Versie: 20 december 2025

Resqueu, Westvlietweg 60 d, 2491 ED Den Haag, Nederland

KvK 87259672

support@resqueu.nl

1. Reikwijdte en toepasselijkheid

Deze privacyverklaring is opgesteld overeenkomstig de Algemene Verordening Gegevensbescherming en de Uitvoeringswet AVG en is van toepassing op alle verwerkingen van persoonsgegevens van gebruikers van de Resqueu applicatie. Resqueu treedt op als verwerkingsverantwoordelijke in de zin van artikel vier sub zeven AVG.

2. Definities

Persoonsgegeven betreft alle informatie over een identificeerbare persoon. Verwerking betreft elke handeling zoals omschreven in artikel vier sub twee AVG. Locatiegegevens omvatten alle gegevens die de geografische positie van het toestel weergeven. Subverwerker is een derde die namens Resqueu gegevens verwerkt. Doorgifte betreft overdracht buiten de Europese Economische Ruimte. Minderjarige is een persoon jonger dan zestien jaar.

3. Categorieën persoonsgegevens

Resqueu verwerkt: accountgegevens, locatiegegevens, toestelgegevens, communicatiegegevens, gebruiksgegevens, betaalgegevens via Stripe en KYC gegevens.

4. Verwerkingsdoeleinden

Gegevens worden verwerkt voor uitvoering van de overeenkomst, SOS functies, locatiedeling, beveiliging, fraudepreventie, optimalisatie, klantenservice en wettelijke verplichtingen.

5. Rechtsgrondslagen

Verwerking vindt plaats op basis van artikel zes AVG: toestemming, uitvoering van de overeenkomst, wettelijke verplichting en gerechtvaardigd belang.

6. Locatiegegevens

Locatie wordt uitsluitend verwerkt met toestemming. Locatiegegevens worden gebruikt voor SOS functies, Inner Circle en veiligheidsanalyse. Nauwkeurigheid is afhankelijk van toestel en netwerk.

7. Minderjarigen

Verwerking vindt uitsluitend plaats met toestemming van ouder of wettelijke vertegenwoordiger. Ouder is volledig verantwoordelijk voor toezicht, instellingen, privacybeheer en groepsbeheer. Resqueu kan niet aansprakelijk worden gesteld voor schade voortvloeiend uit onvoldoende toezicht of onjuist gebruik. Ouder vrijwaart Resqueu voor aanspraken van derden. Bij twijfel mag Resqueu het account opschorten of beëindigen.

8. Bewaartermijnen

Accountgegevens worden bewaard zolang het account actief is. Locatiegegevens zo kort mogelijk. Communicatie maximaal achttien maanden. Betaalgegevens zeven jaar. Logbestanden twaalf maanden. KYC gegevens maximaal vijf jaar.

9. Subverwerkers

Resqueu maakt enkel gebruik van subverwerkers die voldoen aan artikel achtentwintig AVG. Deze verwerken gegevens uitsluitend op instructie van Resqueu.

10. Internationale doorgifte

Doorgifte buiten de Europese Economische Ruimte vindt uitsluitend plaats met passende waarborgen zoals standaardcontractbepalingen overeenkomstig artikel zesenveertig AVG.

11. Rechten van gebruikers

Gebruiker heeft recht op inzage, rectificatie, verwijdering, beperking, overdraagbaarheid, bezwaar en het intrekken van toestemming.

12. Beveiliging

Resqueu neemt maatregelen overeenkomstig artikel tweeendertig AVG waaronder encryptie, pseudonimisering, toegangscontrole en logging. In geval van een datalek wordt gehandeld conform artikel drieendertig en vierendertig AVG.

13. Contact en klachten

Voor verzoeken kan contact worden opgenomen via support@resqueu.nl. Klachten kunnen worden ingediend bij de Autoriteit Persoonsgegevens.

Version: 20 December 2025

Resqueu

Westvlietweg 60 d

2491 ED The Hague

The Netherlands

Chamber of Commerce: 87259672

Email: support@resqueu.nl

 1. DEFINITIONS, SCOPE AND LEGAL POSITION

1.1

This privacy policy describes, in a legally exhaustive and defensive manner, how Resqueu processes personal data in the context of offering, managing and operating the Resqueu platform, including but not limited to the mobile application, website, servers, infrastructure, algorithms, notification systems and all related services.

