Terms of service
Privacy Policy MomentumAI
The protection of the confidentiality, integrity, and availability of the data we collect, process or store on our website and in connection with the use of the MomentumAI Platform is of utmost importance to us.
We have established security procedures to ensure the confidentiality of your data.
This Privacy Policy informs you about the type, scope, and purposes of the processing of personal data when using our website momentumai.nl, our social media accounts and the MomentumAI Platform, insofar as we are responsible for the data processing.
We also inform you about the rights you have as a data subject. Personal data encompasses all data that relates (directly or indirectly) to you as an individual and that makes it possible to identify you, such as your name, gender, address or your user behavior on a website. For questions you can go here:
If you have further questions about data protection, you can contact us at any time using the contact details below or fill in the form on our website https://momentumai.nl/contact-support.
The data controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR) for the data processing described in this Privacy Policy is:
MomentumAI
J van Hasseltweg 33A Amsterdam
E-mail: privacy@momentumai.nl
Our data protection officer is
Mariam Ibrahim, which can be contacted at privacy@momentumai.nl if you have any questions or concerns about data protection.
For more information about our company, we refer you to the legal imprint on our website.
Data Processing When You Visit the Website
Technical Data Processing
To ensure the secure and reliable operation of our platform, certain technical data is automatically processed when you use our services.
Application Logs
Our platform logs technical events to maintain security and diagnose issues. When errors or significant events occur during the processing of your requests on our servers, we may record:
User ID (anonymized identifier)
Session timestamp
Error codes and diagnostic information
IP address (in security-related events only)
Sensitive information such as API keys and authentication tokens is automatically redacted from all logs. This data is stored in compressed format and automatically deleted after 14 days. Errors that occur in your browser are handled locally and are not automatically transmitted to our servers.
Authentication Logs
We maintain logs of authentication-related events, including login attempts, password resets, and two-factor authentication events. These logs help us detect unauthorized access and protect your account. Authentication logs are retained for 14 days. Security Monitoring To protect our platform from threats, we operate intrusion detection systems that monitor network activity for malicious behavior. When security violations occur (such as repeated failed login attempts or rate limit violations), we may temporarily record your IP address and browser information. This security data is retained for 2 hours or until any temporary restriction expires. Transaction Records When you use AI services on our platform, we record token usage for billing and service management purposes. These records include your user ID, the AI model used, token amounts, and timestamps. Transaction records are retained as part of your account data.
System-Level Auditing
For compliance and security purposes, we maintain system-level audit logs that record administrative actions, configuration changes, and access to critical systems. These logs are retained for approximately 14 days.
Legal Basis
The legal basis for processing this technical data is our legitimate interest in ensuring the security, integrity, and error-free operation of our platform (Art. 6(1)(f) GDPR), as well as the performance of our contract with you for the delivery of our services (Art. 6(1)(b) GDPR).
Requests via Email, Chatbot or Customer Service
If you contact us via email, our website's chatbot, or customer service, we process the personal data you provide exclusively to handle your request. The data we collect includes your name, email address, company name, phone number, and the content of your message. Our employees are trained to handle this data securely and are contractually obligated to maintain confidentiality.
The legal basis for this processing is the performance of a contract (Art. 6 para. 1 lit. b GDPR). We may be legally obligated to retain this data longer, for example if your contact request relates to a contract or warranty claim. In that case, we will delete your data no later than after the expiry of the statutory retention period (for example after 10 years, calculated from the conclusion of the contract), without you having to send us a request for this.
Direct Marketing
If you conclude a paid contract for the use of our services and provide your email address, MomentumAI may use this email address for direct advertising for similar goods or services. You have the right to object to this use of your email address at any time, without incurring any costs other than transmission costs according to basic rates. Every email contains an unsubscribe link for this purpose. You can also object by sending an email to privacy@momentumai.nl
The legal basis for this data processing is our legitimate interest (Art. 6 para. 1 lit. f GDPR) in promoting similar goods and services. You can object to data processing for direct marketing at any time without giving reasons.
Email addresses and any associated names are processed to ensure the validity of the addresses provided and to maintain the quality of our communication. This is based on our legitimate interest in correct and secure communication (Art. 6 para. 1 lit. f GDPR).
Processing When Registering a Customer Account
On our website it is possible to create a customer account. An account is required to subscribe to paid services. If you want to register, we will send a confirmation link to the email address you provided. Via this link you will reach the registration screen where you can enter the required information.
When you register for an account, we process the following data for the purpose of creating and managing your account:
Data processed: Your contact details (name, email address, telephone number), company name, address details, and registration date.
Purpose of processing: To create your customer account, provide access to our services, and fulfill our contractual obligations with you.
Legal basis: The performance of a contract (Art. 6 para. 1 lit. b GDPR).
