is based on one or more of the following grounds:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., marketing emails, non-essential cookies). You have the right to withdraw consent at any time.

  • Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

  • Legal Obligation: The processing is necessary for us to comply with the law (e.g., tax or accounting laws).

  • Legitimate Interests: The processing is necessary for our or a third party’s legitimate interests, provided your interests and fundamental rights do not override those interests. Our legitimate interests include:

  • Network and Information Security (preventing unauthorized access and malware).

  • Direct Marketing (for existing clients, where not overridden by your rights).

  • Website Analytics (to understand how our website is performing and identify technical issues).

5. Sharing, Disclosure, and International Transfers

A. Sharing and Disclosure of Information to 3rd Parties

We do not sell your personal data. We may share your information with the following categories of third parties:

  • Service Providers: Trusted third-party vendors who provide services for us, such as website hosting, IT support, payment processing, and analytics. We only share the minimum personal data required for them to perform their functions.

  • Professional Advisors: Lawyers, bankers, auditors, and insurers who provide professional advice.

  • Regulatory Bodies: Authorities requiring reporting of processing activities in certain circumstances.

B. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it. We primarily transfer data to:

  • Cloud Service Providers in the United States.

Safeguard: We ensure the transfer is protected by implementing at least one of the following safeguards: Standard Contractual Clauses (SCCs) adopted by the European Commission, or relying on a country that has been deemed to provide an adequate level of protection for personal data by the European Commission (an Adequacy Decision).

6. Data Security and Retention

A. Data Security (How do we store your data?)

We implement appropriate technical and organizational measures to protect personal data against accidental loss, unauthorized access, misuse, alteration, or disclosure. This includes encryption, access control measures, and regular security audits.

B. Data Retention Policy

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:

  • The amount, nature, and sensitivity of the personal data.

  • The potential risk of harm from unauthorized use or disclosure.

  • The purposes for which we process your personal data and whether we can achieve those purposes through other means.

  • Applicable legal requirements (e.g., retaining contract data for 5 years after termination for tax purposes).

7. Your Data Protection Rights (GDPR Rights)

Under the GDPR, you have the right to:

  • Right to Access

  • Right to Rectification

  • Right to Erasure (‘Right to be Forgotten’)

  • Right to Object to Processing

To exercise any of these rights, please get in touch with our Data Protection Contact using the details in Section 11.

8. Cookies and Tracking Policy

A. How We Use Cookies and Similar Technologies

We use cookies and similar technologies (like pixels and web beacons) for the following purposes:

  • Necessary Cookies: Essential for the website to function correctly (e.g., maintaining your login session). These do not require your consent.

  • Performance/Analytics Cookies: To analyze how visitors use our website and monitor its performance (e.g., Google Analytics). These require your consent.

  • Functional Cookies: To remember your preferences (e.g., language settings) and enhance your experience. These require your consent.

B. Do Not Track (DNT)

We respect your privacy preferences. While there is no universally agreed-upon standard for DNT signals, our systems are configured to respect browser signals indicating a refusal of non-essential cookies. If you select ‘Reject All’ or manage your preferences to disable non-essential cookies, we will not deploy these tracking technologies.

9. How to Manage Cookies and Tracking

You have control over which cookies are placed on your device.

  • Through our Consent Tool: You can manage or withdraw your consent at any time via the cookie banner or a dedicated link available in the footer of our website.

  • Browser Settings: You can set your browser to refuse all or some cookies or to alert you when websites set or access cookies. Please note that if you disable or refuse necessary cookies, some parts of the website may become inaccessible or not function properly.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or how we process personal data.

When we make material changes, we will notify you in advance by updating the “last updated” date on this policy and, where appropriate, providing a clear notice through our website or direct communication channels. We encourage you to review this policy periodically.

11. Contact Details & Data Protection Officer (DPO Contact)

For any questions, concerns, or to exercise your GDPR rights, please get in touch with our designated Data Protection Contact:

Name: Paolo Carner

Email: privacy@bare-alliance.eu

Phone: +31 85 799 26 06

Mailing Address: Prins Alexanderplein 8, 3067 GC Rotterdam (NL)