Privacy Policy

Last Updated: 1st January 2026

GrandAquarium B.V. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Data Collection

We collect various types of information in connection with the services we provide, including personal data we collect directly from you and information we collect automatically when you use our website. The data we collect includes:

• Personal identification information (name, email address, phone number, postal address)
• Professional information related to your property development enquiries
• Communication preferences and contact history
• Website usage data and analytics information
• Technical information such as IP address, browser type, and device information
• Cookies and similar tracking technologies as detailed in our Cookie Policy

How We Use Your Information

We use of your data is based on legitimate business interests, contractual necessity, legal compliance, and your consent where required. We use your information to:

• Provide and maintain our property development services
• Respond to your enquiries and communicate with you about our services
• Process and fulfil service requests and contracts
• Send you relevant information about our services, projects, and updates
• Improve our website functionality and user experience
• Comply with legal obligations and regulatory requirements
• Protect our rights and prevent fraud or misuse of our services

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information with:

• Trusted service providers who assist us in operating our business
• Professional advisors such as lawyers, accountants, and consultants
• Regulatory authorities when required by law
• Business partners for joint projects with your explicit consent

Your Rights

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have certain rights regarding your personal data:

• Right of Access: You can request copies of your personal data
• Right to Rectification: You can request correction of inaccurate or incomplete data
• Right to Erasure: You can request deletion of your personal data under certain circumstances
• Right to Restrict Processing: You can request limitation of how we process your data
• Right to Data Portability: You can request transfer of your data to another organisation
• Right to Object: You can object to processing based on legitimate interests or direct marketing

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods depend on the type of information and the purpose for which it was collected:

• Contact enquiries: 3 years from last contact
• Client project data: 7 years after project completion
• Marketing communications: Until you unsubscribe
• Website analytics: 26 months (Google Analytics default)
• Legal and regulatory records: As required by applicable law

Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

International Data Transfers

As a Netherlands-based company, we primarily process data within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or other legally recognised transfer mechanisms.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Data Controller Information

GrandAquarium B.V. is the data controller responsible for your personal information. We are registered in the Netherlands with registration number NL36472819 and are subject to Dutch data protection law and the GDPR.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

Complaints and Supervisory Authority

If you believe we have not handled your personal data in accordance with this policy or applicable data protection laws, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.