For security purposes, we also process the following data:
Data processed: The IP address of your device.
Purpose of processing: To prevent misuse of our services and ensure the security of our IT systems.
Legal basis: Our legitimate interest in preventing fraud and securing our platform (Art. 6 para. 1 lit. f GDPR).
The majority of your data will be deleted when you delete your customer account, including your profile information, conversations, messages, files, and transaction records. Certain data associated with shared resources (such as agents or prompts you created) may be retained in anonymized form or deleted separately. We do not retain personal data beyond what is necessary, unless we are legally obligated to do so.
Processing for Paid Subscriptions
If you purchase a subscription via our website, we process the following data:
IP address of the device with which the order is placed;
Date and time of the order;
Contact details such as your email address;
Payment data;
The subscription you have chosen;
Any other data you provide during the registration process (e.g. a "promo code").
For payment processing, we pass on the necessary payment data to the payment service provider Stripe. We store only the Stripe Customer ID and Subscription ID to manage your subscription and process webhooks. The legal basis for processing is the necessity for concluding and executing the contract (Art. 6(1)(b) GDPR). Retention periods:
Payment webhook logs: Automatically deleted after 90 days
Subscription identifiers (Stripe Customer ID, Subscription ID): Retained for the duration of your account, and deleted when you delete your account
Trial eligibility data (card fingerprint, email): Retained permanently to prevent fraudulent trial abuse, based on our legitimate interest in preventing fraud (Art. 6(1)(f) GDPR)
Transaction records related to your usage are deleted when you delete your account, unless we are legally obligated to retain them for tax or accounting purposes.
Use of Processors
To be able to provide the above-mentioned services, we use carefully selected external service providers who process personal data on our behalf (processors). This applies in particular to activities such as hosting, technical infrastructure, customer service, communication (e.g. via email or chat), payment processing, data analysis and our partner program.
Data processing takes place exclusively on the basis of processor agreements in accordance with Art. 28 para. 3 GDPR. Our service providers are contractually obligated to process personal data only according to our instructions and in compliance with high data security standards. Where possible, data processing takes place within the European Union or the European Economic Area.
Transfer of Data to Third Countries
We process personal data primarily on servers within the European Union. Our AI processing services, file storage, email services, and search functionality are all hosted within the EU.
Payment Processing (United States)
For payment processing, we use Stripe Inc., which is located in the United States. The following data is transferred to Stripe:
Email address and phone number
Payment card information (processed directly by Stripe)
Subscription and billing details
This transfer is protected by Stripe's certification under the EU-US Data Privacy Framework and EU Standard Contractual Clauses, in compliance with Art. 44 et seq. GDPR.
Content Delivery and Security (Cloudflare)
We use Cloudflare to protect our platform against attacks and improve performance. When you access our website, the following data may be processed by Cloudflare:
IP address
Browser information and HTTP headers
Pages visited
While Cloudflare primarily processes EU traffic within the European Union, we cannot fully guarantee that data is never routed through servers in the United States due to the nature of Cloudflare's global network. This transfer is protected by EU Standard Contractual Clauses and Cloudflare's Data Processing Addendum. For questions about data transfers, you can contact privacy@momentumai.nl
Retention Period of Your Personal Data
Unless a shorter retention period is specified, we generally retain personal data only (i) as long as necessary to provide you with the services and/or (ii) as long as necessary with regard to the contractual relationship. After that, the data is only retained if and to the extent that we are obligated to do so based on legal retention obligations.
Cookies and Similar Technologies
We use cookies and similar technologies (e.g. pixels) on our website and platform. Cookies are text files that your browser automatically creates and stores on your device. Some cookies are deleted after your browser session ("session cookies"). Others remain stored longer to recognize you, for example, on a subsequent visit.
You can prevent the use of cookies by adjusting your browser settings, although this may limit the functionality of the website.
We use the following types of cookies:
Necessary cookies: Strictly necessary for the functionality of our website. The legal basis is our legitimate interest in ensuring the technical functionality, security, and error-free delivery of our website (Art. 6 para. 1 lit. f GDPR).
Analysis & Statistics: To statistically evaluate and improve the use of our website and platform. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR).
Third-Party Cookies: These cookies are placed by other companies (third parties) whose services are used on our website, for example, for analytics, advertising, or social media integration. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR).
Via our cookie banner you can manage your settings, give consent or withdraw your consent at any time.
Presence on Social Media
If you contact us via your profile on LinkedIn (e.g. by sending a private message), we are joint controllers with the social media platform. Besides that we process the data provided exclusively to contact you. The legal basis is the performance of a contract (Art. 6 para. 1 lit. b GDPR).
Your Rights Regarding Your Personal Data
You have the following rights:
Right to information: About which data we process, the purposes, recipients, retention periods and more.
