Use cases

WISMO Damaged & missing items Subscriptions Product advice Refunds & returns

Resources

Case studies Blog
Integrations Sign in

Privacy Policy

Last updated 18 May 2026

On this page
  1. 1. Who we are and how to contact us
  2. 2. Scope of this policy
  3. 3. What we collect, from whom, and why
  4. 4. Legal bases
  5. 5. Where the data comes from
  6. 6. Who we share your data with
  7. 7. International transfers
  8. 8. How long we keep your data
  9. 9. Your rights
  10. 10. Cookies and similar technologies
  11. 11. Changes to this policy
  12. 12. Contact

This Privacy Policy explains how Engaige Technologies B.V. (Engaige, we, us, our) collects and uses personal data for its own purposes — running our website, marketing, selling, contracting, recruiting and operating our business. We are the data controller for the processing described here.

This page does not cover personal data that our customers upload to the Engaige Service for processing by the AI agent (for example, end-user support-ticket content). For that processing Engaige acts as processor on behalf of the customer; the rules are in the Data Processing Agreement and the third parties involved are listed on the Sub-processor page. If you are a support-ticket end-user wanting to understand how a particular Engaige customer uses your data, please contact that organisation; they are the controller for that processing.

1. Who we are and how to contact us

Engaige Technologies B.V., a private limited company incorporated in the Netherlands, having its registered office at Goeman Borgesiuslaan 77, 3515 ET Utrecht, and registered with the Dutch Chamber of Commerce under number 90976827.

For anything relating to your personal data, including the rights described in Section 9, email privacy@letsengaige.com.

We have not appointed a Data Protection Officer; Article 37 GDPR does not require us to. The contact above is the privacy contact for all questions and requests.

2. Scope of this policy

This policy describes the personal data we process when we act as controller for our own purposes. That includes:

  • visitors to our website at letsengaige.com;
  • people who contact us through forms, email or chat;
  • leads and prospects we identify and reach out to about Engaige (including contacts whose business-contact details we obtained from third-party sources — see Section 5);
  • customers’ employees who are points of contact during procurement, onboarding, support and renewal;
  • people who subscribe to our newsletter or sign up for events, webinars and demos;
  • candidates who apply for a role with Engaige.

It does not cover personal data customers upload to the Engaige Service for processing by the AI agent — see the cross-reference above.

3. What we collect, from whom, and why

We collect the following categories of personal data, grouped by who you are when you interact with us.

Website visitors

When you visit letsengaige.com we, or our service providers acting on our behalf, may collect:

  • Technical data — IP address, device and browser type, language and time zone, referring URL, and the pages and content you interact with. This is collected automatically by our hosting and content-delivery infrastructure and (subject to your consent for non-essential cookies) by our analytics and behavioural-analytics providers.
  • Cookie identifiers — see Section 10 for the categories used and how to manage them.
  • Form and chat input — anything you choose to type into a form or chat window, including your name, work email, organisation, role and the content of your message.

We use this to operate the website, secure it against abuse, understand how visitors find and use the site, measure the effectiveness of our marketing, and respond to enquiries.

Leads and prospects

If we identify you as someone who may be interested in Engaige — because you downloaded a resource, booked a demo, attended one of our events, or because we obtained your business-contact details from a third-party source (see Section 5) — we keep a record in our customer-relationship-management system. The record typically contains your name, work email and phone number, role/title, employer and country, the source of the record, the marketing or sales interactions you have had with us, and any notes from those interactions.

We use this to contact you about Engaige, to send the marketing emails you have asked for (or that we send on a legitimate-interest basis, with an unsubscribe option in every message), and to run our sales process if you choose to engage with us.

If we have a sales, demo or follow-up call with you on a video conference, we may record and transcribe the call for our own note-taking and to improve how we pitch the product. You are told in the calendar invite that the call will be recorded; you can ask us to switch the recording off, or decline to have your contribution recorded, at any time.

Customers’ staff

When an organisation becomes an Engaige customer, we record the names, work email addresses, phone numbers and roles of the people we deal with — the commercial signatory, the technical and security contacts, the day-to-day project contacts — for the duration of the relationship.

We use this to perform the contract, deliver and support the Engaige Service, and meet our own legal, tax and accounting obligations.

Newsletter subscribers and event attendees

If you subscribe to our newsletter, register for an event or webinar, or sign up for a demo, we collect at least your name and email address, and any other fields you choose to fill in (typically employer and role).

We use this to send you the content you signed up for, to organise the event, and (where you have consented or the legal basis otherwise allows) to send related marketing emails. There is an unsubscribe link in every marketing email and you can withdraw consent at any time without giving a reason.

Job applicants

If you apply for a role with Engaige — through our applicant-tracking and job-distribution provider, by email, or by referral — we collect your application materials (CV/résumé, cover letter, portfolio and similar), the role applied for, the source of the application, your contact details, and a record of the assessment process (interview notes, scorecards, references where you have given them).

We use this to assess your suitability for the role, communicate with you during the process and, where relevant, make an offer.

People who email us or use the contact form

If you email us or submit a form, we have whatever you sent: your name, contact details, the content of your message and the metadata associated with the channel. We use this to respond to you and to keep a record of the exchange.

We rely on the following legal bases under Article 6 GDPR. The basis depends on the processing.

  • Consent (Art. 6(1)(a)) — for non-essential cookies and similar tracking technologies (see Section 10), for marketing emails where consent is required, and for retention of an applicant’s data beyond the default period.
  • Contract or pre-contractual steps (Art. 6(1)(b)) — for processing necessary to provide the Engaige Service to a customer, to respond to a request from someone considering becoming a customer, and to manage a recruitment process up to the point of contract.
  • Legitimate interest (Art. 6(1)(f)) — for keeping our website secure, for measuring its performance, for B2B sales outreach (see Section 5 for the source of the data and the safeguards we apply), for managing customer relationships and renewals, and for our own administrative and operational records. Where we rely on legitimate interest we have weighed our interest against your rights and concluded that the processing is proportionate; you can object at any time (see Section 9).
  • Legal obligation (Art. 6(1)(c)) — for keeping records that tax, accounting, employment and other laws require us to keep.

5. Where the data comes from

Most of the personal data we hold comes directly from you — when you visit the website, fill in a form, email us, apply for a job, or talk to us during a sales or customer-success conversation.

In addition, for B2B sales outreach, we identify and reach out to people we believe to be in our target audience using business-contact data obtained from third-party providers of business-contact databases and public business sources. The categories of data we obtain in this way are typically a name, work email, role or title, employer and company website, sometimes with a public business phone number.

We process this on the basis of our legitimate interest in growing our business through targeted B2B outreach (Art. 6(1)(f) GDPR). This Privacy Policy is our Article 14 GDPR notice for that processing — it sets out the source category, the purposes, the legal basis and your right to object. We have carried out a legitimate-interest assessment and apply the following safeguards:

  • We only obtain business-contact details — not consumer or special-category data.
  • We use the data only to identify and make a relevant initial business approach. If you do not engage, we do not continue to use the data for further outreach beyond what is consistent with normal business conduct.
  • You can object at any time by replying to any outreach message or by emailing privacy@letsengaige.com. On objection we stop processing your data for outreach and we record your objection so we do not approach you again.

6. Who we share your data with

We do not sell your personal data. We share it only with the categories of recipient below, each of which processes the data on our behalf or as an independent controller as described.

  • A cloud-infrastructure provider in the EEA that hosts our website and stores access logs needed to operate and secure it.
  • A tag-management service that loads the analytics and marketing tags below subject to your cookie consent.
  • A web-analytics provider that helps us understand aggregate website usage.
  • A behavioural-analytics provider that records masked interaction recordings of website sessions to help us improve the user experience; input masking is enabled so that text you type into forms is not captured.
  • Search and social advertising platforms (currently Google and LinkedIn) that operate the search and social advertising channels through which we acquire visitors and measure conversions. Their cookies are listed in the cookies table in Section 10 and the legal basis is your consent.
  • A customer-relationship-management platform that hosts our contact database, sends our marketing and transactional emails, and (where deployed) provides forms and chat on our website.
  • A meeting-scheduling tool used to book demos, intro calls and follow-ups.
  • A meeting-recording tool used to record and transcribe sales and demo calls hosted on our video-conferencing tool, where participants have been told in the calendar invite that the call is being recorded.
  • An enterprise productivity suite that hosts our business email, files and calendar — which is where any email correspondence with us lives.
  • An applicant-tracking and job-distribution provider that publishes our open roles, syndicates them to third-party job boards (including general-purpose job boards), and receives applications on our behalf.
  • Professional advisers — our accountants, lawyers and auditors — where they need access to the data to do their work for us, subject to professional confidentiality obligations.
  • Public authorities, courts and regulators where we are legally required to disclose data.

We engage each service provider under a written contract that imposes appropriate confidentiality and data-protection obligations, and where applicable a transfer mechanism under Section 7.

For the third parties involved in delivering the Engaige Service itself (not this website), see the Sub-processor page.

7. International transfers

We are based in the EEA and we run our business primarily on EEA-resident services. Where a service provider in Section 6 is established outside the EEA, or where it provides incidental support access from outside the EEA, we rely on:

  1. an adequacy decision under Article 45 GDPR where one applies (including the EU–U.S. Data Privacy Framework for U.S. recipients that have certified to it); or
  2. the EU Standard Contractual Clauses under Article 46 GDPR (with appropriate supplementary measures in light of the Schrems II judgment and the European Data Protection Board’s recommendations), where adequacy does not apply.

