Privacy Policy
Friesestraatweg 225-59, 9743AE Groningen, The Netherlands
Dutch Chamber of Commerce (KvK) number: 98189824
Last updated: July 7th, 2026
This Privacy Policy explains how Guardbase B.V. (“Guardbase”, “we”, “our”) collects, uses, and protects personal data in connection with our website at guardbase.ai and our related marketing and sales activities. Guardbase is the controller of the personal data described in this policy.
1. Scope
This policy applies only to personal data we process as a controller in connection with our website, marketing, and sales activities, such as data about website visitors, prospects, and business contacts.
It does not cover personal data that we process on behalf of our customers as a processor when providing the Guardbase product and services, including logs of agent activity and other data submitted through the product. That processing is governed by our agreement with the relevant customer and by our Data Processing Agreement (DPA), not by this policy.
2. Personal Data We Collect
2.1 Data you provide to us
When you book a demo or consultation, contact us, or otherwise interact with us, we may collect:
- your name and work email address;
- your company name and job title;
- information you choose to share when booking a meeting, such as the challenge you are working on and which coding agents your teams use; and
- the content of any messages or emails you send us.
2.2 Data we obtain from other sources
For business-to-business outreach, we may collect professional contact details from publicly available and third-party sources, such as company websites, professional networking platforms, and business information providers. This typically includes your name, job title, company, and work email address.
2.3 Website usage data
We use Plausible Analytics, a privacy-friendly analytics tool that does not use cookies and does not collect personal data or identify individual visitors. It provides us with aggregated, anonymous statistics about how our website is used, such as page views and referring sites.
3. Cookies
We do not use cookies or similar tracking technologies for analytics, advertising, or profiling on our website. Because our analytics are cookieless and anonymous, we do not display a cookie consent banner.
4. How and Why We Use Personal Data
We use personal data for the following purposes, on the following legal bases under the General Data Protection Regulation (GDPR):
- Responding to enquiries and demo requests — to communicate with you, arrange meetings, and provide the information you request. Legal basis: our legitimate interest in responding to you, and taking steps at your request prior to entering into a contract.
- Business-to-business marketing and outreach — to contact professionals at organisations that may be interested in Guardbase, and to send relevant communications. Legal basis: our legitimate interest in promoting our business to relevant organisations. You can object at any time (see Section 8).
- Operating and improving our website — to understand, in aggregate, how our website is used. Legal basis: our legitimate interest in maintaining and improving our website.
- Complying with legal obligations and protecting our rights — where necessary to comply with applicable law or to establish, exercise, or defend legal claims. Legal basis: compliance with a legal obligation, and our legitimate interest.
5. Who We Share Personal Data With
We share personal data with a limited number of service providers who process it on our behalf to help us run our website and business:
- Google Cloud — website hosting (European Union);
- Google Workspace — email and internal collaboration;
- Cal.com — scheduling of demos and consultations;
- Attio — customer relationship management (CRM);
- Plausible Analytics — cookieless, anonymous website analytics.
We may also disclose personal data where required by law or a competent authority, or in connection with a merger, acquisition, or sale of assets. We do not sell personal data.
6. International Transfers
Our website is hosted in the European Union. Some of our service providers, such as our CRM provider, process personal data outside the European Economic Area, including in the United States. Where personal data is transferred outside the EEA, we rely on an appropriate transfer mechanism under the GDPR, such as the European Commission's Standard Contractual Clauses or an adequacy decision (including the EU–US Data Privacy Framework where applicable).
7. Data Retention
We keep personal data only for as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law. In practice, this means we retain prospect and business-contact data for as long as it remains relevant to our relationship or outreach, and we delete or anonymise it when you object, request erasure, or it is no longer needed. Our website analytics data is aggregated and anonymous and is not tied to any individual.
8. Your Rights
Under the GDPR, you have the right to:
- access the personal data we hold about you;
- request correction of inaccurate or incomplete data;
- request erasure of your data;
- request restriction of, or object to, our processing — including the right to object to direct marketing at any time;
- request a copy of your data in a portable format; and
- withdraw any consent you have given, without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, contact us at privacy@guardbase.ai. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.
9. Security
We maintain appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, or alteration. No method of transmission or storage is completely secure, but we work to protect your data using measures appropriate to the risk.
10. Children
Our website and services are intended for businesses and professional users. They are not directed at children, and we do not knowingly collect personal data from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be communicated where appropriate.
12. Contact Us
If you have any questions about this Privacy Policy or how we handle your personal data, contact us at:
- Email: privacy@guardbase.ai
- Post: Guardbase B.V., Friesestraatweg 225-59, 9743AE Groningen, The Netherlands