Right to rectification: Of incorrect or incomplete data.
Right to erasure: If the purpose of processing has ceased, consent has been withdrawn, or there is no other legal basis.
Right to restriction of processing.
Right to data portability: Receiving your data in a structured, common and machine-readable format.
Right to object: Against processing based on legitimate interest.
Right to lodge a complaint with a supervisory authority
If you have given consent for processing, you can withdraw it at any time.
Our services and the laws that govern them are always evolving, so we may need to update this Privacy Policy from time to time.
If we make changes, we will notify you by posting the updated policy on our website. For any significant changes, we will also provide a more prominent notice, such as sending an email notification. By continuing to use our platform after these changes become effective, we assume that you have been informed to the changes in the privacy policy.
READ THIS PRIVACY STATEMENT CAREFULLY BEFORE USING THIS SITE
(Privacy Policy – MomentumAI) MomentumAI B.V. J van Hasseltweg 33A, 1021 KN Amsterdam, Netherlands CoC: 92208169 – VAT: NL865934150B01
Introduction
The protection of the confidentiality, integrity, and availability of the data we collect, process, or store on our website and in relation to the use of the MomentumAI Platform is of utmost importance to us. We have established security procedures to ensure the confidentiality of your data. This Privacy Policy informs you about the type, extent, and purposes of the processing of personal data when using our website momentumai.nl, our social media accounts, and the MomentumAI Platform, insofar as we are responsible for the data processing. We also inform you about the rights you have as a data subject. Personal data is any information that relates (directly or indirectly) to you as an individual and that makes it possible to identify you, such as your name, gender, address, or your user behaviour on a website. If you have any further questions about data protection, you can contact us at any time using the contact details below.
Data Controller, Contact, and Data Protection Officer
The data controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR) for the data processing described in this Privacy Policy is: MomentumAI J van Hasseltweg 33A Amsterdam Email: privacy@momentumai.nl For more information about our company, please refer to the imprint on our website.
Data Processing When You Visit the Website
To ensure a smooth connection and a pleasant use of our website, and to enhance the attractiveness of our services, certain personal data is automatically processed when you visit our website. This includes, for example, information about the browser and operating system you are using. This log data is automatically collected and stored as "Server Log Files". These data include: the IP address of the device used to visit our website; The URL of the website from which our website was visited (referrer URL); The date and time of access; Content of the request (specific page); Information about whether the request was successful (access status/HTTP status code); The amount of data transferred; The device (PC, mobile phone), operating system, and details of the internet browser used; Language and version of the browser software. These data are stored in encrypted form and are regularly deleted at our request. The legal basis for this processing is our legitimate interest in flawless delivery of our website. The right to erasure under Article 17 of the GDPR remains in effect. When using our platform, in addition to the above-mentioned technical data, additional personal data may be processed when error messages occur. In these cases, limited technical information is logged (such as user ID, IP address, session timestamp, and specific error codes) to analyze and correct errors and to improve the stability and reliability of our platform. These debugging data are retained for a maximum of 30 days and are automatically deleted thereafter. The data are processed solely for technical error analysis and platform optimization. The legal basis for this is our legitimate interest (Art. 6 (1) (f) GDPR). We have weighed that our interest in a stable and secure platform outweighs the limited impact on your privacy, considering the technical nature of the data, the brief retention period, and the fact that this processing is necessary for the service you expect from us.
Requests via Email, Chatbot, or Customer Service
If you contact us via email or send a message through the chatbot on our website, the personal data you send (particularly contact and communication details) will be stored by us along with your request. Within the support communication, personal data such as email addresses, names, and the content of support messages may be processed. MomentumAI uses this data solely to handle your request. Our employees are trained to handle customer data confidentially and securely and are contractually obligated to maintain confidentiality. Additionally, personal data such as names, email addresses, phone numbers, and the content of the communication are processed for structured management of customer relationships and for the internal processing of customer data for support requests. The legal basis for this processing is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR) if the request is aimed at entering into a contract. The data will be deleted once the purpose of the processing ceases, for example, after your question has been definitively answered. We may be legally required to retain this data longer, for example, if your contact request relates to a contractual or warranty claim. In this case, we will delete your data no later than after the statutory retention period has expired (for example, after 10 years, calculated from the conclusion of the contract), without you having to send us a request for this.
Direct Marketing
If you enter into a paid contract for the use of our services and provide your email address, MomentumAI may use this email address for direct advertising for similar goods or services. You have the right to object to this use of your email address at any time, without any costs other than the transmission costs according to the basic rates. Every email includes an unsubscribe link for this purpose. You may also object by sending an email to privacy@momentumai.nl The legal basis for this data processing is our legitimate interest (Art. 6 (1) (f) GDPR). You can object to the data processing for direct marketing at any time without giving reasons. To verify email addresses, email addresses and any associated names are processed to ensure the validity of the provided addresses and maintain the quality of our communication. This is based on our legitimate interest in correct and secure communication (Art. 6 (1) (f) GDPR).
