Skip to content

Privacy

Privacy policy

Last updated 26 May 2026

This policy explains how Hamsa Group BV ('HamsaID', 'we') processes personal data collected through this website. This document covers the marketing website only. The HamsaID product is a separate processing context, governed by per-deployment data-processing agreements.

Who we are

Hamsa Group BV, registered in Amsterdam, the Netherlands, is the data controller for personal data collected through hamsaid.com. You can reach us at nicolo@hamsaid.com.

What we collect

Contact form submissions: name, work email, company (optional), and the content of your message. We collect this only when you submit the form.

Server logs: standard request metadata (IP address, user agent, referrer, timestamp) generated by our hosting provider for security and abuse prevention.

We do not run third-party analytics, advertising, or tracking pixels on this site. We do not set non-essential cookies.

Why we process it: lawful basis

Contact form: your explicit consent (Art. 6(1)(a) GDPR), captured by the consent checkbox on the form. You can withdraw consent at any time by emailing nicolo@hamsaid.com.

Server logs: our legitimate interest in keeping the site secure and available (Art. 6(1)(f) GDPR).

How long we keep it

Contact submissions: up to 24 months after the last interaction with you, then deleted. If a pilot is signed, the contact data moves under the commercial agreement and its retention rules.

Server logs: rotated by our hosting provider, typically within 30 days.

Who we share it with

We do not sell personal data and do not share it for marketing purposes.

Subprocessors used for the marketing site: our hosting provider (static-site hosting) and our form-delivery provider (which receives the contact submission and forwards it to us by email). A current list of subprocessors is available on request.

We may disclose data when legally required, e.g. in response to a binding order from a competent EU authority.

International transfers

Where a subprocessor is located outside the EEA, transfers are covered by Standard Contractual Clauses or an equivalent transfer mechanism under the GDPR.

Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data, and to withdraw consent. To exercise any of these rights, email nicolo@hamsaid.com.

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

Changes to this policy

We may update this policy from time to time. The 'last updated' date at the top of the page reflects the most recent change. Material changes will be highlighted on this page.

Questions about this policy? Email nicolo@hamsaid.com.