Back to home

Privacy Policy

Last updated: January 19, 2026

1. Introduction and Applicability

Provolve AI, located at Kalvermarkt 53, 2511 CB The Hague, registered with the Chamber of Commerce under number 98000632, attaches great importance to the protection of your personal data. In this privacy policy, we explain what personal data we collect, why we collect it, how we use it, and what rights you have regarding your data.

This privacy policy applies to all services offered by Provolve AI, including our website (provolve.ai), our AI Gateway platform, consultancy services, and all other products and services we provide.

We process personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy legislation.

2. Data Controller

The data controller for the processing of your personal data is:

  • Company name: Provolve AI
  • Address: Kalvermarkt 53, 2511 CB The Hague
  • Chamber of Commerce number: 98000632
  • VAT number: NL868319673B01
  • Email: hello@provolve.ai
  • Phone: +31 (0)70 820 0360
  • WhatsApp: https://wa.me/31708200360

Data Protection Officer: Robert Knoester

3. What Personal Data Do We Collect?

We collect various categories of personal data, depending on the nature of our relationship with you:

3.1 Contact Information

  • First and last name
  • Email address
  • Phone number
  • Company name and job title (if applicable)

3.2 Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Usage data from our website and services

3.3 Payment Information

  • Billing address
  • Payment information (processed through secure payment providers)
  • Transaction history

3.4 Communication Data

  • Correspondence via email, phone, or WhatsApp
  • Content of contact forms
  • Questions and requests you submit to us

Special Categories of Personal Data:

We do not collect special categories of personal data such as data about race, ethnic origin, political opinions, religious or philosophical beliefs, health, sexual behavior, or criminal records, unless this is strictly necessary for the performance of our services and with your explicit consent.

4. How Do We Collect Personal Data?

We collect personal data in various ways:

  • Directly from you: When you contact us via email, phone, WhatsApp, or contact forms on our website
  • Via our website: Automatically collected data such as IP addresses and browser information when you visit our website
  • Via our services: Data generated when using our AI Gateway and other services
  • From business partners: In some cases, we may receive data from partners with whom you also have business relationships

5. Purposes of Data Processing

We use your personal data for the following purposes:

5.1 Service Delivery

  • Providing our AI consultancy and implementation services
  • Managing and maintaining your access to our AI Gateway
  • Answering your questions and providing customer service
  • Executing agreements and processing payments

5.2 Analysis and Improvement

  • Analyzing the use of our services to improve them
  • Optimizing our website and user experience
  • Developing new features and services

5.3 Marketing and Communication

  • Sending newsletters (only with your consent)
  • Informing about new services and updates
  • Sending relevant marketing communications

5.4 Legal Obligations

  • Complying with legal obligations such as tax legislation
  • Maintaining records in accordance with legal retention periods
  • Protecting our legitimate interests

6. Legal Basis for Processing

We only process your personal data based on the following legal grounds:

6.1 Consent (Article 6(1)(a) GDPR)

For marketing communications such as newsletters, we ask for your explicit consent. You can withdraw this consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

6.2 Performance of a Contract (Article 6(1)(b) GDPR)

When you purchase services from us, the processing of your personal data is necessary for the performance of the contract between you and Provolve AI.

6.3 Legitimate Interest (Article 6(1)(f) GDPR)

For certain processing activities, such as improving our services and preventing fraud, we have a legitimate interest. We ensure that your interests and fundamental rights do not outweigh our legitimate interests.

6.4 Legal Obligation (Article 6(1)(c) GDPR)

In certain cases, we are legally obligated to process your data, for example for tax purposes or at the request of regulators.

7. Retention Periods

We do not retain your personal data longer than necessary for the purposes for which they were collected, or as required by applicable law. We apply the following retention periods:

7.1 Customer Data

We retain data of active customers for the duration of the contractual relationship. After termination of the relationship, we retain your data for a maximum of 7 years in connection with fiscal and administrative obligations.

7.2 Financial Records

Invoice data and financial records are retained for 7 years after the end of the financial year, in accordance with the legal retention obligation (Article 2:10 Dutch Civil Code).

7.3 Marketing Communications

Data for newsletters and marketing purposes are retained until you withdraw your consent or until we consider your subscription inactive (after 3 years without interaction).

7.4 Technical Log Files

Technical data such as IP addresses and log files are retained for a maximum of 12 months for security and analysis purposes.

8. Sharing Data with Third Parties

We only share your personal data with third parties when this is necessary for the performance of our services or when we are legally obligated to do so. We work with the following categories of third parties:

8.1 AI Service Providers

  • OpenAI: For providing AI models and functionality within our platform
  • Google (Gemini): For AI services and technology
  • Microsoft: For Azure AI services and infrastructure

8.2 Communication Platforms

  • Meta (WhatsApp Business): For business communication via WhatsApp
  • Microsoft 365: For email and business communication

8.3 Automation Tools

  • Make: For automating workflows and integrations
  • Kennis.shop: For selling digital products and services online

Data Processing Agreements and GDPR Compliance:

With all third parties that process personal data on our behalf, we have concluded data processing agreements that comply with the requirements of the GDPR. These agreements ensure that your data remains protected and is only used for the agreed purposes.