Processing When Registering a Customer Account
On our website, it is possible to create a customer account. An account is required to subscribe to paid services. If you wish to register, we will send a confirmation link to the email address you provided. Via this link, you will arrive at the registration screen where you can enter the required information. The data we process during registration includes in particular: When registering, we process the following personal data: • Your contact details (name, email address, phone number), company name, address details, and registration date - legal basis: performance of a contract (Art. 6 (1) (b) GDPR) • IP address of your device - legal basis: our legitimate interest in preventing misuse and ensuring our system security (Art. 6 (1) (f) GDPR) The data will be deleted when you delete your customer account, unless we are legally obligated to retain this data for a longer period.
Processing for Paid Subscriptions
In addition to the free trial period, you have the option to take out a subscription for paid services through your customer account. If you take out a subscription through our website, we process the following data: The IP address of the device from which the order is placed; Date and time of the order; Contact details such as your email address; Payment details; The subscription you chose; All other data you provide during the registration process (e.g., a "promo code"). For payment processing, we pass on the necessary payment details to the payment service provider we have engaged. We only process the Stripe Subscription ID for payment processing. This processing is necessary for the conclusion and execution of the contract. The legal basis is Art. 6 (1) (b) GDPR. The data will be deleted once the purpose of the processing ceases, for example, when you terminate your subscription, unless we are legally required to retain the data for a longer period.
Processing for Participation in the Partner Program
If you participate in our partner or affiliate program, we process certain personal data for the administration of your partnership. This particularly includes: Your name, email address, and postal address; Bank details for the payment of commissions; Other information necessary for verification or execution of the cooperation. This data is processed on the basis of the performance of a contract (Art. 6 (1) (b) GDPR) and our legitimate interest in efficient management of our partner program (Art. 6 (1) (f) GDPR).
Use of Processors
To provide the above services, we make use of carefully selected external service providers who process personal data on our behalf (processors). This specifically applies to activities such as hosting, technical infrastructure, customer service, communication (e.g., via email or chat), payment processing, data analysis, and our partner program. The data processing takes place solely on the basis of processing agreements in accordance with Art. 28 (3) GDPR. Our service providers are contractually obligated to process personal data only in accordance with our instructions and with due regard to high data security standards. Where possible, the data processing takes place within the European Union or the European Economic Area.
Transfer of Data to Third Countries
In principle, we process personal data on servers within the European Union. However, when providing our services, certain data may be transferred to service providers in "third countries" (countries outside the EU/EEA where the GDPR does not apply directly). Such transfers only take place under the conditions of Art. 44 et seq. GDPR. This means in concrete terms: A transfer is permitted if the European Commission has determined that there is an adequate level of protection in the relevant third country ("adequacy decision"). If there is no adequacy decision, personal data may only be transferred if there are appropriate safeguards, such as by entering into EU standard contractual clauses or if the receiving company is certified under the EU-US Data Privacy Framework. In exceptional cases, a transfer may take place on the basis of a legal exemption according to Art. 49 GDPR. For questions about specific data transfers, you can always contact privacy@momentumai.nl
Retention Period of Your Personal Data
Unless a shorter retention period is specified, we generally only retain personal data (i) as long as necessary to provide you with the services and/or (ii) as long as necessary concerning the contractual relationship. Thereafter, the data will only be retained as and to the extent we are required to do so under legal retention obligations.
Cookies and Similar Technologies
We use cookies and similar technologies (e.g., pixels) on our website and platform. Cookies are text files that your browser automatically creates and stores on your device. Some cookies are deleted after your browsing session ("session cookies"). Others remain stored longer to recognise you on a subsequent visit, for example. You can prevent the use of cookies by adjusting your browser settings, though this may limit the functionality of the website. We use the following types of cookies: Necessary cookies: Strictly necessary for the functionality of our website. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR). Analysis & Statistics: To statistically evaluate and improve the use of our website and our platform. The legal basis is your consent (Art. 6 (1) (a) GDPR). Via our cookie banner, you can manage your settings, give consent, or withdraw your consent at any time.
Presence on Social Media
If you contact us via your profile on X (Twitter) or LinkedIn (e.g., by sending a private message), we process the data provided solely to reach out to you. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR).
