Privacy Policy
dev.enkrio ("we", "us", or "our") operates dev.enkrio.com. This policy explains what data we collect, why we collect it, and how we protect it.
Data Controller
The data controller responsible for processing your personal data under this policy is:
- Name: Dev.Enkrio
- Chamber of Commerce (KVK) number: 42061187
- Business address: Brouwhuis 52, 1695JS, Blokker, the Netherlands
- Email: hello@enkrio.com
1. Information we collect
We collect only what is necessary to respond to your enquiries and improve this site.
- Contact form submissions: Name, email address, and any message or project details you provide voluntarily via the contact form.
- Analytics data: Anonymised usage events (pages visited, time on page, referrer, browser type, country) collected through PostHog. No IP addresses are stored server-side.
- Booking data: If you schedule a call via Cal.com, that data is governed by Cal.com's own privacy policy. We receive only your name, email, and meeting time.
- Configurator usage: The access-restricted quote configurator notifies us by email when a project key is unlocked or a quote is exported. These notifications contain only the client label tied to the access key and the selected package and totals — no personal data is collected or sent.
2. Legal basis and how we use your information
We process your personal data based on the following GDPR legal bases:
- Pre-contractual steps / Consent: To reply to your enquiries and discuss a potential project. Processing is necessary to take steps at your request prior to entering into a contract, or based on your explicit consent when you submit the contact form.
- Legitimate Interest (Analytics): To understand which parts of the site are most useful so we can improve them. We use privacy-friendly product analytics (PostHog) for this purpose.
- Legitimate Interest (Security): To protect the site from spam and abuse via Cloudflare Turnstile verification on the contact form.
We do not sell, rent, or share your personal data with third parties for marketing purposes.
3. Third-party services
This site uses the following processors, each with their own privacy policies:
- Vercel: hosting and edge delivery.
- Supabase: secure storage of contact form submissions.
- Resend: transactional email delivery of your submission to us.
- Cloudflare Turnstile: bot and spam protection on the contact form.
- PostHog: privacy-friendly product analytics. Data is processed in the EU region.
- Cal.com: call booking. Governs data collected during the booking flow.
4. International data transfers
Our third-party processors (such as Vercel, Resend, and Supabase) may transfer and store personal data outside the European Economic Area (EEA), including to the United States. To ensure an adequate level of data protection in compliance with the GDPR, these transfers are safeguarded under the EU-US Data Privacy Framework or standard contractual clauses (SCCs) approved by the European Commission, alongside supplementary security measures where required.
5. Cookies and tracking
We use a single first-party analytics cookie set by PostHog to distinguish returning visits. No advertising, retargeting, or cross-site tracking cookies are used. You can block cookies in your browser settings at any time; the site remains fully functional without them.
6. Data retention
Contact form submissions are retained for as long as we maintain an active or prospective business relationship with you, or until you ask us to delete them. Analytics data is retained for 12 months. Booking data is managed by Cal.com per their policy.
7. Children's Privacy
Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from minors. If you believe we have accidentally collected such data, please contact us at hello@enkrio.com so we can delete it.
8. Your rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your data.
- Object to or restrict processing.
- Withdraw consent at any time where processing is based on consent.
- Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
To exercise any of these rights, email us at hello@enkrio.com. We will respond within 30 days.
9. Security
All data is transmitted over HTTPS. Contact submissions are stored in Supabase using a service-role key that is never exposed client-side. We apply the principle of least privilege to all third-party integrations.
10. Changes to this policy
We may update this policy when our practices change. We will indicate material changes by updating the date at the top of this page. Continued use of the site after changes constitutes acceptance of the revised policy.
11. Contact
Questions about this policy? hello@enkrio.com