Privacy Policy Website

Welcome to Sound of Data’s website privacy policy. We understand that your personal data deserves care, transparency, and respect. That’s why we want to explain not only what we do with your data, but also why we do it — and how we ensure that your privacy is protected at every step.

At Sound of Data, we believe privacy is more than a regulatory requirement — it’s a foundation for trust. Whether you’re simply browsing or actively reaching out, you should know exactly what we collect, why we collect it, and how we keep it secure. We build our tools and policies around clarity and control — with no assumptions, no shortcuts, and no hidden agendas. Your data is yours. We just handle it with care.

This policy applies to our website http://www.soundofdata.com and outlines how we collect, use, and share personal data when you interact with us online.

Sound of Data B.V. is a Dutch technology company specialized in voice infrastructure and customer journey optimization. From our headquarters in Rotterdam (Waalhaven Oostzijde 83L, 3087 BM), we enable organizations to handle millions of customer interactions securely and effectively every year.

Our commitment to privacy reflects the trust our clients and their customers place in us. For privacy-related questions or requests, you can reach us at privacy@soundofdata.com.

We collect information when you visit our site so that we can provide you with a seamless and secure experience. This includes:

• Usage data: Every time you load a page, our systems log technical details like your IP address, browser type, device model, operating system, and how long you stayed. We use this to ensure our site performs properly and to protect it from abuse.

• Interaction data: We use analytics tools to understand how visitors navigate our site — which pages get the most attention, which buttons are clicked, and where visitors tend to drop off. This helps us design better digital experiences.

• Form data: When you fill out a form — for example to request a demo, contact us, or subscribe — we collect basic details such as your name, email address, phone number, and message. This helps us respond to your request and follow up if you’ve opted in to further communication.

• Cookie data: Our site uses cookies to remember your preferences and personalize your experience. Some cookies are essential, others help us understand behavior. See section 5 and our Cookie Policy for more.

We do not collect sensitive data (like health or financial information) through our website.

We use the information we collect to provide you with an experience that is relevant, secure, and genuinely helpful. Here’s how:

• To run our website effectively: We use data to keep the site functioning as intended, to troubleshoot issues, and to improve speed, reliability, and accessibility across devices.

• To improve user experience: Understanding how users interact with different parts of our site helps us fine-tune content, layout, and navigation — so that you find what you’re looking for faster and with less friction.

• To respond to you directly: When you fill out a contact form or download a document, we use the data you provide to communicate with you, deliver requested content, and follow up where needed. If you’ve given us permission to do so, we may also use your details to keep you informed about related services.

• To ensure security: Data helps us detect suspicious activity, prevent misuse, and protect both our site and its visitors. Without this vigilance, we wouldn’t be able to maintain a trustworthy digital environment.

• To assess and improve marketing relevance: If you’ve opted in, we may use your behavior on our site to better tailor our messaging and make sure we’re only sending what’s meaningful to you.

• To meet our legal obligations: From recordkeeping to compliance with data access laws, some of our processing is simply required to operate lawfully.

We take privacy seriously, and we never use your personal data in a way that goes against these purposes. If a new use emerges, we’ll let you know and ask for your consent when needed.

Under the General Data Protection Regulation (GDPR), we must always have a valid legal reason — or “lawful basis” — for using your personal data. This is not just a legal formality. It’s about ensuring that the way we use your information is respectful, proportionate, and fully accountable.

Here’s how we align each of our activities with the law:

• Consent: In some cases, we ask you explicitly for permission before we process your data. This applies to non-essential cookies, newsletters, downloadable resources, or any marketing outreach that you choose to opt into. You can withdraw this consent at any time, and we make it easy to do so.

• Legitimate interest: For many routine functions — like securing the website, analyzing general usage patterns, or improving user experience — we rely on what’s called a “legitimate interest.” This means we use your data in ways that are necessary for our operations but do so with full respect for your privacy rights. We conduct balancing tests to ensure our interests don’t override yours.

• Pre-contractual necessity: When you submit a form asking for more information about our services, or request a quote or follow-up, we use the data you give us to carry out those steps — even before any formal contract is in place.

• Legal obligation: Sometimes we are required by law to process your information. This may include data we retain for tax purposes, compliance with cybersecurity directives, or cooperating with lawful investigations.

Each of these legal grounds ensures that we’re using your data fairly and transparently — and always in a way that aligns with both your expectations and your rights.

We use cookies and similar technologies on our website to enhance your experience, make our site function properly, analyze its usage, and tailor content and advertisements to your interests. A cookie is a small data file stored on your device that helps us recognize returning visitors and remember preferences or actions.

We classify the cookies we use into the following categories:

• Strictly necessary cookies: These cookies are essential for the proper functioning of the site. They enable features like form submissions, navigation, cookie preferences, and access to secure areas. Without them, our website cannot perform its basic functions.

• Performance and analytics cookies: These cookies help us understand how visitors interact with the site by collecting information such as page visits, bounce rates, and traffic sources. We use services like Google Analytics and HubSpot to gain insights that help us improve site performance and usability.

• Functional cookies: These cookies allow the website to remember choices you make — like your preferred language, region, or settings — and provide enhanced features. They may also support embedded services like video playback, chat functions, or content customization.

• Marketing and communication cookies: With your consent, we use cookies that track browsing behavior across websites to display relevant ads or content. These may come from our marketing partners such as LinkedIn, HubSpot, or Google Ads. They help us understand the effectiveness of our outreach and allow us to personalize messaging.