Your Rights Regarding Your Personal Data
You have the following rights: Right to information: About what data we process, the purposes, recipients, retention periods, and more. Right to rectification: Of inaccurate or incomplete data. Right to erasure: If the purpose of the processing has ceased, consent has been withdrawn, or there is no other legal basis. Right to restriction of processing. Right to data portability: The right to receive your data in a structured, commonly used, and machine-readable format. Right to object: Against processing based on legitimate interest. If you have given consent for processing, you can withdraw it at any time. Our services and the laws governing them are constantly evolving, so it may be necessary for us to update this Privacy Policy from time to time. If we make changes, we will notify you by posting the updated policy on our website. For significant changes, we will also provide a more prominent notice, such as sending an email notification. By continuing to use our platform after these changes take effect, we assume that you agree to the revised privacy policy.
READ THIS PRIVACY STATEMENT CAREFULLY BEFORE USING THIS SITE
(Privacy Policy – MomentumAI) MomentumAI B.V. J van Hasseltweg 33A, 1021 KN Amsterdam, Netherlands CoC: 92208169 – VAT: NL865934150B01
Introduction
The protection of the confidentiality, integrity, and availability of the data we collect, process, or store on our website and in relation to the use of the MomentumAI Platform is of utmost importance to us. We have established security procedures to ensure the confidentiality of your data. This Privacy Policy informs you about the type, extent, and purposes of the processing of personal data when using our website momentumai.nl, our social media accounts, and the MomentumAI Platform, insofar as we are responsible for the data processing. We also inform you about the rights you have as a data subject. Personal data is any information that relates (directly or indirectly) to you as an individual and that makes it possible to identify you, such as your name, gender, address, or your user behaviour on a website. If you have any further questions about data protection, you can contact us at any time using the contact details below.
Data Controller, Contact, and Data Protection Officer
The data controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR) for the data processing described in this Privacy Policy is: MomentumAI J van Hasseltweg 33A Amsterdam Email: privacy@momentumai.nl For more information about our company, please refer to the imprint on our website.
Data Processing When You Visit the Website
To ensure a smooth connection and a pleasant use of our website, and to enhance the attractiveness of our services, certain personal data is automatically processed when you visit our website. This includes, for example, information about the browser and operating system you are using. This log data is automatically collected and stored as "Server Log Files". These data include: the IP address of the device used to visit our website; The URL of the website from which our website was visited (referrer URL); The date and time of access; Content of the request (specific page); Information about whether the request was successful (access status/HTTP status code); The amount of data transferred; The device (PC, mobile phone), operating system, and details of the internet browser used; Language and version of the browser software. These data are stored in encrypted form and are regularly deleted at our request. The legal basis for this processing is our legitimate interest in flawless delivery of our website. The right to erasure under Article 17 of the GDPR remains in effect. When using our platform, in addition to the above-mentioned technical data, additional personal data may be processed when error messages occur. In these cases, limited technical information is logged (such as user ID, IP address, session timestamp, and specific error codes) to analyze and correct errors and to improve the stability and reliability of our platform. These debugging data are retained for a maximum of 30 days and are automatically deleted thereafter. The data are processed solely for technical error analysis and platform optimization. The legal basis for this is our legitimate interest (Art. 6 (1) (f) GDPR). We have weighed that our interest in a stable and secure platform outweighs the limited impact on your privacy, considering the technical nature of the data, the brief retention period, and the fact that this processing is necessary for the service you expect from us.
Requests via Email, Chatbot, or Customer Service
If you contact us via email or send a message through the chatbot on our website, the personal data you send (particularly contact and communication details) will be stored by us along with your request. Within the support communication, personal data such as email addresses, names, and the content of support messages may be processed. MomentumAI uses this data solely to handle your request. Our employees are trained to handle customer data confidentially and securely and are contractually obligated to maintain confidentiality. Additionally, personal data such as names, email addresses, phone numbers, and the content of the communication are processed for structured management of customer relationships and for the internal processing of customer data for support requests. The legal basis for this processing is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR) if the request is aimed at entering into a contract. The data will be deleted once the purpose of the processing ceases, for example, after your question has been definitively answered. We may be legally required to retain this data longer, for example, if your contact request relates to a contractual or warranty claim. In this case, we will delete your data no later than after the statutory retention period has expired (for example, after 10 years, calculated from the conclusion of the contract), without you having to send us a request for this.
Direct Marketing
If you enter into a paid contract for the use of our services and provide your email address, MomentumAI may use this email address for direct advertising for similar goods or services. You have the right to object to this use of your email address at any time, without any costs other than the transmission costs according to the basic rates. Every email includes an unsubscribe link for this purpose. You may also object by sending an email to privacy@momentumai.nl The legal basis for this data processing is our legitimate interest (Art. 6 (1) (f) GDPR). You can object to the data processing for direct marketing at any time without giving reasons. To verify email addresses, email addresses and any associated names are processed to ensure the validity of the provided addresses and maintain the quality of our communication. This is based on our legitimate interest in correct and secure communication (Art. 6 (1) (f) GDPR).
