Privacy PolicyÂ
Version: 2026.06|Last update:
1. Introduction
This Privacy Policy explains how Qmica B.V. ("Qmica", "we", "us" or "our") collects, uses, stores, protects and processes personal data in connection with our website, service
2. Personal Data We Collect
Depending on the nature of our relationship with you and your use of the Services, Qmica may collect and process the following categories of personal data:
2.1 Account and Contact Information
When you create an account, request information, purchase Services or otherwise interact with Qmica, we may collect:
- Name;
- Business name;
- Job title;
- E-mail address;
- Telephone number;
- Billing and contact details.
2.2 Product and Business Data
Qmica primarily processes product and business data submitted by customers through the Services.
Although the Services are not intended for the processing of personal data, customers may occasionally include personal data within submitted datasets. In such cases, such processing is incidental to the Services and remains the responsibility of the customer.
2.3 Technical and Usage Information
When you access our website, platform or Services, we may automatically collect:
- IP address;
- Browser type and version;
- Operating system;
- Device information;
- Date and time of access;
- Log files;
- Usage and performance data.
2.4 Support and Communication Data
When you contact Qmica, submit support requests or communicate with us, we may collect information contained in such communications, including correspondence, support tickets and related information.
2.5 Cookies and Similar Technologies
Qmica may use cookies and similar technologies to improve the functionality, security and performance of its website and Services. Additional information may be provided in a separate Cookie Policy.
3. Legal Basis for Processing
Qmica processes personal data on one or more of the following legal grounds:
a. the performance of a contract;
b. compliance with a legal obligation;
c. the legitimate interests of Qmica, including service security, fraud prevention, business operations and service improvement;
d. consent, where consent is required under applicable law.
Qmica shall only process personal data where a valid legal basis exists.
4. Data Security
Qmica takes the security of personal data and business data seriously and implements appropriate technical and organisational measures designed to protect data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access.
Our Services are hosted primarily within Amazon Web Services (AWS) infrastructure located in Frankfurt, Germany, and within the European Economic Area.
Qmica and its hosting providers implement security measures including, but not limited to:
- Encryption of data in transit and at rest;
- Network segmentation and firewall protection;
- Access controls based on the principle of least privilege;
- Identity and access management (IAM);
- Logging, monitoring and audit capabilities;
- Daily backup and recovery procedures;
- Continuous security monitoring and maintenance.
Access to customer data is restricted to authorised personnel who require such access for the performance, maintenance, support or security of the Services.
Although Qmica takes reasonable measures to protect data, no method of electronic transmission, storage or processing can be guaranteed to be completely secure. Accordingly, Qmica cannot guarantee absolute security.
Qmica continuously evaluates and improves its security measures to align with industry standards, technological developments and applicable legal requirements.
5. Retention of Data
Qmica retains personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, to resolve disputes and to enforce agreements.
Unless a longer retention period is required or permitted by law, Qmica generally applies the following retention periods:
Category of Data
Retention Period
Customer account and contact information
Duration of the contractual relationship plus two (2) years
Support requests and support tickets
Two (2) years after closure
System logs and security logs
Twelve (12) months
Marketing communications data
Until consent is withdrawn or an objection is received
Financial and accounting records
Seven (7) years, or longer where required by applicable law
Upon expiry of the applicable retention period, Qmica shall securely delete, anonymise or otherwise render the relevant personal data inaccessible, unless continued retention is required by law or necessary for the establishment, exercise or defence of legal claims.
Where a customer requests deletion of personal data, Qmica shall comply with such request to the extent required by applicable law and subject to any legal or contractual retention obligations.
6. Sharing of Your Information
Qmica does not sell, rent or otherwise disclose personal data to third parties except as described in this Privacy Policy or where required by law.
Qmica may share personal data with the following categories of recipients:
6.1 Service Providers
Qmica may engage carefully selected third-party service providers who assist in the provision, operation, maintenance, support, security and improvement of the Services. Such service providers may include hosting providers, infrastructure providers, monitoring providers, support providers and professional advisers.
6.2 Amazon Web Services (AWS)
Qmica uses Amazon Web Services (AWS) as its primary hosting and infrastructure provider. Data processed through the Services is hosted primarily within AWS infrastructure located in Frankfurt, Germany, and within the European Economic Area.
6.3 Legal and Regulatory Requirements
Qmica may disclose personal data where required to do so by law, court order, regulatory authority or other competent governmental body.
6.4 Protection of Rights
Qmica may disclose personal data where reasonably necessary to protect the rights, property, security or legitimate interests of Qmica, its customers, users or third parties.
6.5 Corporate Transactions
In the event of a merger, acquisition, financing transaction, reorganisation, sale of assets or similar corporate transaction involving Qmica, personal data may be disclosed to potential or actual purchasers, investors, advisers or successor entities, subject to appropriate confidentiality obligations.
6.6 International Transfers
Where personal data is processed by service providers located outside the European Economic Area, Qmica shall ensure that appropriate safeguards are implemented in accordance with applicable data protection legislation, including the use of Standard Contractual Clauses where required.
Qmica requires third parties processing personal data on its behalf to implement appropriate security measures and to process personal data only in accordance with applicable law and contractual obligations.
7. Your Rights
Subject to applicable data protection legislation, you may have the following rights regarding your personal data:
7.1 Right of Access
You have the right to request access to the personal data that Qmica processes about you and to receive information regarding such processing.
7.2 Right to Rectification
You have the right to request correction of inaccurate or incomplete personal data.
7.3 Right to Erasure
You have the right to request deletion of your personal data where Qmica no longer has a lawful basis for processing such data, subject to applicable legal obligations.
7.4 Right to Restriction of Processing
You have the right to request restriction of the processing of your personal data in certain circumstances provided by law.
7.5 Right to Data Portability
Where processing is based on consent or the performance of a contract and carried out by automated means, you may request a copy of your personal data in a structured, commonly used and machine-readable format.
7.6 Right to Object
You have the right to object to the processing of your personal data where such processing is based on Qmica's legitimate interests, unless Qmica demonstrates compelling legitimate grounds for the processing.
7.7 Right to Withdraw Consent
Where processing is based on your consent, you may withdraw your consent at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out before such withdrawal.
7.8 Right to Lodge a Complaint
You have the right to lodge a complaint with a competent supervisory authority if you believe that your personal data is being processed in violation of applicable data protection legislation.
7.9 Exercising Your Rights
Requests relating to your personal data may be submitted to:
Qmica may request additional information to verify the identity of the requester before processing a request.
Qmica shall respond to valid requests within the time periods prescribed by applicable data protection legislation.
8. Changes to this Privacy Policy
Qmica may amend or update this Privacy Policy from time to time to reflect changes in applicable laws and regulations, technological developments, business operations, security practices or the Services provided by Qmica.
Where material changes are made to this Privacy Policy, Qmica shall take reasonable steps to inform affected users, including by publishing an updated version on its website, through the Qmica platform or by electronic communication.
The latest version of this Privacy Policy shall always be available on the Qmica website.
The version number and effective date stated at the beginning of this Privacy Policy indicate when the most recent changes took effect.
Continued use of the Services following the effective date of an updated Privacy Policy shall constitute acknowledgement of the revised Privacy Policy, to the extent permitted by applicable law.
Contact Information
Qmica B.V.
Zijperweg 4N
1742 NE Schagen
The Netherlands
Chamber of Commerce (KvK): 72079894
Website: https://www.qmica.io
E-mail: info@qmica.io
General enquiries: info@qmica.io
Supervisory Authority
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the competent supervisory authority.
In the Netherlands, complaints may be submitted to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):