1.2

This privacy policy applies to all processing of personal data by Resqueu with respect to:

a. consumers;

b. businesses;

c. employees, representatives and contact persons of businesses;

d. SOS contact persons;

e. persons mentioned in reports, reviews or communications;

f. any other data subject whose personal data is processed via the platform.

1.3

This privacy policy constitutes an independent information obligation under the General Data Protection Regulation (GDPR) and should be read in conjunction with the terms of service, the EULA and any additional disclaimers issued by Resqueu. In the event of conflict, the terms of service shall always prevail.

1.4

Use of the platform, creation of an account or any form of interaction with Resqueu's services implies that the data subject has taken note of this privacy policy and accepts the processing of personal data described herein, to the extent permitted by law.

 2. DATA CONTROLLER AND DEMARCATION

2.1

The data controller within the meaning of Article 4(7) GDPR is:

Resqueu

Westvlietweg 60 d

2491 ED The Hague

The Netherlands

Chamber of Commerce: 87259672

Email: support@resqueu.nl

2.2

Resqueu acts solely as data controller for personal data for which it independently determines the purpose and means of processing.

2.3

Resqueu expressly does not act as a processor or joint controller for businesses with respect to:

a. communications between businesses and consumers;

b. appointments, transactions or services outside the platform;

c. further processing of personal data by businesses themselves.

2.4

Businesses remain fully and independently responsible for compliance with the GDPR and other privacy legislation regarding personal data they obtain or process via the platform.

2.5

Resqueu is not a party to agreements between users and bears no responsibility for privacy processing by third parties outside its direct sphere of influence.

 3. CATEGORIES OF PERSONAL DATA

 3.1 Personal data of consumers

Resqueu may process the following categories of personal data, among others:

a. name or username;

b. phone number;

c. email address;

d. account and login information;

e. encrypted authentication data;

f. IP address;

g. device data (type, operating system, version);

h. language and regional preferences;

i. location data and movement information;

j. SOS contact persons;

k. SOS incident data;

l. chat messages;

m. reviews, ratings and reports;

n. interactions within the platform;

o. log and usage data;

p. photos, videos or other media voluntarily provided by users.

 3.2 Personal data of businesses

Resqueu may process the following data, among others:

a. company name and trade names;

b. registered address and location data;

c. Chamber of Commerce number;

d. VAT number;

e. business contact details;

f. data of authorised representatives and employees;

g. communications with consumers;

h. reviews and profile information;

i. subscription and payment metadata;

j. verification and KYC documentation.

 3.3 Automatically generated data

a. IP addresses;

b. timestamps;

c. error and crash reports;

d. security and audit logs;

e. analytical and statistical data.

 4. PURPOSES OF PROCESSING

Resqueu processes personal data solely for the following purposes:

a. creating, managing and securing accounts;

b. facilitating SOS and safety functionalities;

c. alerting contact persons and regions;

d. displaying and making businesses findable;

e. enabling communication between users;

f. processing and displaying reviews and reports;

g. verification, KYC and compliance;

h. invoicing and payment processing;

i. security, monitoring and platform integrity;

j. fraud prevention and abuse detection;

k. compliance with legal obligations;

l. statistical, analytical and quality purposes.

 5. LEGAL BASES FOR PROCESSING

5.1

Resqueu processes personal data only if and to the extent that one or more legal bases within the meaning of Article 6 GDPR apply.

5.2

The processing of personal data may take place on the basis of:

a. the explicit consent of the data subject;

b. the necessity for the performance of a contract to which the data subject is a party;

c. compliance with a legal obligation to which Resqueu is subject;

d. the protection of vital interests of the data subject or another natural person, particularly in the context of SOS and emergency situations;

e. the pursuit of legitimate interests of Resqueu or third parties, including but not limited to:

   - platform security;

   - fraud prevention and abuse detection;

   - ensuring continuity of service;

   - legal protection of Resqueu;

   - quality improvement and system optimisation.

