Privacy, Cookie & Legal Policy

Welcome to SaitS. We value your privacy and ensure that your personal data is carefully processed and secured. In this privacy policy, we explain what data we collect, how we use it, and what rights you have.

We do not retain your personal data longer than strictly necessary for the purposes for which it was collected. In practice, this means we retain data:

• Account data: Up to 90 days after account deletion
• Invoice data: 7 years (legal retention requirement)
• Marketing data: Until withdrawal of consent

We reserve the right to modify this privacy policy. Changes will be published on this page. Therefore, please check our privacy policy regularly.

Cookies are small text files that are placed on your device when you visit our website. These files contain information about your preferences and browsing behavior.

This cookie policy may be adjusted to changing circumstances or regulations. The most current version can always be found on this page.

This website and all services, products, software, content, tools, APIs, and platforms (collectively "Services") provided by SaitS B.V. ("the Company", "we", "us", "our"), registered at the Chamber of Commerce in Amsterdam, the Netherlands, are provided on an "as is" and "as available" basis. By accessing or using any of our Services, you ("User", "you", "your") acknowledge that you have read, understood, and agree to be bound by these terms. If you do not agree, you must immediately cease all use of the Services.

The Company makes no warranties, express or implied, including but not limited to: (a) warranties of merchantability or fitness for a particular purpose; (b) warranties that the Services will be uninterrupted, timely, secure, or error-free; (c) warranties regarding the accuracy, reliability, or completeness of any information; (d) warranties that defects will be corrected; (e) warranties that the Services are free of viruses or harmful components. Any reliance on the Services is entirely at your own risk.

To the fullest extent permitted by applicable law, including but not limited to Dutch law, EU law, and the laws of any jurisdiction in which the Services are accessed, SaitS B.V., its directors, officers, employees, shareholders, affiliates, subsidiaries, parent companies, agents, contractors, suppliers, licensors, successors, and assigns shall not be liable for any:

• Direct, indirect, incidental, special, consequential, or punitive damages
• Loss of profits, revenue, data, business opportunities, or goodwill
• Cost of procurement of substitute services
• Damages arising from unauthorized access to or alteration of your data
• Damages arising from service interruptions, downtime, or system failures
• Damages resulting from any third-party actions, products, or services
• Any other damages, regardless of legal theory (contract, tort, strict liability, or otherwise)

In any event, the total aggregate liability of SaitS B.V. for all claims arising out of or relating to the use of the Services shall not exceed the amount paid by you to SaitS B.V. in the twelve (12) months preceding the claim, or fifty euros (€50), whichever is greater. This limitation applies even if SaitS B.V. has been advised of the possibility of such damages.

You agree to indemnify, defend, and hold harmless SaitS B.V. and its directors, officers, employees, affiliates, agents, contractors, licensors, suppliers, successors, and assigns from and against any and all claims, demands, actions, suits, proceedings, damages, obligations, losses, liabilities, costs, debts, and expenses (including but not limited to reasonable attorney's fees, court costs, and expert witness fees) arising from or related to: (a) your use of or inability to use the Services; (b) your violation of any terms in this document; (c) your violation of any third party rights, including intellectual property rights; (d) your violation of any applicable law, rule, regulation, or governmental order; (e) any content you submit, post, or transmit through the Services; (f) any misrepresentation made by you; (g) any claims made by third parties in connection with your use of the Services. This indemnification obligation will survive the termination of your use of the Services.

SaitS B.V. processes personal data in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Dutch Implementation Act (Uitvoeringswet AVG, "UAVG"), the ePrivacy Directive 2002/58/EC, and all other applicable data protection legislation. As data controller, we commit to the following principles:

• Lawfulness, fairness, transparency: Data is processed lawfully, fairly, and transparently. We always inform you about data processing.
• Purpose limitation: Data is collected for specified, explicit, and legitimate purposes only.
• Data minimization: We only collect data that is adequate, relevant, and necessary.
• Accuracy: Data is kept accurate and up to date.
• Storage limitation: Data is kept no longer than necessary.
• Integrity & confidentiality: Appropriate security measures protect all personal data.
• Accountability: We demonstrate compliance with all principles through documentation and audit trails.

Legal bases for processing: We process personal data based on: (a) your explicit consent (Art. 6(1)(a) GDPR); (b) performance of a contract (Art. 6(1)(b)); (c) legal obligations (Art. 6(1)(c)); (d) legitimate interests (Art. 6(1)(f)), subject to a balancing test. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

Where SaitS B.V. acts as a data processor on behalf of a client, processing is governed by a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR. We maintain a register of processing activities (Art. 30 GDPR). All sub-processors used by SaitS B.V. are contractually bound to the same level of data protection. Sub-processors are only engaged after appropriate due diligence and with adequate contractual safeguards including Standard Contractual Clauses (SCCs) where applicable.

