Privacy Policy

Last updated: December 2025

Apex One respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

Company Information:
Apex One
KvK (Chamber of Commerce) Number: 88306607
Address: Berberishage 33, 9408EN, Assen
Country: The Netherlands
Email: info@apexone.nl
‍
This Privacy Policy describes how Apex One (a sole proprietorship registered in the Netherlands) collects, uses and stores personal data when you use our website, platform and services. By using the Apex One website or services, or by signing up for an account, you agree to the terms of this Privacy Policy.
‍
1. Scope & overview
Apex One is a hybrid advertising platform and service provider. We provide a web platform (SaaS) to create, manage and optimize online ad campaigns, and we also offer managed services (campaign setup, creative production, management and optimization) when customers engage our Launch Program or other support services.
This policy explains: Which personal data we collect; Why we collect and process that data; With whom we share the data; How long we keep it; and your rights and how to exercise them.

2. Data we collect
We collect the personal data necessary to provide our services and to operate the Platform. Depending on your interactions with us, this may include:
‍A. Account & identity data: Full nameCompany nameJob titleBusiness email addressBilling details (billing address, VAT number where applicable)
‍B. Platform, campaign & service data: Campaign configuration and performance metrics connected to your ad accounts (for example: campaign names, impressions, clicks, conversion events and other aggregated metrics needed to run and optimize campaigns)Identifiers and connections to third-party ad accounts (e.g., ad account IDs), where you provide them to us. Creative assets and customer-provided content used in campaigns (images, video, text)
‍C. Support & communications: Emails, messages and files you send to us for support or onboarding.
Onboarding notes, call notes, and other project-related communications
‍
3. How we use your data (purposes & lawful basis)
We only process personal data where we have a lawful basis under GDPR. Main uses include:
‍To provide the:
Platform and Services (performance of a contract). Creating your account, enabling platform access, campaign setup and managed services, billing, and delivering the Launch Program.
‍Billing & accounting (legal obligation & contract). Invoicing, tax compliance and handling payments (Stripe).
‍Customer support & communications (contract & legitimate interest). Handling questions, onboarding, and technical support.
‍Product improvement & AI model training (legitimate interest). We may use aggregated and anonymised campaign data to improve our product and AI models. We will not publish personal data or identify individuals when using data for model training unless you gave explicit permission.
‍Marketing communications (consent / legitimate interest). With your consent (or for existing customers under legitimate interest where local law permits), we may send product updates and promotional emails. You may opt out at any time.
‍Legal compliance (legal obligation). Storage and processing of data needed to comply with tax, accounting and other legal obligations.

4. Cookies & tracking on apexone.nl
We do not run analytics, retargeting or marketing pixels at this time. As a result: There is no cookie banner shown on apexone.nl. We do not collect IP addresses for website analytics.If we later enable cookies or tracking, we will update this Privacy Policy and add a cookie banner complying with GDPR requirements.

5. Third parties & processors
We use a small number of third-party processors to deliver our services. These processors act on our instructions and we require them to protect data appropriately. Key processors include:
‍Stripe (payments & billing) — processes billing data and handles subscriptions and payments.
‍Microsoft / Outlook (email) — used for business email and communication.
‍Sender (email marketing) — used for promotional emails and newsletters you opt into.
We may also use hosting and infrastructure providers to operate the Platform. Some providers may be located or transfer data outside the EEA. Where data is transferred outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or ensure the processor participates in recognized transfer mechanisms. If you want details about specific transfers, contact info@apexone.nl.

6. Data retention
We retain personal data only as long as necessary for the purposes for which it was collected or where legally required:
‍Account & billing data: retained for the duration of your account and for 7 years after termination for tax and accounting obligations.
‍Support & onboarding communications: retained for up to 24 months (or longer where needed for legal reasons).
‍Campaign performance & platform data: retained for a period necessary to provide the service and improve the Platform; you may request deletion (see section 9).
‍Marketing opt-ins: retained until you unsubscribe or request removal.If you request deletion of your account, we will delete or anonymise your personal data subject to legal obligations (e.g., invoicing records kept for tax purposes).

7. Your rights
Under the GDPR you have rights with respect to your personal data. To exercise any right, contact info@apexone.nl. We will respond within the timeframes required by law. Your rights include:
‍Access: request a copy of personal data we hold about you.
‍Rectification: ask us to correct inaccurate or incomplete data.
‍Erasure (“right to be forgotten”): request deletion (subject to legal retention obligations).
‍Restriction: request a temporary restriction of processing.
‍Data portability: obtain a machine-readable copy of data you provided.
‍Object: object to processing based on legitimate interests (e.g., direct marketing).
‍Withdraw consent where processing is based on consent (e.g., marketing emails).
If you are unhappy with our response, you may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

8. Security
We implement reasonable technical and organisational measures to protect personal data (encryption, access controls, secure backups and secure development practices). No system is 100% secure; in the unlikely event of a data breach we will notify affected users and the relevant authorities where required.

9. Deletion & account termination
You may request account deletion by contacting info@apexone.nl. We will delete personal data upon request unless we must retain certain data to comply with legal obligations (invoices, tax records). On termination of services, Apex One will remove active access to the Platform and will cooperate to transfer any customer-owned data/export as requested.

10. Minors
Our services are intended for business users. We do not knowingly process personal data of children under the age of 16. If you believe we have inadvertently collected such data, contact us at info@apexone.nl.

11. Changes to this policy
We may update this Privacy Policy. We will publish updates on our site and will notify active users of material changes. Continued use of the Platform after changes indicates acceptance of the updated Policy.

12. Contact & supervisory authority
Questions or requests about this policy or your data can be sent to: info@apexone.nl
‍If you believe we failed to comply with applicable data protection laws, you may also file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).