Lensym← Back home

Privacy

How we collect, use, and protect your personal data

Privacy Policy

This policy explains how Lensym B.V. collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and Dutch privacy law.

Last updated: September 14, 2024
Version 2.1

1. Who We Are

Information about Lensym B.V. as your data controller

Lensym B.V. is a Netherlands-based company that provides survey and research tools for academic institutions, researchers, and organizations worldwide. We are registered in the Netherlands and operate under Dutch and EU data protection law.

Contact Details

Company: Lensym B.V.

Address: [Company Address], Netherlands

Email: privacy@lensym.com

Data Protection Officer: dpo@lensym.com

2. What Data We Collect

The types of personal data we process and why

Account Information

  • Name and email address (required for account creation)
  • Organization name (optional)
  • Profile information you choose to provide
  • Authentication data (encrypted passwords, passkey data)

Survey Data

  • Survey questions and content you create
  • Response data collected through your surveys
  • Survey settings and configurations
  • Analytics and usage data for your surveys

Technical Data

  • IP addresses (for security and fraud prevention)
  • Browser and device information
  • Usage patterns and feature interactions
  • Error logs and diagnostic data

3. How We Use Your Data

Our legal basis and purposes for processing personal data

Primary Purposes

  • Service Delivery: Providing survey tools and managing your account
  • Security: Protecting against fraud, abuse, and unauthorized access
  • Support: Responding to your questions and technical issues
  • Legal Compliance: Meeting our legal obligations under EU law

What We Don't Do

  • We never sell your personal data to third parties
  • We don't use your data for advertising or marketing to others
  • We don't profile users for commercial purposes
  • We don't share survey responses with anyone except you

4. Data Sharing and Transfers

When and how we share data with third parties

We only share your personal data in limited circumstances and always with appropriate safeguards:

Service Providers

We work with carefully selected sub-processors to provide our services. All have signed data processing agreements:

  • Hosting: Vercel (EU hosting)
  • CDN & Security: Cloudflare (EU data processing)
  • Payments: Stripe (billing information only)
  • Email: [Email provider] (transactional emails only)

Full transparency: All our sub-processor agreements are available in ourSub-Processors section.

5. Data Security

How we protect your information

We implement industry-leading security measures to protect your data:

Technical Measures

  • End-to-end encryption
  • Multi-factor authentication
  • Regular security audits
  • Secure data centers

Organizational Measures

  • Staff security training
  • Access controls and monitoring
  • Incident response procedures
  • Regular policy reviews

6. Your Rights Under GDPR

How to exercise your data protection rights

As an individual in the EU, you have comprehensive rights over your personal data:

Access

Get a copy of your personal data

Rectification

Correct inaccurate information

Erasure

Delete your personal data

Portability

Export your data in a standard format

Exercise Your Rights

Contact our privacy team to exercise any of these rights:

Email: privacy@lensym.com
Response time: Within 30 days

7. Data Retention

How long we keep your information

We only retain personal data for as long as necessary for the purposes outlined in this policy:

Account dataUntil account deletion
Survey dataUser controlled
Technical logs90 days maximum
Backup data30 days after deletion

8. Changes to This Policy

How we handle updates to our privacy practices

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

  • Email all users about the changes
  • Update the "last modified" date at the top of this policy
  • Provide a summary of key changes
  • Give you time to review before changes take effect

9. Contact Information

How to reach us with privacy questions

General Privacy Questions

Email: privacy@lensym.com
Response time: Within 48 hours

Data Protection Officer

Email: dpo@lensym.com
For: Formal complaints and complex privacy matters

Supervisory Authority

If you're not satisfied with our response, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl