Privacy policy
Last updated: 20 June 2026
TopDevs respects your privacy and handles your personal data with care. This policy explains what data we collect, why, how long we keep it, who we share it with, and what rights you have. We process personal data in line with the General Data Protection Regulation (GDPR) and, for clients and visitors outside the EU, the applicable local law.
Who we are
TopDevs is a development agency based in the Netherlands. For questions about this policy or your data, reach us at [email protected].
- The Netherlands: Gildekamp 21, 5431 SP Cuijk. Phone +31 6 40 31 37 16.
- Chamber of Commerce (KvK) number: 42105890. VAT number: registration in progress; we will list it here once it is complete.
What personal data we process
Depending on how you interact with us, we process:
- Contact and quote requests: name, email address, phone number, company name and the content of your message.
- Newsletter: your email address, if you subscribe.
- Website analytics: anonymised usage data via Google Analytics, only after you give consent. This includes pages visited, broad region, browser and device type.
- Data within client engagements: when we build or run software for you, we may process personal data held in your systems. There you act as the data controller and we as the processor, which we set out in a data processing agreement.
Why we use it and on what legal basis
We only process your data for clear purposes, each on a valid GDPR legal basis:
- To respond to your enquiry and provide a quote (performance of, or steps toward, a contract).
- To deliver an engagement and communicate with you (performance of the contract).
- To send our newsletter and improve our website (consent, which you can withdraw at any time).
- To meet legal obligations, such as our administrative and retention duties (legal obligation).
We never sell your data and never use it for purposes that do not fit the ones above.
Where we process your data
TopDevs operates from the Netherlands. Your personal data is processed within the EU/EEA. We do not move your data to countries outside the EEA, except where it is unavoidable in the use of a third-party service.
Where data is processed outside the EEA, we do so under safeguards that fit the destination. For analytics through Google in the United States, the EU-US Data Privacy Framework applies. Where there is no adequacy decision for a destination, we use standard contractual clauses (SCCs).
Cookies and analytics
Our website uses Google Analytics only, to understand how the site is used. These cookies load only after you give consent, and you can withdraw that choice at any time. The full detail, including the cookies and how long they last, is in our cookie policy.
Sharing with third parties and processors
We share your data only when needed for our services or when the law requires it. The parties that process data on our behalf are processors, with whom we sign a data processing agreement. They include:
- our hosting and email providers, to run the site and handle your message;
- Cookiebot (Cybot A/S, Denmark), to manage your cookie consent;
- Google, for the website analytics you accept through the cookie notice;
- the platforms we use for an engagement, as described in the agreement.
How long we keep your data
We keep your data no longer than necessary for the purpose it was collected for, or as long as the law requires. Contact and quote data is kept for up to two years after our last contact, unless an engagement follows. Newsletter data is kept until you unsubscribe or withdraw your consent. Data from an engagement is kept for the duration of the work and afterwards in line with statutory retention periods, such as the seven-year tax retention duty.
How we secure your data
We take appropriate technical and organisational measures to protect your data against loss and unlawful use. These include HTTPS encryption, access on a least-privilege basis, and secure management of passwords and keys. No measure offers absolute certainty, so if you believe your data is not safe, contact us right away.
Your rights
Under the GDPR you have the right to:
- access your data and request a copy;
- have inaccurate data corrected or completed;
- have your data erased;
- restrict or object to the processing;
- have your data ported to another provider (data portability);
- withdraw any consent at any time.
Send your request to [email protected]. We respond within the statutory period. If you disagree with how we handle your data, you can lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
Automated decision-making
We do not make decisions with legal or similarly significant effects based solely on automated processing, such as profiling, about the visitors to this website.
Minors
Our website and services are not aimed at people under 16. If we process a minor's data by accident without a parent's or guardian's consent, contact us and we will delete it.
Changes to this policy
We may update this privacy policy when our practices or the law require it. The date at the top of this page marks the latest version. For significant changes we flag this clearly on the site. See also our terms and conditions.