Data protection & privacy
At MIIND, we are committed to protecting your personal data and respecting your privacy rights. This policy explains how we collect, use, and protect your information.
1. Information we collect
Personal data
When you contact us or use our services, we may collect:
- Contact details : Name, email address, phone number, company name
- Professional information : Job title, industry sector, project requirements
- Communication history : Messages, meeting notes, consultation records
Technical information
- IP address and browser information
- Website usage data and statistics
- Cookies and similar technologies
2. How we use your information
We use your personal data for the following purposes:
- Service delivery : Providing consulting services and project management
- Communication : Responding to inquiries and maintaining the client relationship
- Business operations : Invoicing, contract management, and record keeping
- Website improvement : Analyzing usage to improve the user experience
- Legal compliance : Meeting regulatory and professional obligations
3. Legal basis for processing
In accordance with the GDPR, we process your data on the basis of:
- Contract performance : Delivery of agreed consulting services
- Legitimate interests : Managing business operations and the client relationship
- Consent : Marketing communications (where applicable)
- Legal obligations : Compliance with Luxembourg and European regulations
4. Data sharing and disclosure
We may share your information with:
- Service providers : IT support, accounting, and legal services (under strict confidentiality)
- Professional networks : When you explicitly authorize collaboration on a project
- Legal authorities : When required by law or to protect our rights
We never sell your personal data to third parties.
5. Data security
We implement appropriate security measures, including:
- Encrypted data transmission and storage
- Access controls and authentication systems
- Regular security assessments and updates
- Staff training on data protection practices
6. Your rights under the GDPR
You have the following rights regarding your personal data:
Access and control rights
- Access : Request a copy of your data
- Rectification : Correct inaccurate information
- Erasure : Request deletion of your data
- Portability : Receive your data in a structured format
Additional rights
- Restriction : Limit how we process your data
- Objection : Object to certain processing activities
- Withdrawal of consent : For processing based on consent
- Complaint : Contact supervisory authorities
7. Data retention
We retain your personal data:
- Active projects : For the duration of the engagement plus 3 years for professional records
- Accounting documents : 10 years in accordance with Luxembourg legislation
- Marketing data : Until you withdraw consent or object to processing
- Website statistics : Maximum of 26 months
8. Cookies and website statistics
Our website uses cookies to:
- Essential functions : Website operation and security
- Analytics : Understand visitor behavior (anonymized data)
- Performance : Optimize load times and user experience
You can control cookies through your browser settings.
9. International data transfers
As a Luxembourg-based company, we primarily process data within the EU. Any transfer outside the EU is protected by:
- European Commission adequacy decisions
- Standard contractual clauses (SCCs)
- Other appropriate safeguards under the GDPR
10. Contact us & policy updates
Supervisory authority
Commission Nationale pour la Protection des Données (CNPD)
Luxembourg
cnpd.public.lu
This privacy policy was last updated in December 2024. We may update it periodically and will notify you of significant changes by email or through a notice on the website.
Questions about your data?
Contact us for any privacy-related request or to exercise your data protection rights.
Contact us