Processing When Registering a Customer Account
On our website, it is possible to create a customer account. An account is required to subscribe to paid services. If you wish to register, we will send a confirmation link to the email address you provided. Via this link, you will arrive at the registration screen where you can enter the required information. The data we process during registration includes in particular: When registering, we process the following personal data: • Your contact details (name, email address, phone number), company name, address details, and registration date - legal basis: performance of a contract (Art. 6 (1) (b) GDPR) • IP address of your device - legal basis: our legitimate interest in preventing misuse and ensuring our system security (Art. 6 (1) (f) GDPR) The data will be deleted when you delete your customer account, unless we are legally obligated to retain this data for a longer period.
Processing for Paid Subscriptions
In addition to the free trial period, you have the option to take out a subscription for paid services through your customer account. If you take out a subscription through our website, we process the following data: The IP address of the device from which the order is placed; Date and time of the order; Contact details such as your email address; Payment details; The subscription you chose; All other data you provide during the registration process (e.g., a "promo code"). For payment processing, we pass on the necessary payment details to the payment service provider we have engaged. We only process the Stripe Subscription ID for payment processing. This processing is necessary for the conclusion and execution of the contract. The legal basis is Art. 6 (1) (b) GDPR. The data will be deleted once the purpose of the processing ceases, for example, when you terminate your subscription, unless we are legally required to retain the data for a longer period.
Processing for Participation in the Partner Program
If you participate in our partner or affiliate program, we process certain personal data for the administration of your partnership. This particularly includes: Your name, email address, and postal address; Bank details for the payment of commissions; Other information necessary for verification or execution of the cooperation. This data is processed on the basis of the performance of a contract (Art. 6 (1) (b) GDPR) and our legitimate interest in efficient management of our partner program (Art. 6 (1) (f) GDPR).
Use of Processors
To provide the above services, we make use of carefully selected external service providers who process personal data on our behalf (processors). This specifically applies to activities such as hosting, technical infrastructure, customer service, communication (e.g., via email or chat), payment processing, data analysis, and our partner program. The data processing takes place solely on the basis of processing agreements in accordance with Art. 28 (3) GDPR. Our service providers are contractually obligated to process personal data only in accordance with our instructions and with due regard to high data security standards. Where possible, the data processing takes place within the European Union or the European Economic Area.
Transfer of Data to Third Countries
In principle, we process personal data on servers within the European Union. However, when providing our services, certain data may be transferred to service providers in "third countries" (countries outside the EU/EEA where the GDPR does not apply directly). Such transfers only take place under the conditions of Art. 44 et seq. GDPR. This means in concrete terms: A transfer is permitted if the European Commission has determined that there is an adequate level of protection in the relevant third country ("adequacy decision"). If there is no adequacy decision, personal data may only be transferred if there are appropriate safeguards, such as by entering into EU standard contractual clauses or if the receiving company is certified under the EU-US Data Privacy Framework. In exceptional cases, a transfer may take place on the basis of a legal exemption according to Art. 49 GDPR. For questions about specific data transfers, you can always contact privacy@momentumai.nl
Retention Period of Your Personal Data
Unless a shorter retention period is specified, we generally only retain personal data (i) as long as necessary to provide you with the services and/or (ii) as long as necessary concerning the contractual relationship. Thereafter, the data will only be retained as and to the extent we are required to do so under legal retention obligations.
Cookies and Similar Technologies
We use cookies and similar technologies (e.g., pixels) on our website and platform. Cookies are text files that your browser automatically creates and stores on your device. Some cookies are deleted after your browsing session ("session cookies"). Others remain stored longer to recognise you on a subsequent visit, for example. You can prevent the use of cookies by adjusting your browser settings, though this may limit the functionality of the website. We use the following types of cookies: Necessary cookies: Strictly necessary for the functionality of our website. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR). Analysis & Statistics: To statistically evaluate and improve the use of our website and our platform. The legal basis is your consent (Art. 6 (1) (a) GDPR). Via our cookie banner, you can manage your settings, give consent, or withdraw your consent at any time.
Presence on Social Media
If you contact us via your profile on X (Twitter) or LinkedIn (e.g., by sending a private message), we process the data provided solely to reach out to you. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR).
Your Rights Regarding Your Personal Data
You have the following rights: Right to information: About what data we process, the purposes, recipients, retention periods, and more. Right to rectification: Of inaccurate or incomplete data. Right to erasure: If the purpose of the processing has ceased, consent has been withdrawn, or there is no other legal basis. Right to restriction of processing. Right to data portability: The right to receive your data in a structured, commonly used, and machine-readable format. Right to object: Against processing based on legitimate interest. If you have given consent for processing, you can withdraw it at any time. Our services and the laws governing them are constantly evolving, so it may be necessary for us to update this Privacy Policy from time to time. If we make changes, we will notify you by posting the updated policy on our website. For significant changes, we will also provide a more prominent notice, such as sending an email notification. By continuing to use our platform after these changes take effect, we assume that you agree to the revised privacy policy.