Data breach notification: In the event of a personal data breach, SaitS B.V. will notify the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) within 72 hours of becoming aware of the breach (Art. 33 GDPR), unless the breach is unlikely to result in a risk to your rights and freedoms. If the breach is likely to result in a high risk, we will also notify you directly (Art. 34 GDPR).

Personal data processed by SaitS B.V. is stored and processed primarily within the European Economic Area (EEA). In the event that data is transferred outside the EEA, we ensure adequate protection through: (a) transfers to countries with an adequacy decision by the European Commission (Art. 45 GDPR); (b) Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46(2)(c) GDPR); (c) Binding Corporate Rules (Art. 47 GDPR) where applicable; (d) explicit consent after being informed of the possible risks (Art. 49(1)(a) GDPR). We regularly assess the level of protection in third countries and implement supplementary measures where necessary, in line with the Schrems II ruling (CJEU C-311/18).

SaitS B.V. operates in compliance with all applicable Dutch and European Union regulations, including but not limited to: the General Data Protection Regulation (GDPR/AVG), the Dutch Telecommunications Act (Telecommunicatiewet), the ePrivacy Directive, the Digital Services Act (DSA), the Digital Markets Act (DMA), the NIS2 Directive, the Dutch Civil Code (Burgerlijk Wetboek), and the Consumer Rights Directive 2011/83/EU.

The competent supervisory authority for data protection matters is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority), Bezuidenhoutseweg 30, 2594 AV Den Haag, the Netherlands (www.autoriteitpersoonsgegevens.nl). You have the right to lodge a complaint with the Autoriteit Persoonsgegevens or with the supervisory authority of the EU member state in which you reside or work, or where the alleged infringement took place.

For consumers (natural persons acting outside their trade, business, or profession) within the European Union, the following consumer protection provisions apply in addition to all other terms:

• Right of withdrawal: For digital services and subscriptions, you have a 14-day cooling-off period from the date of purchase, in accordance with Directive 2011/83/EU. This right may be waived for digital content delivery with your explicit consent.
• Mandatory consumer rights under Dutch and EU law cannot be excluded or limited by these terms.
• The European Online Dispute Resolution platform (ODR) is available at https://ec.europa.eu/consumers/odr for online dispute resolution.
• Use of the Services is entirely voluntary. SaitS B.V. is not responsible for any loss, damage, or cost incurred through voluntary use of our free or paid Services.

SaitS B.V. shall not be liable for any failure or delay in performance of its obligations arising out of or caused by circumstances beyond its reasonable control, including but not limited to: acts of God, natural disasters, epidemics, pandemics, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, earthquakes, power outages, internet or telecommunications failures, cyberattacks, DDoS attacks, software vulnerabilities, hardware failures, supply chain disruptions, labor disputes, government actions, regulatory changes, sanctions, or any other force majeure event. During such events, SaitS B.V.'s obligations shall be suspended for the duration of the force majeure event.

If any provision of these terms is found to be unenforceable, invalid, or illegal by a court of competent jurisdiction, the remaining provisions shall remain in full force and effect. The invalid provision shall be replaced by a valid provision that comes closest to the intent and economic effect of the original provision.

These terms, the Privacy Policy, the Cookie Policy, and any other legal notices published on the website constitute the entire agreement between you and SaitS B.V. These terms are governed by and construed in accordance with the laws of the Netherlands, without regard to its conflict of law provisions. Any disputes arising out of or in connection with these terms shall be submitted to the exclusive jurisdiction of the competent courts in Amsterdam, the Netherlands.

For consumers residing in the EU: this choice of law and jurisdiction does not deprive you of the protection afforded by the mandatory provisions of the law of your country of habitual residence, in accordance with Article 6(2) of the Rome I Regulation (EC) No 593/2008.

AI migration services are delivered under strict GDPR/AVG compliance with a Data Processing Agreement (DPA) included. All data processing occurs on European AWS infrastructure. SAITS follows the EU AI Act (2024/1689) guidelines for responsible AI integration.

You retain full ownership of your data and processes. SAITS does not use your business data for AI model training. Migration assessments are confidential and covered by NDA upon request. All deliverables include security audits and compliance documentation.

All analytics services are delivered under strict GDPR/AVG compliance. A Data Processing Agreement (DPA) is included with every engagement. Your business data remains on European AWS infrastructure and is never shared with third parties.

SAITS applies privacy-by-design principles to all data analysis. You retain full ownership of your data and insights. Analyses are confidential and covered by NDA upon request. We comply with all applicable EU and Dutch data protection regulations.

All security services are delivered under strict GDPR/AVG compliance and covered by NDA. Penetration test reports and vulnerability assessments are confidential. A Data Processing Agreement (DPA) is included with every engagement involving access to systems or data.

SAITS security consultants hold industry certifications and follow responsible disclosure practices. All findings remain strictly between SAITS and the client. We comply with ISO 27001 standards, the NIS2 Directive, and applicable Dutch and EU cybersecurity regulations.