When you visit our site, you are presented with a cookie banner powered by CookieScript. This banner allows you to manage your preferences by selecting which categories of cookies you want to accept — such as performance, targeting, functionality, or strictly necessary (which cannot be turned off). You can accept all, decline all, or fine-tune your choices. The banner automatically adapts to your browser language and saves your preferences for up to 12 months, depending on your browser configuration.

If you wish to revisit or adjust your preferences, you can do so at any time via the small cookie icon on the website or through your browser settings.

We believe in giving you clear control and visibility over how cookies are used. For a full list of cookies active on our site, including provider, purpose, and expiry, please refer to our detailed cookie statement.

We treat your personal data with care and only share it when necessary to deliver our website services securely and effectively. Data collected through our website is processed primarily within our own systems and through HubSpot — our customer relationship management and marketing automation platform.

In the context of website operations, we may share limited personal data with:

• Our Dutch subcontractors and service providers, such as our web development agency, hosting provider, and analytics consultant. These parties are based in the Netherlands, operate under strict data processing agreements, and only access data where strictly necessary for their service.

• HubSpot, which processes data in accordance with GDPR guidelines. By default, we use EU-hosted infrastructure, and data is processed in a manner that ensures full alignment with EU data protection principles.

• Supervisory or legal authorities, but only if we are legally obligated to do so.

We do not share, sell, or trade your personal data with third parties for commercial gain, and we ensure every partner who handles your data upholds the same privacy standards we do. Your data stays in trusted hands — within the EU — unless explicitly stated otherwise and with full safeguards in place.

We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected. This helps us operate efficiently, minimize risk, and respect your privacy.

For data collected through our website, we follow these general retention periods:

• Contact form submissions: Data submitted through contact, demo, or subscription forms is stored for up to 12 months, unless you become a customer. This timeframe allows us to respond to your inquiry, follow up if necessary, and evaluate interest in our services.

• Analytics data: Usage and interaction data collected through tools like Google Analytics or HubSpot is typically retained for up to 26 months. This enables us to understand long-term trends while respecting data minimization principles.

• HubSpot workflow data: Action log data related to workflows (such as enrollment events) is stored for varying durations:

  • Up to 180 days: All detailed workflow action logs.

  • 180 days – 2 years: Summary log data, including event type and object ID.

  • 2+ years: Enrollment data is retained in aggregate form to support historical filtering.

• Cookie consent logs: Records of your cookie preferences are stored for 12 months, in compliance with ePrivacy requirements.

You have rights under the General Data Protection Regulation (GDPR), and we want you to be fully aware of them. These rights are not optional — they are central to how we think about privacy. We are committed to helping you exercise them in a transparent and respectful manner.

You have the right to:

• Access your data: You can ask us whether we hold personal data about you, and if so, what that data is and how we use it.

• Correct your data: If you believe we’ve recorded something incorrectly — like a misspelled name or outdated contact detail — you can request that we correct it.

• Delete your data: In many cases, you can ask us to delete your personal information entirely. This is also known as the “right to be forgotten.”

• Restrict or object to processing: If you don’t agree with how we’re using your data — or just want us to pause — you have the right to object or ask us to limit processing.

• Withdraw your consent: If you previously agreed to something (like marketing emails) but have changed your mind, you can withdraw that consent at any time. This won’t affect the legality of the data we used before your withdrawal.

• File a complaint: If you feel your rights are not being respected, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at http://www.autoriteitpersoonsgegevens.nl.

To exercise any of these rights, simply send an email to privacy@soundofdata.nl. We will respond within 30 days, and sooner whenever possible. If your request is complex or requires extra verification, we’ll keep you informed throughout the process.

We take the protection of your personal data seriously and build security into everything we do — from infrastructure to day-to-day operations. Our goal is to create an environment where your information is treated with the highest level of care, and where unauthorized access, loss, or misuse is proactively prevented.

Here’s how we do that:

• Multi-layered system protection: We use Transport Layer Security (TLS) to encrypt all traffic between your browser and our website, ensuring that data in transit cannot be intercepted or altered.

• Secure authentication: Access to backend systems is protected by strong, individual user accounts, combined with multi-factor authentication (MFA). Only authorized personnel can access administrative environments.

• Robust access control: All accounts operate on a strict “least privilege” principle. Each team member has access only to what they need — nothing more.

• Continuous threat monitoring: We monitor our website and hosting infrastructure for unusual traffic patterns and abuse attempts, including bots, scraping, DDoS traffic, and other forms of malicious activity. These monitoring tools help us detect, mitigate, and learn from potential threats.

• Logging and audit trails: Critical systems maintain detailed logs, which are regularly reviewed. This enables us to trace actions, monitor anomalies, and investigate incidents quickly and thoroughly.

• Security by design: From the moment a system or feature is designed, we embed security into its foundation — minimizing vulnerabilities before they can be exploited.

These safeguards are reviewed regularly, updated as needed, and supported by a privacy-aware company culture. While no system can guarantee absolute security, we continuously work to meet or exceed industry standards in protecting your information.

We’re committed to keeping you informed about how we handle your data. As our website evolves, or as privacy laws and best practices develop, we may need to update this policy from time to time.

If we make changes, we’ll update the “Last updated” date at the top of this page so you can easily see what’s new. If the changes are substantial — for example, if we start using your data in a new way — we’ll provide a clear notice on our website and, where legally required, request your consent again.

We encourage you to check this page periodically to stay informed about how we protect your privacy.

Last updated: May 2, 2025