Privacy Statement

Privacy Statement Tilaa BV

Last update: May 24th 2018

We respect your privacy and we only process your personal data for the purpose of which you have provided that data to us in accordance with the General Data Protection Regulation. This means that your data is safe with us and that we look after your personal information. In this Privacy Statement we will explain to you how Tilaa BV collects data and how it is used and secured. We also make use of external parties who assist us in providing our services. Where this is applicable and the way they collect and use this information is described in this Privacy Statement.

If you have questions, or if you want to know exactly what we are recording, please contact us.


Dealing with your order

When you have placed an order with us, we will ask your for personal data such as name and address, email address, telephone number and IP address. In order to conclude your order we receive information about your payment from your bank or credit card company on the basis of the provided details. We require this information because we are entering into an agreement with you. We are keeping these details up to two years after conclusion of your order and for seven years after, which is statutory by law.

To subscribe

You have taken out a paid subscription. To settle payment, we use your personal data such as your telephone number, payment details, email address, name and address and IP address. We execute this only with your permission. We keep these details up to two years after you have cancelled your subscription and seven years after, which is statutory by law.

Contact form and newsletter

You can ask questions or make requests through our contact form. For this we use your email address, IP address and name and address details. We need these details because we are entering into an agreement with you. We keep this information until we are absolutely sure that you are satisfied with our reaction and for six months after that in case we need to answer any follow-up queries.

You can subscribe to our newsletter. This letter is sent once every quarter and contains our latest news, tips and information about our existing and latest products and services. You can always cancel your subscription to our newsletter at any time. This can be achieved through clicking on the link at the bottom of our newsletter or through our website. Your email address is only added to the subscription list with your permission. This data is kept until you have cancelled the subscription.

Your account

To order a product with us, you need to register first by submitting your email. An account will then be set up and you can login with your email address and a self-chosen password. For this we use your email address and your IP address. We need these details because we are entering into an agreement with you. We keep this information up to two years after you have cancelled your subscription and for seven years after, which is statutory by law.

With your account you gain access to our dashboard, a content management system where you can install, implement and change data and control your products. We are keeping track of the changes you have implemented for reasons of proof, only with your permission. We store this information so you do not need to enter the same information each time and we can approach you when necessary. Through the dashboard you can amend your information at any time. We keep this information up to two years after you have cancelled your subscription and for seven years after, which is statutory by law.

Location data

On the basis of your IP address we perform an automatic location detection . This information is supplied by Maxmind (third party) and is linked to a payment. In combination with the provided name and address and payment details this is solely used to carry out a risk assessment of your order for the prevention of abuse of our services.

Distribution to other companies or institutions

We only supply your details to other companies or institutions when utterly necessary, or when it is statutory by law (for example when there is a suspicion of crime investigation). In order to provide the best service possible, we use external partners. It could be possible that these partners receive your data from us.

  • Zendesk - To answer customer queries it is necessary to link a question to a customer account. We share your customer number, name of your organization, first and last name, your email address and your preferred language.
  • Mailchimp - For the distribution of newsletters. We share your email address and language preference.
  • Buckaroo - For processing credit card, direct debit, Sofort, Giropay and Bancontact transactions. We do not share your personal data, solely the payment details, your customer number and your preference of language.
  • Paypal - For processing Paypal transactions. We do not share your personal data, solely payment details and language preference.
  • ABN AMRO - Processing all iDEAL transactions. We do not share your personal data, solely your payment details.
  • Maxmind - For risk analysis and anti-fraud. We share your IP address, method of payment, the amount paid and your email address as well as your name and address details.


Our website uses cookies. Cookies are small pieces of information that are stored on your computer through your browser. We use cookies so you do not have to enter your details each time and we can recognize you when you visit our site.

We use a cookie of Google Analytics to trace how visitors use our website. This information is used to generate statistics about country of origin, internet browsers, operating systems and other information that can assist us with improving our website and services.

You can block storing cookies on your computer, but it will entail that certain sections of our website will not operate properly anymore.


Security of personal data is of great importance to us. To protect your privacy we are taking the following measures;

  • Access to personal data is shielded by email address and password, in addition two factor authentication by means of using a login token can be installed by yourself.
  • We take physical measures such as locks and safes for protection of access to the systems where personal data is stored.
  • We make use of secured connection (Secure Sockets Layer or SSL), which shields all information between you and our website when you are entering your personal data.
  • We have been awarded certificates for ISO/IEC 27001:2013, PCI DSS 3.2, ISO/IEC 9001:2015, NEN 7510:2011 en ISAE 3402 Type I.

Data Protection Officer

We have appointed a Data Protection Officer. This person is responsible for all privacy related matters in our organization. In case of requests or queries our Data Protection Officer can be reached by email on or by phone one +31 (0) 852100500.

Amendments to our Privacy Statement

If a change is made to our Privacy Statement, you will always find the updated version on this page. Please pay attention to the abovementioned date and check for new versions on a regular basis. We will do our utmost to announce any changes separately by sending you an email to the address that has been linked to your account.

Access, modify or delete your data

For queries regarding our Privacy Statement or questions about access or modifications (or deleting) your personal data you can always contact us through our regular channels. You can also send us a request to view, modify or delete the stored data. In addition you can request a data export for all data we use with your permission or your motivation why you would like us to limit processing your personal data. To prevent abuse we could ask you to send us means of identification. If it is regarding viewing personal data that is linked to a cookie, please also forward a copy of the said cookie with the request. You can find these in your browser settings. In case the details we have are not correct, you can request to modify these or have them removed.

Submission complaint

Of course we would like to assist you if you have a complaint about processing your personal data. Nevertheless if the solution offered is not to your satisfaction, you are entitled by law to submit a complaint to the Privacy supervisor being the Data Protection Authority. You can contact the Data Protection Authority directly.