Last edited: November 22, 2023

In this privacy statement, Astrid Martirossian wants to provide clear and transparent information about how she handles personal data.
Astrid Martirossian attaches great importance to safeguarding your privacy and will always handle your personal data carefully in accordance with the applicable laws and regulations, including the General Data Protection Regulation (GDPR). This includes:
•  Processing your personal data in accordance with only the purpose for which they were provided, these goals and type of personal data are described in this privacy statement;
•  Limit the processing of your personal data to only those data that are minimally required for the purposes for which they are processed;
•  Ask for your explicit consent if this is necessary for the processing of your personal data;
•  Appropriate technical and organizational measures so that the security of your personal data is guaranteed;
•  Do not pass on personal data to other parties, unless this is necessary for the execution of the purposes for which they were provided;
•  To be aware of your rights regarding your personal data, to point this out to you and to respect them.
Astrid Martirossian is responsible for the processing of personal data as shown in this privacy statement.
If you have questions about this or wish to contact me, please send an email to hello@astridmartirossian.com.
Company name: Astrid Martirossian
Contact person: Astrid Martirossian
Address: Formosastraat 24A, 2315 GW Leiden, The Netherlands
E-mail: hello@astridmartirossian.com
Phone: +316 40 68 12 11
CoC: 66649137
VAT ID: NL002327209B14

Processing of personal data
I process your personal data because you use my services, and/or because you provide this data to me yourself, and/or because I request it from you. Below you will find an overview of the personal data that I process.
From private customers is collected:
•  First and last name
•  Address data
•  Phone number
•  E-mail address
•  IBAN
From business customers is collected:
•  Company name
•  First and last name of contact person(s)
•  Address data
•  Phone number
•  E-mail address
•  IBAN
•  VAT identification number (only if there is a delivery to another EU member state)
I process your personal data in a structural manner, only for the following purposes:
1.   Communication about an agreed or potential assignment, or significant changes to my policy; on the basis of contractual necessity and legitimate interests.
2.   Handling payments; on the basis of contractual necessity.
3.   Administrative retention obligation, including time registration and the sending of invoices and quotations; on the basis of compliance with legal obligations.
4.   For the proper execution of agreed projects, I keep a digital and a paper agenda (in the vast majority of cases this only includes a (company) name of the personal data); on the basis of contractual necessity.
5.   Building a relevant business network based on contact details provided by you voluntarily (and exclusively for this purpose) by email or business card; on the basis of legitimate interests.
6.   To promote my own work (marketing interest) I use platforms, including a personal website and online video services, which mention full credits per project, i.e. names of persons/parties I have worked with and company names of corporate clients (NOT of private clients); on the basis of legitimate interests.
Due to the nature of the first four purposes mentioned, it is mandatory that you provide the aforementioned personal data, such as name, address and IBAN, to me when requested. If you do not do this, it is not possible to enter into an agreement and you will not be able to use the services offered by me.

Automated decision making
I do NOT take decisions based on automated processing on matters that can have (significant) consequences for people. These are decisions taken by computer programs or systems, without human intervention.

Duration of the storage of personal data
I do not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected. In connection with the administrative retention obligation of the Dutch Tax and Customs Administration, your collected personal data is stored for 7 years for the first four purposes mentioned. Then they are destroyed.
Keep in mind that the retention obligation also includes correspondence with customers. This is limited to written correspondence: only the most important e-mails are kept.
For the fifth purpose mentioned, building up a business network, personal data that I do not use (or no longer use) for more than 3 years will be destroyed immediately.
In case of the sixth mentioned goal, the promotion of your own work, any credits from cooperation partners/customers will remain with the item to which they belong, until it is removed from the website.

Sharing of personal data with third parties
I will not sell your information to third parties and will only provide it if this is necessary for the execution of the agreement with you or to comply with a legal obligation. Processor agreements have been concluded with parties that process your data on my behalf to ensure the same level of security and confidentiality of your data. I remain responsible for these processing operations. These parties are:
•  CijferMeester: accountant
•  MoneyMonk: online accounting program
•  iXL Hosting: website hosting & mailing (OX Suite)

Cookies or similar techniques
Cookies are used for the best possible functioning of my website and social media. A cookie is a small file that is sent by my website and placed on peripheral equipment by your browser. You can disable or delete cookies yourself via your browser settings.
•  YouTube: content on YouTube (Google) is embedded on the website. Google places cookies to show advertisements. More information about Google cookies can be found here.
Maximum retention period: 38 months.
•  Vimeo: content on Vimeo is embedded on the website. Vimeo places cookies to collect data from website visitors. More information about Vimeo cookies can be found here.
Maximum retention period: 2 years.
•  Facebook: I have a Facebook page and Instagram Business account (Facebook) for managing my community. Facebook places cookies there that provide (anonymous) statistics. More information about Facebook cookies can be found here.
Maximum retention period: 2 years.

View, modify or delete data
You have the right to view, correct or delete your personal data. You also have the right to withdraw your consent to the data processing or to object to the processing of your personal data by me and you have the right to data portability. This means that you can submit a request to me to send the personal data that I have about you in a computer file to you or another organization mentioned by you.
You can send a request for access, correction, deletion, data transfer of your personal data or request for cancellation of your consent or objection to the processing of your personal data to hello@astridmartirossian.com.
I will respond to your request as soon as possible, but in any case within four weeks.
I would also like to point out that you have the opportunity to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. You can do that via this link.

Security of personal data
I take the protection of your data seriously and take appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. The most important of these measures are:
•  Setting unique, strong and regularly renewed passwords and, where possible, two-factor authentication.
•  Using encryption on devices where personal data is stored.
•  Using zero-knowledge cloud storage services where absolutely no one except Astrid Martirossian has access to files containing personal data.
•  Using a VPN for all internet connections, including to process personal data.
If you feel that your data is not properly secured or there are indications of abuse, please contact me at:
hello@astridmartirossian.com.