5.3

Where personal data is processed on the basis of consent, the data subject has the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

 6. LOCATION DATA, TRACKING AND CONTEXTUAL DATA

6.1

Resqueu may process location data where this is functionally necessary for the provision of services or where the data subject has given explicit consent.

6.2

Location data may be used for:

a. SOS functionalities;

b. informing selected SOS contact persons;

c. regional and safety warnings;

d. displaying businesses in the vicinity of the user.

6.3

Location data is not stored continuously but is only temporarily processed for the specific purpose for which it was collected, unless legal obligations require otherwise.

6.4

Resqueu does not guarantee that location data is always complete, current or accurate and accepts no liability for decisions or actions taken by users or third parties on the basis of such data.

6.5

The use of location data and contextual data does not constitute a guarantee of safety, assistance or intervention and does not replace professional emergency or rescue services.

 7. SOS FUNCTIONS AND EMERGENCY SITUATIONS

7.1

The platform offers SOS functionalities intended solely as a supportive tool and not as a primary emergency provision.

7.2

Upon activation of an SOS function, personal data may be temporarily shared with pre-selected contact persons, including:

a. identification of the user;

b. contact details;

c. current or last known location;

d. status of the SOS incident;

e. time and duration of the activation.

7.3

Resqueu is not an emergency service, alarm centre or supervisory authority and bears no responsibility for the follow-up, speed, availability or effectiveness of responses by SOS contact persons or third parties.

7.4

Resqueu is not liable for damage resulting from the failure, untimely or incorrect response to SOS signals by contact persons, businesses or third parties.

 8. COMMUNICATION, CHATS, REVIEWS AND REPORTS

8.1

Resqueu facilitates communication between users by means of chat functionalities, reviews and reporting systems.

8.2

Resqueu is not a party to this communication and does not exercise structural substantive control.

8.3

Resqueu is not responsible or liable for:

a. the content, accuracy or completeness of messages;

b. interpretation or inference by users;

c. reputational damage or economic harm caused by reviews;

d. decisions or actions based on communications via the platform.

8.4

Resqueu reserves the right to investigate, restrict or remove communications or content where necessary to comply with legislation, protect users or maintain the integrity of the platform.

 9. PAYMENTS AND FINANCIAL DATA

9.1

Payments for business services are processed via external payment service providers, including Stripe.

9.2

Resqueu does not receive, process or store full payment card or bank details of users.

9.3

Resqueu is not responsible or liable for the processing of personal data by external payment service providers and refers to the privacy terms of those parties.

 10. RETENTION PERIODS

10.1

Personal data is not retained longer than necessary for the purpose of processing, unless a longer retention period is legally required or justified.

10.2

Indicative retention periods may include:

a. account and profile data: for as long as the account is active;

b. chat and communication data: a maximum of twelve (12) months;

c. SOS incident data: a maximum of ninety (90) days;

d. invoicing and payment data: seven (7) years;

e. verification and compliance data: a maximum of five (5) years.

10.3

After the retention period has expired, personal data will be deleted or irreversibly anonymised.

 11. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

11.1

Resqueu discloses personal data to third parties only if and to the extent necessary for the performance of services, compliance with legal obligations or to protect the legitimate interests of Resqueu.

11.2

Personal data may be disclosed to, among others:

a. hosting and cloud providers;

b. technical and IT service providers;

c. suppliers of communication and notification systems;

d. payment service providers, including Stripe;

e. verification and compliance partners;

f. analytics and monitoring service providers;

g. legal, tax and financial advisors;

h. competent supervisory authorities, investigative agencies or other government bodies, where Resqueu is legally obliged to do so.

11.3

Resqueu does not sell, rent or trade personal data to third parties.

11.4

Third parties processing personal data on behalf of Resqueu are contractually bound by appropriate technical and organisational security measures and confidentiality obligations, to the extent required by law.

 12. INTERNATIONAL TRANSFER OF DATA

12.1

Where personal data is processed or stored outside the European Economic Area, Resqueu ensures that this takes place solely under appropriate safeguards as referred to in Chapter V GDPR.

