Effective Date: 23th of January, 2026
Introduction
Welcome to Guestit (“we”, “us”, “our”, “Guestit.nl”).
This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit our website, use our products or services, or otherwise interact with us.
We are committed to processing personal data in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR).
Data Controller & Contact Information
Data Controller: Guestit (the entity determining the purposes and means of processing)
Addresses:
Hollandsch Diep 63-C, 2904 EP Capelle aan den IJssel, The Netherlands
Ruzveltova 44A, 1000 Skopje, North Macedonia (HQ)
Website: https://guestit.nl
Email: hey@guestit.nl
Phone: +31 (0)30 711 3232
Personal Data We Collect
We may collect and process the following categories of personal data:
Identity and contact data:
Name, email address, phone number, company name, job title, postal address
Usage and technical data:
IP address, browser type and version, device identifiers, operating system, pages visited, referral source, date and time stamps
Cookies and tracking data:
Cookies, local storage, analytics identifiers, and similar technologies
Communication data:
Emails, support tickets, and other communications with us
We do not knowingly collect personal data from individuals under the age of 16. If you are under 16, please do not provide personal data to us.
How We Use Your Data (Purposes and Legal Basis)
We process personal data only when a lawful basis applies:
To provide services and fulfill contracts
Legal basis: Performance of a contract
Examples: Account access, service delivery, billing, and support
To improve and develop our products and services
Legal basis: Legitimate interests
Examples: Analytics, performance monitoring, and feature improvements
To communicate with you
Legal basis: Legitimate interests or consent
Examples: Service communications, support, and marketing (where consent is given)
To comply with legal obligations
Legal basis: Legal obligation
Examples: Tax, accounting, and fraud prevention
To personalize and optimize user experience
Legal basis: Legitimate interests
Examples: Remembering preferences and optimizing content
Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not affect processing carried out under other lawful bases.
Data Sharing and Third Parties
We may share personal data with:
Service providers and subprocessors that help us operate our services (such as hosting, analytics, and email providers)
Affiliates or group companies
Public authorities or regulators where required by law
Third parties involved in business transactions such as mergers, acquisitions, or reorganizations
All third parties are required to process personal data in accordance with GDPR and to implement appropriate security measures. Where required, data processing agreements (verwerkersovereenkomst) are in place.
International Data Transfers
If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are applied, such as Standard Contractual Clauses or adequacy decisions, in accordance with GDPR requirements.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. After the retention period, data is securely deleted or anonymized.
Your Rights Under GDPR
You have the right to:
Access your personal data
Request rectification of inaccurate or incomplete data
Request erasure of your data (“right to be forgotten”)
Request restriction of processing
Object to processing, including direct marketing
Request data portability
Withdraw consent where processing is based on consent
To exercise your rights, contact us at hey@guestit.nl.
We will respond within the statutory time limits, usually within one month.
You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
Security Measures
We implement appropriate technical and organizational measures to protect personal data, including encryption, access controls, pseudonymization, monitoring, backups, and staff training. However, no method of transmission or storage is completely secure, and absolute security cannot be guaranteed.
. Cookies and Tracking Technologies
We use cookies and similar technologies to ensure website functionality, analyze usage, and improve user experience. You can manage cookie preferences through our cookie banner or your browser settings. Where applicable, a separate Cookie Policy applies.
Changes to This Policy
We may update this Privacy Policy from time to time. The most current version will always be available on our website and will include an updated effective date. Significant changes may also be communicated via email or in-app notifications.
Miscellaneous
This Privacy Policy is governed by the English language version.
If any provision is found invalid or unenforceable, the remaining provisions remain in effect.
Use of our services is also subject to our Terms and Conditions.