READ THIS PRIVACY STATEMENT CAREFULLY BEFORE USING THIS SITE
(Privacy Policy – MomentumAI) MomentumAI B.V. J van Hasseltweg 33A, 1021 KN Amsterdam, Netherlands CoC: 92208169 – VAT: NL865934150B01
Introduction
The protection of the confidentiality, integrity, and availability of the data we collect, process, or store on our website and in relation to the use of the MomentumAI Platform is of utmost importance to us. We have established security procedures to ensure the confidentiality of your data. This Privacy Policy informs you about the type, extent, and purposes of the processing of personal data when using our website momentumai.nl, our social media accounts, and the MomentumAI Platform, insofar as we are responsible for the data processing. We also inform you about the rights you have as a data subject. Personal data is any information that relates (directly or indirectly) to you as an individual and that makes it possible to identify you, such as your name, gender, address, or your user behaviour on a website. If you have any further questions about data protection, you can contact us at any time using the contact details below.
Data Controller, Contact, and Data Protection Officer
The data controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR) for the data processing described in this Privacy Policy is: MomentumAI J van Hasseltweg 33A Amsterdam Email: privacy@momentumai.nl For more information about our company, please refer to the imprint on our website.
Data Processing When You Visit the Website
To ensure a smooth connection and a pleasant use of our website, and to enhance the attractiveness of our services, certain personal data is automatically processed when you visit our website. This includes, for example, information about the browser and operating system you are using. This log data is automatically collected and stored as "Server Log Files". These data include: the IP address of the device used to visit our website; The URL of the website from which our website was visited (referrer URL); The date and time of access; Content of the request (specific page); Information about whether the request was successful (access status/HTTP status code); The amount of data transferred; The device (PC, mobile phone), operating system, and details of the internet browser used; Language and version of the browser software. These data are stored in encrypted form and are regularly deleted at our request. The legal basis for this processing is our legitimate interest in flawless delivery of our website. The right to erasure under Article 17 of the GDPR remains in effect. When using our platform, in addition to the above-mentioned technical data, additional personal data may be processed when error messages occur. In these cases, limited technical information is logged (such as user ID, IP address, session timestamp, and specific error codes) to analyze and correct errors and to improve the stability and reliability of our platform. These debugging data are retained for a maximum of 30 days and are automatically deleted thereafter. The data are processed solely for technical error analysis and platform optimization. The legal basis for this is our legitimate interest (Art. 6 (1) (f) GDPR). We have weighed that our interest in a stable and secure platform outweighs the limited impact on your privacy, considering the technical nature of the data, the brief retention period, and the fact that this processing is necessary for the service you expect from us.
Requests via Email, Chatbot, or Customer Service
If you contact us via email or send a message through the chatbot on our website, the personal data you send (particularly contact and communication details) will be stored by us along with your request. Within the support communication, personal data such as email addresses, names, and the content of support messages may be processed. MomentumAI uses this data solely to handle your request. Our employees are trained to handle customer data confidentially and securely and are contractually obligated to maintain confidentiality. Additionally, personal data such as names, email addresses, phone numbers, and the content of the communication are processed for structured management of customer relationships and for the internal processing of customer data for support requests. The legal basis for this processing is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR) if the request is aimed at entering into a contract. The data will be deleted once the purpose of the processing ceases, for example, after your question has been definitively answered. We may be legally required to retain this data longer, for example, if your contact request relates to a contractual or warranty claim. In this case, we will delete your data no later than after the statutory retention period has expired (for example, after 10 years, calculated from the conclusion of the contract), without you having to send us a request for this.
Direct Marketing
If you enter into a paid contract for the use of our services and provide your email address, MomentumAI may use this email address for direct advertising for similar goods or services. You have the right to object to this use of your email address at any time, without any costs other than the transmission costs according to the basic rates. Every email includes an unsubscribe link for this purpose. You may also object by sending an email to privacy@momentumai.nl The legal basis for this data processing is our legitimate interest (Art. 6 (1) (f) GDPR). You can object to the data processing for direct marketing at any time without giving reasons. To verify email addresses, email addresses and any associated names are processed to ensure the validity of the provided addresses and maintain the quality of our communication. This is based on our legitimate interest in correct and secure communication (Art. 6 (1) (f) GDPR).
Processing When Registering a Customer Account
On our website, it is possible to create a customer account. An account is required to subscribe to paid services. If you wish to register, we will send a confirmation link to the email address you provided. Via this link, you will arrive at the registration screen where you can enter the required information. The data we process during registration includes in particular: When registering, we process the following personal data: • Your contact details (name, email address, phone number), company name, address details, and registration date - legal basis: performance of a contract (Art. 6 (1) (b) GDPR) • IP address of your device - legal basis: our legitimate interest in preventing misuse and ensuring our system security (Art. 6 (1) (f) GDPR) The data will be deleted when you delete your customer account, unless we are legally obligated to retain this data for a longer period.
