Cookie Preferences

We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve your experience and analyze site usage. Learn more in our Privacy Policy.

OrinyxOrinyx

Privacy Policy

Last updated: January 26, 2026

1. Introduction

Orinyx ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website orinyx.eu and use our services. We are based in Amsterdam, The Netherlands, and comply with the General Data Protection Regulation (GDPR) and Dutch data protection laws.

Data Controller: Orinyx, 956 Osdorpplein, 1068 TD Amsterdam, The Netherlands. KVK: 89439082. Contact: [email protected]

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, and password when you create an account
  • Payment Information: Processed securely by Stripe. We do not store your full card details.
  • Newsletter Subscription: Email address when you subscribe to our newsletter (processed by Beehiiv)
  • Communications: Any information you provide when contacting us

2.2 Information Collected Automatically

  • Usage Data: Pages visited, time spent, features used
  • Device Information: Browser type, operating system, device type
  • IP Address: For security and analytics purposes
  • Cookies: See our Cookie Policy section below

3. How We Use Your Information

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance (Art. 6(1)(b)): To provide our subscription services, process payments, and deliver content you've purchased
  • Legitimate Interests (Art. 6(1)(f)): To improve our services, prevent fraud, and ensure security
  • Consent (Art. 6(1)(a)): To send marketing communications (newsletter) - you can withdraw consent anytime
  • Legal Obligation (Art. 6(1)(c)): To comply with tax and accounting requirements

4. Data Sharing

We share your data with the following third parties, all of whom are GDPR-compliant:

  • Stripe: Payment processing (USA, EU-US Data Privacy Framework certified)
  • Beehiiv: Newsletter delivery (USA, Standard Contractual Clauses)
  • Manus: Website hosting and authentication infrastructure (EU)

We do not sell your personal data to third parties.

5. Data Retention

  • Account Data: Retained while your account is active, plus 7 years for tax purposes after deletion
  • Payment Records: 7 years (Dutch tax law requirement)
  • Newsletter Data: Until you unsubscribe
  • Analytics Data: 26 months

6. Your Rights Under GDPR

As an EU resident, you have the following rights:

  • Right of Access (Art. 15): Request a copy of your personal data
  • Right to Rectification (Art. 16): Correct inaccurate data
  • Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
  • Right to Restriction (Art. 18): Limit how we process your data
  • Right to Data Portability (Art. 20): Receive your data in a machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

7. Cookie Policy

We use the following types of cookies:

  • Essential Cookies: Required for the website to function (authentication, security). No consent required.
  • Analytics Cookies: Help us understand how visitors use our site. Require your consent.
  • Third-Party Cookies: Set by our payment processor (Stripe) for fraud prevention.

You can manage cookie preferences through our cookie consent banner or your browser settings.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), secure password hashing, and access controls. However, no method of transmission over the Internet is 100% secure.

9. International Transfers

Some of our service providers are located outside the EU. We ensure appropriate safeguards are in place, including EU-US Data Privacy Framework certification and Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Complaints

If you have concerns about how we handle your data, please contact us first at [email protected]. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

For any questions about this Privacy Policy or our data practices, contact us at:

Orinyx

956 Osdorpplein

1068 TD Amsterdam

The Netherlands

Email: [email protected]

KVK: 89439082