Data & Privacy Statement
How XTROVERSO™ handles personal data under Dutch and European data-protection law.
XTROVERSO™ treats personal data as part of a trust relationship, not as a commercial asset.
This statement explains what personal data we handle, why we handle them, how we protect them, and what rights you have in relation to that processing.
Open statement
Controller details
XTROVERSO™ is a registered tradename of WIGEPA B.V., a private limited company incorporated under Dutch law and established in Amersfoort, the Netherlands.
WIGEPA B.V.
trading as XTROVERSO™
De Stuwdam 33-35
3815 KM Amersfoort
The Netherlands
KvK: 70402787
BTW: NL 8583.07.790 B 01
BECON: 685811
Personal-data processing carried out under the XTROVERSO™ name is performed by WIGEPA B.V. in accordance with Regulation (EU) 2016/679, known as the General Data Protection Regulation, together with other applicable Dutch and European data-protection rules.
For questions about this statement or about the way your personal data are handled, you can contact our Legal & Compliance Department at privacy@xtroverso.com or legal@xtroverso.com, or write to the address above.
We aim to respond to privacy-related enquiries clearly, seriously, and without unnecessary delay.
Our privacy principles
Transparency is non-negotiable
You have the right to understand how your data are collected, stored, and used. We do not hide behind vague or needlessly complex wording.
Your data remain under legal protection
Where consent is the legal basis, you may withdraw that consent. Where another legal basis applies, we aim to explain that basis clearly and proportionately.
Security is part of the operating standard
We protect data through secure storage, restricted access, encryption where appropriate, controlled backup logic, and structured review of our environment.
Minimalism in collection
We collect the information genuinely needed for communication, service delivery, onboarding, support, compliance, and operational continuity, and no more than that.
Ethical processing
We process personal data to deliver services, support legitimate operations, meet legal obligations, and protect the integrity of the business relationship. We do not sell personal data.
No fully automated decisions in this context
We do not rely on fully automated decision-making without human involvement in the processing described through this website.
When we handle your data
The personal data we handle depend on the relationship and on the contact you establish with us.
This may happen when you contact XTROVERSO™, submit a form, subscribe to updates, request information, enter into a contract, apply for a role, or use parts of the website.
The information involved may include contact details, company details, communication content, onboarding information, service-related interactions, and other data that are necessary for the relevant purpose.
Why we handle your data
We process personal data to communicate, provide support, assess requests, deliver services, manage onboarding, perform contracts, maintain operational security, and comply with legal and regulatory obligations.
We retain personal data only for as long as necessary for the purpose for which they were collected, or for as long as applicable law requires.
We do not treat personal data as a casual by-product. Their handling is part of the wider trust and control structure of the business.
Storage, processors, and international transfers
Personal data are stored on secured systems and handled with appropriate technical and organisational safeguards.
To deliver services effectively and securely, we may rely on a limited number of carefully selected third-party providers that support our infrastructure, systems, communication, or operational processes.
Personal data are processed within the European Union unless a lawful and properly justified basis exists for another arrangement. Where a third party processes data on our behalf, that party is expected to act only under our instructions and under GDPR-compliant terms.
We do not permit third parties to use your personal data for their own unrelated purposes.
How we protect your data
encryption
access control
regular review
secure backups
Access to personal data is limited to authorised personnel who need that access to deliver services, maintain systems, or fulfil legal and operational responsibilities.
Your rights
Subject to the conditions of applicable law, you may have the right to access your personal data, request rectification of inaccurate data, request deletion, restrict certain processing, object where the law permits, receive data portability where applicable, and withdraw consent where consent is the legal basis.
You may also have the right not to be subject to decisions based solely on automated processing where the law provides that protection.
Requests can be submitted through our Legal & Compliance contact channel.
What we do not do
We do not sell personal data.
We do not exploit personal information for manipulation, unrelated profiling, or misuse.
We do not treat privacy obligations as optional just because a company is small or the relationship feels informal.
Complaints and amendments
If you believe that your data-protection rights have not been respected, you may lodge a complaint with the competent supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens.
We may amend this statement where required by law, by operational changes, or by changes in the way services are delivered. The current version published on this website is always the version that applies publicly.
Last updated: 17 April 2026
Questions about privacy?
If you need clarification about the way XTROVERSO™ handles personal data, contact us through our Legal & Compliance channel or through the general contact page.
A serious framework should also be clear about the way it handles trust.
