Circular Intelligence

Legal

Privacy Policy

How we handle personal data when you visit this site or contact us.

Last updated: 11 June 2026

This policy explains what personal data Circular Intelligence collects, why we collect it, how we use it, and the rights you have under the EU General Data Protection Regulation (GDPR) and the Dutch Uitvoeringswet AVG (UAVG). It applies to this website and to any related correspondence or services.

Who we are (data controller)

The data controller responsible for your personal data is:

Circular Intelligence
Trade name of Forrest Strategy (eenmanszaak)
Voorburgstraat 234, 3037 BS Rotterdam, Netherlands
KvK (Dutch Chamber of Commerce): 24489395
Establishment number: 000009509127
Email: hello@circularintelligence.io

What data we collect

Data you provide

  • Contact details (name, email address, organisation) when you email us, fill in a form, or book a conversation.
  • Any information you choose to share in the body of a message or during a meeting.
  • Responses to optional diagnostics or readiness questionnaires.

Data collected automatically

  • Basic technical information your browser sends (IP address, user agent, referring page, requested URL) for security, abuse prevention, and aggregated analytics.
  • Strictly necessary cookies and local storage required to operate the site (see our Cookie Notice).

Why we use it (purposes and lawful basis)

  • Responding to enquiries — to reply to messages and provide requested information. Lawful basis: our legitimate interest in operating the business, or steps taken at your request prior to entering a contract.
  • Delivering services — to perform agreed work (assessments, advisory, project support). Lawful basis: performance of a contract.
  • Site operation and security — to keep the site available and protect it from abuse. Lawful basis: legitimate interest.
  • Legal and tax obligations — to keep records required by Dutch law. Lawful basis: legal obligation.

Who we share it with

We do not sell personal data. We share it only with processors that help us operate the site and the business, under written data processing agreements:

  • Hosting and content delivery providers for this website.
  • Email and productivity tools used to manage correspondence.
  • Authorities or advisors where required by law (for example, the Belastingdienst for tax purposes).

Where a provider is located outside the European Economic Area, transfers are covered by an adequacy decision or by the European Commission's Standard Contractual Clauses.

How long we keep it

  • Enquiry correspondence: up to 24 months after our last contact, unless a client relationship begins.
  • Client records and project files: 7 years after the end of the engagement, in line with Dutch tax retention rules.
  • Server logs: typically up to 90 days, longer only where needed for security investigations.

Your rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data where one of the GDPR grounds applies.
  • Restrict or object to certain processing, including processing based on legitimate interest.
  • Receive your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email hello@circularintelligence.io. You also have the right to lodge a complaint with the Dutch Data Protection Authority, the Autoriteit Persoonsgegevens.

Security

We apply technical and organisational measures appropriate to the nature of the data, including encryption in transit, access controls, and vendor due diligence. No system is perfectly secure; if you believe your data has been compromised, please contact us.

Changes to this policy

We may update this policy to reflect changes to the site, our services, or applicable law. The "last updated" date at the top of this page indicates when the most recent change took effect.