Processing for Paid Subscriptions
In addition to the free trial period, you have the option to take out a subscription for paid services through your customer account. If you take out a subscription through our website, we process the following data: The IP address of the device from which the order is placed; Date and time of the order; Contact details such as your email address; Payment details; The subscription you chose; All other data you provide during the registration process (e.g., a "promo code"). For payment processing, we pass on the necessary payment details to the payment service provider we have engaged. We only process the Stripe Subscription ID for payment processing. This processing is necessary for the conclusion and execution of the contract. The legal basis is Art. 6 (1) (b) GDPR. The data will be deleted once the purpose of the processing ceases, for example, when you terminate your subscription, unless we are legally required to retain the data for a longer period.
Processing for Participation in the Partner Program
If you participate in our partner or affiliate program, we process certain personal data for the administration of your partnership. This particularly includes: Your name, email address, and postal address; Bank details for the payment of commissions; Other information necessary for verification or execution of the cooperation. This data is processed on the basis of the performance of a contract (Art. 6 (1) (b) GDPR) and our legitimate interest in efficient management of our partner program (Art. 6 (1) (f) GDPR).
Use of Processors
To provide the above services, we make use of carefully selected external service providers who process personal data on our behalf (processors). This specifically applies to activities such as hosting, technical infrastructure, customer service, communication (e.g., via email or chat), payment processing, data analysis, and our partner program. The data processing takes place solely on the basis of processing agreements in accordance with Art. 28 (3) GDPR. Our service providers are contractually obligated to process personal data only in accordance with our instructions and with due regard to high data security standards. Where possible, the data processing takes place within the European Union or the European Economic Area.
Transfer of Data to Third Countries
In principle, we process personal data on servers within the European Union. However, when providing our services, certain data may be transferred to service providers in "third countries" (countries outside the EU/EEA where the GDPR does not apply directly). Such transfers only take place under the conditions of Art. 44 et seq. GDPR. This means in concrete terms: A transfer is permitted if the European Commission has determined that there is an adequate level of protection in the relevant third country ("adequacy decision"). If there is no adequacy decision, personal data may only be transferred if there are appropriate safeguards, such as by entering into EU standard contractual clauses or if the receiving company is certified under the EU-US Data Privacy Framework. In exceptional cases, a transfer may take place on the basis of a legal exemption according to Art. 49 GDPR. For questions about specific data transfers, you can always contact privacy@momentumai.nl
Retention Period of Your Personal Data
Unless a shorter retention period is specified, we generally only retain personal data (i) as long as necessary to provide you with the services and/or (ii) as long as necessary concerning the contractual relationship. Thereafter, the data will only be retained as and to the extent we are required to do so under legal retention obligations.
Cookies and Similar Technologies
We use cookies and similar technologies (e.g., pixels) on our website and platform. Cookies are text files that your browser automatically creates and stores on your device. Some cookies are deleted after your browsing session ("session cookies"). Others remain stored longer to recognise you on a subsequent visit, for example. You can prevent the use of cookies by adjusting your browser settings, though this may limit the functionality of the website. We use the following types of cookies: Necessary cookies: Strictly necessary for the functionality of our website. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR). Analysis & Statistics: To statistically evaluate and improve the use of our website and our platform. The legal basis is your consent (Art. 6 (1) (a) GDPR). Via our cookie banner, you can manage your settings, give consent, or withdraw your consent at any time.
Presence on Social Media
If you contact us via your profile on X (Twitter) or LinkedIn (e.g., by sending a private message), we process the data provided solely to reach out to you. The legal basis is our legitimate interest (Art. 6 (1) (f) GDPR) or the performance of a contract (Art. 6 (1) (b) GDPR).
Your Rights Regarding Your Personal Data
You have the following rights: Right to information: About what data we process, the purposes, recipients, retention periods, and more. Right to rectification: Of inaccurate or incomplete data. Right to erasure: If the purpose of the processing has ceased, consent has been withdrawn, or there is no other legal basis. Right to restriction of processing. Right to data portability: The right to receive your data in a structured, commonly used, and machine-readable format. Right to object: Against processing based on legitimate interest. If you have given consent for processing, you can withdraw it at any time. Our services and the laws governing them are constantly evolving, so it may be necessary for us to update this Privacy Policy from time to time. If we make changes, we will notify you by posting the updated policy on our website. For significant changes, we will also provide a more prominent notice, such as sending an email notification. By continuing to use our platform after these changes take effect, we assume that you agree to the revised privacy policy.