Privacy Notice
1. Introduction
Sylla B.V. ("we", "our", "us"), registered at Westinghousestraat 7, 3555VA Utrecht, Netherlands, is committed to protecting your privacy and personal data. This privacy notice explains how we collect, use, and protect your personal information.
2. Personal Data We Collect
We collect and process the following personal data:
First and last names
Email addresses
3. How We Use Your Data
Your personal data is processed with privacy by design principles, including:
Minimal data collection (only names and emails)
Authentication and user management
Platform functionality and security
Communication regarding our services
Meeting our legal obligations
4. Data Storage and Security
We implement strong technical measures to protect your data:
EU-based infrastructure (UK/Germany)
Secure database hosting (NeonDB in Frankfurt)
Authentication services (Clerk) with XSS and CSRF protection
DDoS protection through Vercel
Data encryption both in transit and at rest Regular security audits and assessments
5. Third-Party Processors
We use the following certified sub-processors:
Clerk (authentication)
NeonDB (secure EU-based database)
Vercel (infrastructure)
All sub-processors hold relevant certifications (GDPR, DPF) and we maintain comprehensive processing records.
6. Data Subject Rights
Under GDPR, you have the right to:
Access your personal data
Request data correction
Request data deletion
Object to processing
Data portability
Withdraw consent
We handle all requests within GDPR timeframes and provide:
Direct access to personal data via our platform
Automated deletion processes
Clear verification procedures
Prompt execution of correction requests
7. Data Retention and Deletion
Upon contract termination or request:
Automated data removal from our database
User authentication data removal
Complete verification process
Secure deletion protocols
Option to request data deletion at any time
8. Data Breaches
Our breach reporting process includes:
Automated monitoring for detection
Immediate assessment and containment
72-hour notification to affected parties and authorities
Comprehensive incident reporting and analysis
9. International Data Transfers
We process data in EU locations with appropriate safeguards:
Database: Frankfurt, Germany (AWS EUCentral-1)
Serverless functions: London, UK
Background workers: Frankfurt, Germany
10. Contact Information
For any privacy-related queries or to exercise your data rights, please contact us at:
Sylla B.V.
Westinghousestraat 7
3555VA Utrecht
Netherlands
VAT Number: NL865620507B01
11. Updates to This Notice
We may update this privacy notice periodically. Any significant changes will be communicated to users.
Last updated: January 17, 2025