Data Transfer Outside the EU:

We strive to keep your data within the European Economic Area (EEA). In cases where this is not possible, we ensure adequate safeguards such as EU standard contractual clauses or other mechanisms approved by the European Commission.

9. Security of Personal Data

We take the security of your personal data very seriously and have implemented appropriate technical and organizational measures to protect your data against loss, unauthorized access, misuse, and other forms of unlawful processing.

9.1 Technical Security Measures

  • SSL/TLS Encryption: All communication between your browser and our servers is encrypted with modern SSL/TLS protocols
  • Data Encryption: Sensitive data is stored encrypted in our systems
  • Firewalls and Network Segmentation: Our systems are protected by firewalls and network segmentation
  • Regular Security Updates: We keep our systems up-to-date with the latest security patches
  • Access Control: Access to personal data is limited to authorized employees via strong authentication

9.2 Organizational Security Measures

  • Access Management: Only authorized employees have access to personal data, based on the need-to-know principle
  • Confidentiality Agreements: All employees have signed confidentiality agreements
  • Awareness and Training: Employees are regularly trained on data protection
  • Incident Response Plan: We have procedures for detecting, reporting, and handling data breaches

9.3 Security of External Services

We use reputable cloud providers and SaaS services that comply with international security standards such as ISO 27001, SOC 2, and GDPR compliance. We periodically review the security measures of our suppliers.

While we do everything possible to protect your data, we cannot fully guarantee the security of data transmitted over the internet. Data transmission over the internet is at your own risk.

10. Your Rights as a Data Subject

Under the GDPR, you have various rights regarding your personal data. You can exercise these rights by contacting us using the contact details at the bottom of this privacy policy.

10.1 Right of Access (Article 15 GDPR)

You have the right to know whether we process personal data about you and to request a copy of this data. We provide this information free of charge, unless your request is manifestly unfounded or excessive.

10.2 Right to Rectification (Article 16 GDPR)

If your personal data is incorrect or incomplete, you have the right to have it corrected or supplemented. We will update your data within a reasonable time.

10.3 Right to Erasure / 'Right to be Forgotten' (Article 17 GDPR)

In certain cases, you have the right to have your personal data deleted, for example when the data is no longer needed for the purposes for which it was collected, or when you withdraw your consent. This right does not apply when we have a legal obligation to retain the data.

10.4 Right to Restriction of Processing (Article 18 GDPR)

You can request us to restrict the processing of your personal data in certain situations, for example when you contest the accuracy of the data or object to the processing.

10.5 Right to Data Portability (Article 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer this data to another organization.

10.6 Right to Object (Article 21 GDPR)

You have the right to object to the processing of your personal data that is based on a legitimate interest or that is used for direct marketing purposes.

10.7 Right to Withdraw Consent

When we process your data based on consent, you have the right to withdraw this consent at any time. This does not affect the lawfulness of processing before the withdrawal.

10.8 How Can You Exercise Your Rights?

You can exercise your rights by contacting us via:

We will respond to your request within one month. In complex cases, we may extend this period by a maximum of two months, informing you of this.

11. Cookies and Tracking

At this time, our website does not use cookies for tracking or analysis purposes. We do not use tools such as Google Analytics or other tracking technologies that monitor your behavior.

Should we decide to use cookies in the future, we will:

  • Clearly inform you about this via a cookie banner
  • Ask for your consent for non-essential cookies
  • Publish a comprehensive cookie policy explaining which cookies we use and why
  • Provide you with the ability to manage your cookie preferences

Essential technical cookies that are necessary for the website to function (such as session cookies) can be placed without consent, but we currently do not use these either.

12. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that has significant consequences for you. All important decisions about our services are made with human involvement.

While we provide AI technology to our clients, we do not use automated systems to make decisions about you without human involvement.

13. Minors

Our services are not directed at persons under the age of 16. We do not knowingly collect personal data from minors without parental or guardian consent.

If you suspect that we have collected personal data from a minor without the required consent, please contact us at hello@provolve.ai, so we can delete this data.

14. Changes to This Privacy Policy

We reserve the right to change this privacy policy. The most recent version is always available on our website. In case of significant changes, we will notify you via email or a clear notice on our website.

We advise you to review this privacy policy regularly so you stay informed about how we protect and process your personal data.

15. Complaints and Disputes

We take your privacy very seriously. If you have a complaint about the way we handle your personal data, please contact us first. We will do our best to resolve your complaint.

15.1 Contact Us

You can submit your complaint via:

15.2 Dutch Data Protection Authority

If you are not satisfied with the way we have handled your complaint, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

16. Contact

For questions about this privacy policy or about how we process your personal data, you can contact us:

  • Provolve AI
  • Kalvermarkt 53
  • 2511 CB The Hague
  • Chamber of Commerce: 98000632
  • VAT: NL868319673B01
  • Email: hello@provolve.ai
  • Phone: +31 (0)70 820 0360
  • WhatsApp: https://wa.me/31708200360
  • Data Protection Officer: Robert Knoester