Privacy Policy

Last updated: 1st January 2026

Introduction

CosmicAnvil B.V. ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cosmicanvil.world or use our services.

As a company registered in the Netherlands (KvK24651397), we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy applies to all personal data we process about you.

Data Controller Information

CosmicAnvil B.V. is the data controller responsible for your personal data. You can contact us at:

CosmicAnvil B.V.
Vijverweg 43
1049 DO Amsterdam
Netherlands
Email: privacy@cosmicanvil.world
Phone: +31 20 909 9327

Data We Collect

We collect different types of information depending on how you interact with our website and services. The data we collect includes:

Personal Information You Provide

When you contact us or use our services, we may collect personal information such as:

  • Name and contact details (email address, phone number)
  • Company or restaurant name and business information
  • Communication preferences
  • Messages and correspondence you send to us
  • Information provided during consultations or service delivery

Automatically Collected Information

When you visit our website, we automatically collect certain technical information including:

  • IP address and location data
  • Browser type and version
  • Operating system
  • Pages visited and time spent on our website
  • Referral sources and website navigation patterns

How We Use Your Information

We use your personal information for various purposes based on our legitimate business interests and your consent. Here's how we use your data:

  • To provide and deliver our supply chain management consulting services
  • To respond to your enquiries and communicate with you about our services
  • To improve our website functionality and user experience
  • To analyse website usage and optimise our content
  • To comply with legal obligations and protect our legitimate interests
  • To send you relevant information about our services (with your consent)
  • To maintain records for business and legal purposes

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for specific processing activities
  • Contract: When processing is necessary for performing our consulting services
  • Legitimate Interests: For business operations, website improvement, and service optimisation
  • Legal Obligation: When required to comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances:

  • Service providers who assist us in operating our website and conducting business
  • Professional advisers such as lawyers, accountants, and auditors
  • Law enforcement or regulatory authorities when required by law
  • In connection with a business transfer or merger (with appropriate safeguards)

All third parties are required to maintain the confidentiality and security of your personal information and use it only for the specified purposes.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognising equivalent data protection standards
  • Certification schemes and codes of conduct

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Our typical data retention periods are:

  • Contact enquiries: 3 years from last contact
  • Client records: 7 years after service completion for legal and tax purposes
  • Website analytics data: 26 months (Google Analytics default)
  • Marketing data: Until consent is withdrawn or 2 years of inactivity

We regularly review our data retention practices and securely delete information that is no longer needed.

Your Rights

Under GDPR, you have several rights regarding your personal data. These your rights include:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for specific processing activities

To exercise any of these rights, please contact us at privacy@cosmicanvil.world. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Staff training on data protection principles
  • Incident response procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to improve our safeguards.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Contact:
Email: privacy@cosmicanvil.world
Phone: +31 20 909 9327
Address: Vijverweg 43, 1049 DO Amsterdam, Netherlands

Complaints

If you believe we have not handled your personal data in accordance with this policy or applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).

We encourage you to contact us first at privacy@cosmicanvil.world so we can address your concerns directly.