You can ask us for a copy of the safeguards in place for a specific provider by emailing privacy@letsengaige.com.

8. How long we keep your data

We keep personal data only for as long as we need it for the purpose we collected it. In particular:

  • Website server logs — up to thirty (30) days for security and troubleshooting.
  • Analytics and advertising data — retention is set within each provider’s configuration; details are in the cookies table in Section 10.
  • Leads and prospects — we review the record periodically and delete or anonymise it when it has been inactive for an extended period (typically twenty-four months without engagement) or earlier on objection.
  • Customers’ contact and relationship data — for the duration of the contract and for a reasonable tail thereafter (typically seven years) to meet our statutory record-keeping obligations.
  • Newsletter subscribers — until you unsubscribe; after unsubscribe we keep a minimal suppression record so we don’t email you again.
  • Job applicants — four (4) weeks after the conclusion of the process by default; up to one (1) year if you give us your consent to keep your application on file for future roles.
  • Email correspondence — for as long as it is relevant to our relationship with you, after which it is deleted or archived in line with our internal retention rules.
  • Contracts, invoices and tax records — for the period required by Dutch law (currently seven years for tax records).

After the applicable period we delete the data or, where it is more proportionate, anonymise it so that it can no longer be linked back to you.

9. Your rights

Under the GDPR you have the following rights in respect of your personal data. To exercise any of them, email privacy@letsengaige.com. We will respond within one month; if your request is complex we may extend that by up to two further months and will tell you why.

  • Access — ask us for a copy of the personal data we hold about you.
  • Rectification — ask us to correct data that is inaccurate or incomplete.
  • Erasure (“right to be forgotten”) — ask us to delete data we no longer have a lawful basis to keep.
  • Restriction — ask us to pause processing while we work through one of the points above.
  • Portability — ask us to provide data you gave us in a structured, machine-readable format, or transmit it to another controller, where it is technically feasible.
  • Objection — object to processing based on legitimate interest (Section 4), including B2B prospecting (Section 5). Object to direct marketing at any time and we will stop.
  • Withdraw consent — where we are processing on the basis of consent, withdraw it at any time. Withdrawal does not affect the lawfulness of processing done before.
  • Lodge a complaint with the Autoriteit Persoonsgegevens (the Dutch Data Protection Authority — autoriteitpersoonsgegevens.nl) or with the supervisory authority of the EEA country where you live or work. We would appreciate the chance to address your concern first, but you do not need to come to us before lodging a complaint.

We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

10. Cookies and similar technologies

Cookies are small files stored on your device. We use them to make the website work, to understand how it is used and to support our marketing. Strictly necessary cookies always fire; the rest fire only with your consent through our cookie banner. You can change your choices at any time via the cookie-settings link in the website footer, and you can manage or block cookies directly in your browser.

We currently use the categories below. The specific cookies in each category may change as we update the website; the most up-to-date list is the one our consent manager shows you at the time of your visit.

CategoryPurposeExamples of cookies we currently useLegal basisTypical retention
Strictly necessaryOperate the website, remember your cookie choices, protect against abuse.The consent-banner preference cookie.Legitimate interest (no consent required).Up to 12 months.
AnalyticsUnderstand aggregate website usage so we can improve content and performance.Google Analytics 4 cookies (_ga, _ga_<container-id>).Consent.Up to 13 months.
Behavioural analyticsMasked session recordings and heatmaps to understand how the site is used.Microsoft Clarity cookies (_clck, _clsk).Consent.Up to 12 months.
MarketingMeasure the performance of our search and social advertising and tailor our outreach.Google Ads cookies (_gcl_*, IDE on doubleclick.net); LinkedIn Insight cookies (li_*, lidc, bcookie).Consent.Up to 12 months (LinkedIn li_* up to 24 months).

The cookies set by the analytics, behavioural-analytics and advertising providers above are also subject to those providers’ own processing, in some cases as independent controllers or joint controllers. Their privacy policies set out what they do with the data:

11. Changes to this policy

We update this policy from time to time. The “Last updated” date at the top of the page tells you when we last changed it. For material changes we will tell people whose data is materially affected — for example by an email to subscribers or a notice on the website — before the change takes effect, where it is proportionate to do so.

12. Contact

For any question about this policy or how we handle personal data, or to exercise any of the rights in Section 9, email privacy@letsengaige.com.

Engaige Technologies B.V., registered in the Netherlands under Chamber of Commerce (KvK) number 90976827.