Privacy Policy
Last updated: 31 May 2026
This Privacy Policy explains how Alsina Advisory ("we", "us", "our") collects, uses, shares and protects personal data when you visit this website or contact us. We process personal data in accordance with the EU General Data Protection Regulation (GDPR / "AVG") and the Dutch GDPR Implementation Act (UAVG).
1. Who we are (data controller)
The controller responsible for your personal data is:
- Kas Alsina, handelend onder de naam (trading as) Alsina Advisory, an eenmanszaak (sole proprietorship)
- Address: the Netherlands (registered office address available on request)
- Chamber of Commerce (KvK): 42061122
- VAT (btw-id): NL005465365B03
- Email: kas@alsinaadvisory.com
We have not appointed a statutory Data Protection Officer (DPO), as we are not required to. For any privacy matter, contact us using the details above.
2. Personal data we collect
We collect the following categories of personal data:
Data you give us
- Enquiry, resource & subscription requests: when you submit our "checklist" form, subscribe to our regulatory updates (the footer email field), or email us, we receive your email address and any information you choose to include.
- Consultation enquiries: when you email us to arrange a consultation, we receive your email address and any details you include in your message.
- Engagement data: if you become a client, we process the business and contact details needed to scope and deliver our services (handled under a separate engagement agreement).
Data we collect automatically
- Technical & usage data: IP address, browser type, device, referring page and pages viewed, collected via server logs and cookies/similar technologies (see our Cookie Statement). Fonts and images are served from our own website, so no third-party content provider receives your IP address simply by loading a page.
We do not intentionally collect special categories of data (e.g. health, religion) through this website. Please do not include confidential client or regulatory information in website forms.
3. Purposes and legal bases
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Respond to your enquiry and provide requested resources | Steps prior to entering a contract, and our legitimate interest in responding (Art. 6(1)(b)/(f)) |
| Send regulatory updates and occasional marketing emails | Your consent (Art. 6(1)(a)), given when you subscribe and withdrawable at any time |
| Schedule and hold consultations | Steps prior to a contract / legitimate interest (Art. 6(1)(b)/(f)) |
| Deliver services to clients | Performance of a contract (Art. 6(1)(b)) |
| Operate, secure and improve the website | Our legitimate interest (Art. 6(1)(f)); consent for non-essential cookies |
| Comply with legal, tax and regulatory obligations | Legal obligation (Art. 6(1)(c)) |
4. Sharing and processors
We do not sell your personal data. We share it only with service providers ("processors") that help us operate this website and our business, under appropriate data processing agreements. These currently include:
| Provider | Purpose | Location |
|---|---|---|
| Netlify (Netlify, Inc.) | Website hosting and form submissions (only when you submit a form) | United States |
| Plausible Analytics (Plausible Insights OÜ) | Cookieless, aggregate website analytics; no cookies, no cross-site tracking, no personal data stored | European Union |
We may also disclose data where required by law, regulation, or a valid request from a competent authority.
5. International data transfers
Some of our processors are located outside the European Economic Area (EEA), including in the United States. Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the EU Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework. You can request more information using the contact details above.
6. How long we keep data
- Enquiry and booking data: kept for as long as needed to handle your request, then up to 12 months.
- Regulatory update and marketing subscription data: kept until you unsubscribe or withdraw consent.
- Client engagement records: kept for the duration of the engagement and the statutory retention periods that apply, including the 7-year retention obligation for tax and administration records under Dutch law.
- Website logs and cookie data: see our Cookie Statement.
7. Your rights
Under the GDPR you have the right to: access your data; rectify inaccurate data; erase data; restrict or object to processing; data portability; and withdraw consent at any time (without affecting prior processing). To exercise any of these, email kas@alsinaadvisory.com. We will respond within one month.
If you are unhappy with how we handle your data, you also have the right to lodge a complaint with the Dutch Data Protection Authority, the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).
8. Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse and unauthorised access. No method of transmission over the internet is fully secure, so we cannot guarantee absolute security.
9. Cookies
This website uses cookies and similar technologies. For details of which cookies we use and how to manage your preferences, see our Cookie Statement.
10. Changes to this policy
We may update this Privacy Policy from time to time. The "last updated" date above shows the latest version. Material changes will be highlighted on this page.
11. Contact
Questions about this policy or your personal data? Email kas@alsinaadvisory.com and we will respond promptly. Our registered office address is available on request.