All training services are delivered under GDPR/AVG compliance. Training materials are confidential and may not be redistributed without written consent. A Data Processing Agreement (DPA) is included when personal data is involved.

SAITS trainers operate under NDA for any proprietary business information shared during sessions. Certificates of completion are issued per participant. Custom training content remains the intellectual property of SAITS unless otherwise agreed in writing.

SAITS AI Bots comply with the EU AI Act (2024/1689) and operate under full GDPR/AVG data processing agreements. All models run self-hosted on European AWS infrastructure — your data never leaves the EU and is never shared with third-party AI providers.

A Data Processing Agreement (DPA) is included with every plan. Human handoff and oversight are guaranteed per Article 14 EU AI Act. SAITS does not use client conversations or knowledge base data for model training. You retain full ownership and can request deletion at any time.

SAITS Brain is designed to comply with the EU AI Act (2024/1689) and operates under full GDPR/AVG data processing agreements. All AI models run on European AWS infrastructure — no data leaves the EU.

A Data Processing Agreement (DPA) is included with every engagement. Human oversight is guaranteed per Article 14 EU AI Act. SAITS does not use client data for model training without explicit consent.

Applies to: SAITS Radio, G-Force Radio

Audio broadcasting requires valid music licensing. As the station operator, you are responsible for Buma/Stemra (composition rights) and Sena (neighboring rights) payments in the Netherlands, or equivalent licensing bodies in your jurisdiction. SAITS provides the streaming infrastructure only — not broadcasting licenses.

You must comply with Agentschap Telecom regulations and applicable media legislation (Mediawet). All listener data is processed under GDPR/AVG on European AWS infrastructure with a Data Processing Agreement (DPA) included.

Music creation and distribution requires compliance with copyright law. You retain 100% ownership of original compositions created with SAITS Music. However, you are responsible for Buma/Stemra (composition rights) and Sena (neighboring rights) registrations and payments when distributing or publicly performing your music.

AI-generated content may have specific licensing implications — consult a music lawyer for commercial releases. SAITS does not claim rights to your creations. All data is processed under GDPR/AVG on European AWS infrastructure with a Data Processing Agreement (DPA) included.

SAITS NFT Ticket Services operates under EU consumer protection regulations (Directive 2011/83/EU) and the Markets in Crypto-Assets Regulation (MiCA). NFT tickets are utility tokens — not financial instruments or investment products.

Event organizers remain responsible for event delivery and refund policies. SAITS provides the technical infrastructure only. All personal data is processed in accordance with GDPR/AVG. Smart contracts are audited and open for verification.

SAITS Insides processes website analytics data under strict GDPR/AVG compliance. All data is stored on European AWS infrastructure. A Data Processing Agreement (DPA) is included with every subscription.

Analytics data is collected with privacy-by-design principles. No personal data is sold or shared with third parties. You retain full ownership of your data and can request deletion at any time per Article 17 GDPR.

SAITS GIT is self-hosted on European AWS infrastructure under GDPR/AVG compliance. Source code and repositories remain your intellectual property. A Data Processing Agreement (DPA) covers all stored data.

You are responsible for ensuring your code complies with applicable open-source licenses and export control regulations (EAR/ITAR). SAITS does not access, review, or use your source code. All data is encrypted at rest (AES-256) and in transit (TLS 1.3).

SAITS RPC infrastructure runs on European AWS regions under GDPR/AVG compliance. Service Level Agreements (SLA) with guaranteed uptime are included. A Data Processing Agreement (DPA) covers all transmitted data.

SAITS does not log, inspect, or store the content of RPC calls. All traffic is encrypted with TLS 1.3. Infrastructure is monitored 24/7 with automated incident response. Fair use policies apply to prevent abuse.

SAITS Solana RPC provides blockchain infrastructure only — not financial advice, investment recommendations, or custodial services. SAITS is not a financial institution and does not hold, transfer, or manage digital assets on your behalf.

This service operates in compliance with GDPR/AVG and the EU Markets in Crypto-Assets Regulation (MiCA) where applicable. All infrastructure runs on European AWS regions. You are responsible for ensuring your use of blockchain technology complies with applicable laws in your jurisdiction.

SAITS Communications aggregates data from your connected SAITS products under strict GDPR/AVG compliance. All data remains on European AWS infrastructure. Access controls follow the principle of least privilege.

A Data Processing Agreement (DPA) covers all aggregated data. SAITS does not sell, share, or use your operational data for any purpose beyond service delivery. You retain full data ownership and portability rights per GDPR Articles 17 and 20.

WP-Automated handles your website data migration under strict GDPR/AVG compliance. A Data Processing Agreement (DPA) is included with every migration. All data is processed and stored on European AWS infrastructure only.

You are responsible for ensuring you have the right to migrate all content, including images, plugins, and themes with valid licenses. SAITS does not retain copies of your data after migration is complete. Automated rollback is available for 30 days post-migration.