NAALA | Not An Average Legal Advisor

Not an Average Privacy and Cookie Statement

/ Your trusted partner in information security, data protection and quality regulations. At NAALA B.V., we go by “NAALA,” “us,” or “we” for simplicity. We are strongly committed to protecting your personal data. This Privacy Statement outlines our practices for collecting, handling, and respecting your personal data, as well as your rights concerning our data processing.

/ Your data, our responsibility. As a data controller, NAALA upholds your data privacy. This means full transparency in the collection, management, and protection of your personal data, along with guidance on exercising your rights.

You’re welcome to request that NAALA stop processing or erase your data at any time. Discover more about your rights in the sections below.

/ The kind of personal data NAALA processes. Personal data pertains to any information about a living individual who can be identified. Here’s what we collect from you:

  • Contact Information (like your name and email address)

We gather this data for our legitimate interest in addressing inquiries or comments received via our website, e-mail or by phone, as well as in pre-contractual and contractual phases with our clients, ensuring we can fulfil our agreements.

/ NAALA’s single-minded use of your data. We believe in “sharing is caring,” but not when it comes to your personal data. We only rely on trusted software suppliers and a hosting party to provide us with services essential for delivering our own. They may – as our processors – receive personal data from you. To this end, we make appropriate arrangements with all our software suppliers and our hosting party in Data Processing Agreements.

When our suppliers transfer data to third countries, for instance, due to their data centres’ locations, we always enter into Standard Contractual Clauses (SCCs) with them.

/ Secure handling and retention of your data by NAALA. Data security is paramount to us. We employ robust technical and organizational safeguards, such as limited access rights, clean desk policies, clear screen protocols, and our suppliers’ robust technical measures.

We also adhere to the principle of data minimization, retaining your information only as long as necessary – typically six months after your request has been addressed or a year post our client relationship. Some data is retained for seven years due to financial and/or fiscal obligations.

/ That’s how the cookie crumbles. Currently, NAALA’s website doesn’t use cookies. A cookie is a small file that is stored on your device to, for example, make using the website easier for you. NAALA may start using cookies in future. If so, we will inform you by updating this Privacy Statement.

/ Your rights regarding personal data. It goes without saying that you have rights regarding the personal data we process from you. These are the following:

Curiosity is natural. You have the right to access your personal data that we hold. It’s like having a transparent window into the data we process about you.

Nobody’s perfect. If you find that your personal data with us is inaccurate or incomplete, you can ask us to correct it.

Sometimes, it’s time to move on. Under certain conditions, such as when the data is no longer necessary or you withdraw your consent, you can ask us to erase your personal data.

It’s about choices. You can request that we limit the way we use your personal data – a middle ground between using your data and erasing it completely.

Your voice matters. Under circumstances, you can object to the processing of your personal data, especially if it’s for direct marketing purposes.

Take your data wherever you go. You have the right to receive your personal data in a structured and standard format or even have it transferred to another organization.

You’re more than just a number. You can object to decisions made about you based solely on automated processing, including profiling, which has significant effects on you. While we embrace automation, we do not engage in automated decision-making or profiling in the context of decision-making based on personal data processing.

You’re in control. If you’ve given us consent to process your personal data for certain activities, you can always withdraw this consent at any time. It’s as simple as letting us know your change of heart. Please note that for both the NAALA website and for our clients, we do not process personal data based on consent.

Visit the Dutch Supervisory Authority’s website or contact us at to exercise these rights.

/ In case of complaints. Should you ever have concerns about our data processing, feel free to email us at You also have the right to approach the Autoriteit Persoonsgegevens with your complaints.

/ Children’s data. We understand that (and are strong advocates for) children deserve special protection when it concerns the processing of their personal data in a digital environment. We do not intentionally process data of children under 16. If such data is inadvertently collected, it will be promptly deleted.

/ Updates. We may revise this Privacy Statement occasionally. Stay informed by checking it regularly.

Version: December 2023

Looking to create your own privacy statement?

For those interested in crafting their own privacy statements, seeking Data Processing Agreements or delving deeper into data protection topics, we invite you to explore our comprehensive Knowledge Center. Our expert insights can guide you through the nuances of data privacy.