Privacy statement
Q-dev - Version 1.2, last updated on 2026-05-26
1. Who we are
Q-dev is an independent development studio for websites, webshops, and custom software. We handle personal data with care and only process what is necessary to provide our services effectively.
Q-dev
KvK: 34307906
E-mail: info@q-dev.nl
2. What data we process
We only process data that you actively provide to us or that is technically necessary for the website to function.
Data that you send yourself:
- Name
- Email address
- Phone number (optional)
- Content of your message or request
Technical specifications:
- IP address (in server logs, temporary, for security and error analysis)
- An anonymized, short-lived identifier (hash of IP + browser) to prevent duplicate likes; this hash is not stored in a retrievable manner
- Anonymous visit activity for live display on the site; not linked to a person and not permanently stored
We do not use advertising cookies or third-party tracking cookies. For the cookie choice, we do place a functional own cookie (see section 6).
3. Why we process this data
We process personal data for:
- The response to your message or request
- The creation and execution of a quote or agreement
- Necessary administration and invoicing
- Contact regarding changes, updates or support
- The functioning, securing, and improving of the website
- Automated spam and intent monitoring of requests via the contact form, so that unwanted or unclear messages are filtered out before they arrive as email at Q-dev
Legal bases:
- Execution of an agreement
- Legitimate interest (safety, communication, technical operation)
- Complying with legal obligations (such as administrative duties)
4. How long we retain data
We do not keep personal data longer than necessary for the purposes for which you provided it.
- Messages, requests, and emails: maximum 12 months, unless a task follows or further communication is needed.
- Administrative data (such as invoices): 7 years, according to the legal retention obligation.
- Server logs: automatically and temporarily, solely for security and error analysis.
- Tracking data: we do not permanently store website behavior or analytics.
5. Sharing data with third parties
We do not sell personal data to third parties. Data is only shared with parties that are strictly necessary for providing our services, such as:
- Our hosting provider (for website and email)
- Software for administration and invoicing
- OpenAI (United States), for the automated spam and intent verification of incoming requests via the contact form. The content of your request will be sent to OpenAI once for evaluation and will not be stored by OpenAI for training purposes
- YouTube/Google, for displaying embedded video clips in the portfolio. When watching such a video, content loads directly from YouTube and Google's privacy terms apply
With these parties, processor agreements have been made where necessary, and they act in accordance with the applicable privacy legislation (GDPR).
6. Cookies and similar techniques
We do not use advertising cookies and no tracking services. On your first visit, we show a cookie choice, where you can indicate whether you want to allow analytical cookies in addition to functional cookies.
Functional cookies (always active):
- A session cookie for the correct functioning of forms (CSRF protection) and language selection
- A cookie in which your cookie choice is stored, so you don't have to make this choice again on each visit
Embedded content from third parties:
The portfolio page displays videos that load directly from YouTube. YouTube may place its own cookies in accordance with the Google privacy policy. We do not place these cookies ourselves and do not use the YouTube data for analysis or profiling.
If you click on "Essential" in the cookie choice, no analytics will be activated. Embedded YouTube videos will still work directly; if you want to prevent that, use your browser's privacy settings.
7. Your rights
You have the right under privacy legislation to:
- To request access to the personal data we process about you
- To have data corrected if they are incorrect
- To have data deleted when there is no longer a (legal) reason to keep it
- To object to certain forms of processing
- To request a copy of your data (data portability), where technically possible
For these requests, you can contact us at info@q-dev.nl. We generally respond within 30 days.
8. Protection of personal data
We take appropriate technical and organizational measures to prevent abuse, loss, unauthorized access, and unwanted disclosure. This includes, among other things:
- Encrypted connections (HTTPS)
- Secure servers and up-to-date software
- Limited access to systems and data
- Regular updates and monitoring
If you feel that data is not properly secured, please let us know at info@q-dev.nl.
9. International customers and data
We also work with clients outside the Netherlands and outside the EU. Personal data is processed within the European Economic Area (EEA) in principle and not transferred to countries without an adequate level of protection, unless this is explicitly necessary for the execution of the assignment or we have arranged appropriate safeguards for this.
For the spam and intent verification of the contact form, we use OpenAI, based in the United States. The transfer takes place based on the EU-US Data Privacy Framework, to which OpenAI is certified. The message is assessed once and not used by OpenAI for training models.
For embedded videos on the portfolio page, processing takes place by YouTube (Google LLC), also under the EU-US Data Privacy Framework.
10. Changes to this privacy statement
This privacy statement may be adjusted when our services or legislation changes. The most recent version is always available on this page. This version was last updated on May 26, 2026.