12.2

These safeguards may include, among others:

a. adequacy decisions by the European Commission;

b. standard contractual clauses approved by the European Commission;

c. additional technical, organisational and contractual measures.

12.3

Users acknowledge that international data transfer may be inherent in the use of modern digital infrastructure.

 13. SECURITY OF PERSONAL DATA

13.1

Resqueu takes appropriate technical and organisational measures to protect personal data against loss, unauthorised access, unlawful disclosure, alteration or destruction.

13.2

These measures may include, among others:

a. encryption of data;

b. secure connections;

c. access control and authorisation;

d. logging and monitoring;

e. periodic security updates;

f. data minimisation.

13.3

Despite these measures, Resqueu cannot guarantee absolute security. Users acknowledge and accept the inherent risks of digital data processing.

 14. INCIDENTS, DATA BREACHES AND NOTIFICATION OBLIGATIONS

14.1

In the event of a data breach that poses a risk to the rights and freedoms of data subjects, Resqueu will act in accordance with the notification obligations under the GDPR.

14.2

Resqueu is not liable for data breaches resulting from:

a. actions or omissions of users;

b. shortcomings of third parties outside Resqueu's direct sphere of influence;

c. misuse of login credentials;

d. circumstances qualifying as force majeure.

14.3

Users are obliged to notify Resqueu without delay if they identify a security incident or (suspected) data breach related to the platform.

 15. RIGHTS OF DATA SUBJECTS

15.1

Data subjects have, to the extent permitted by law, the following rights:

a. right of access to their personal data;

b. right to rectification of inaccurate data;

c. right to erasure of personal data;

d. right to restriction of processing;

e. right to data portability;

f. right to object to processing;

g. right to withdraw consent.

15.2

Requests may be submitted via support@resqueu.nl. Resqueu may verify the identity of the requester before processing the request.

15.3

Resqueu will handle requests within the statutory time limits, unless an extension is justified on grounds of complexity or volume of requests.

15.4

Where Resqueu refuses a request, it will do so with stated reasons within the framework of the GDPR.

 16. LIMITATIONS ON RIGHTS

16.1

Resqueu reserves the right to restrict the rights of data subjects where and to the extent permitted under Article 23 GDPR, including for the protection of:

a. national security;

b. public security;

c. prevention, detection and prosecution of criminal offences;

d. other compelling interests of Resqueu or third parties.

 17. LIABILITY AND RISK ALLOCATION

17.1

To the extent permitted by law, Resqueu is not liable for:

a. damage resulting from incorrect or incomplete personal data;

b. damage arising from decisions based on platform information;

c. damage caused by actions or omissions of third parties;

d. indirect damage, consequential damage or loss of profit;

e. damage in connection with SOS functionalities or location data.

17.2

Users acknowledge that use of the platform is at their own risk.

 18. MINORS

18.1

The platform is intended for persons aged sixteen (16) years and older.

18.2

Where personal data of minors is processed, this is done solely with the consent of a parent or legal representative.

18.3

Resqueu is not liable for incorrect declarations of age by users.

 19. AUTOMATED DECISION-MAKING AND PROFILING

19.1

Resqueu makes use of automated systems and algorithms for purposes including security, abuse detection, ranking and recommendations.

19.2

No decisions with legal consequences for data subjects are made without human intervention, unless permitted by law.

 20. COOKIES AND SIMILAR TECHNOLOGIES

20.1

The platform makes use of functional and analytical technologies to ensure its operation and security.

20.2

Marketing and tracking technologies are only applied with the consent of the data subject.

 21. AMENDMENTS TO THIS PRIVACY POLICY

21.1

Resqueu reserves the right to amend this privacy policy where legislation, case law, supervisory authorities or the nature of the services so require.

21.2

The most current version shall always prevail and is available via the platform.

 22. CONTACT AND COMPLAINTS

22.1

For questions, comments or requests regarding this privacy policy, please contact:

support@resqueu.nl

Westvlietweg 60 d

2491 ED The Hague

The Netherlands

22.2

Data subjects have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).