Privacy Policy

Last updated: April 2026

This Privacy Policy explains how BizzSurfer (“we”, “us”) collects, uses, and protects personal data when you visit bizzsurfer.com, request a demo, or otherwise interact with us. We operate under the General Data Protection Regulation (GDPR) and Dutch privacy law.

1. Data Controller

The data controller is TheHRchapter B.V., a company registered in Zevenaar, Gelderland, the Netherlands.

For privacy questions, contact us at hello@bizzsurfer.com.

2. What we collect

Information you give us

• Name, work email, company, and the message you submit through our contact / demo form.
• Any additional information you choose to share when you email us or book a meeting.

Information collected automatically

• Standard server and analytics data: IP address (truncated where possible), device and browser type, referring page, pages viewed, and timestamps.
• Cookies and similar technologies — see section 7.

3. Why we use your data

• To reply to your demo requests and messages.
• To operate, secure, and improve the website.
• To measure aggregate traffic and performance.
• To comply with legal obligations.

We do not sell your personal data, and we do not use it for automated decision-making that produces legal effects on you.

4. Legal basis under GDPR

• Art. 6(1)(a) — Consent: for non-essential analytics and marketing cookies (you can withdraw this at any time).
• Art. 6(1)(b) — Contract / pre-contractual steps: when you request a demo and we handle your request.
• Art. 6(1)(f) — Legitimate interest: to secure the site, prevent abuse, and understand aggregate usage.
• Art. 6(1)(c) — Legal obligation: when we must retain records (e.g. tax, accounting).

5. How long we keep it

• Demo and contact requests: up to 24 months after last contact, then deleted or anonymised.
• Email correspondence: up to 36 months, unless a longer retention is legally required.
• Website analytics: up to 14 months in aggregated form.
• Server logs: typically 30 days.

6. Third-party services

We rely on a small number of carefully selected processors to run the site:

• Vercel (hosting, Web Analytics, Speed Insights) — serves the site and provides privacy-friendly, cookieless traffic metrics.
• Google Tag Manager — loads measurement tags (including Google Analytics). Only activated after you give consent.
• Resend — delivers emails sent through the contact form to our inbox.
• Contentful — content management for our blog / insights section. No visitor personal data is stored there.
• Microsoft 365 (Outlook Bookings) — used when you book a demo meeting.

Each processor handles data under a data processing agreement and in line with this policy.

7. Cookies

We use two categories of cookies and similar technologies:

• Essential: required for the site to work and be secure (e.g. Vercel routing). These do not need consent.
• Analytics & marketing: loaded via Google Tag Manager (including Google Analytics) to help us understand how the site is used. These are only set after you accept them in our cookie banner. You can change your choice at any time by clearing cookies or using the banner's “Reject” option on your next visit.

8. Your rights under GDPR

You have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request erasure (“right to be forgotten”).
• Request restriction of processing.
• Data portability — receive your data in a structured, commonly used format.
• Object to processing based on legitimate interest.
• Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email hello@bizzsurfer.com. We respond within 30 days.

You also have the right to lodge a complaint with the Dutch Data Protection Authority, Autoriteit Persoonsgegevens.

9. International transfers

Some of our processors (notably Vercel and Google) are based in the United States. When personal data is transferred outside the European Economic Area, we rely on the European Commission's adequacy decision for the EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses (SCCs), together with the technical and organisational safeguards each provider offers.

10. Security

We use HTTPS everywhere, limit access to personal data on a need-to-know basis, and review our security practices regularly. No online service can be 100% secure, but we take reasonable steps to protect your information.

11. Changes to this policy

We may update this policy to reflect changes in our services or the law. The “Last updated” date at the top shows the latest version. Significant changes will be highlighted on this page.

12. Contact

TheHRchapter B.V.
Zevenaar, Gelderland, The Netherlands
hello@bizzsurfer.com