PRIVACY POLICY
KC-ToThePoint Academy · academy.kc-tothepoint.com
Version: June 2026
1. Who are we?
KC-ToThePoint (trade name of Rouw&), based in Castricum, the Netherlands, Chamber of Commerce number 64398900, is the data controller for personal data processed via academy.kc-tothepoint.com.
Contact details:
- Email: info@kc-tothepoint.com
- Website: www.kc-tothepoint.com
- Address: Castricum, the Netherlands
2. What data do we process?
Upon registration and purchase
- First and last name
- Email address
- Password (stored encrypted)
- Billing address (if provided)
- Payment information (processed by Mollie — we do not store full payment details)
During use of the learning environment (LearnDash)
- Progress data per course and lesson
- Quiz results and certificates obtained
- Time and duration of course visits
Technical and analytical
- IP address (anonymised)
- Browser type and device data
- Page visits and click behaviour (via functional cookies)
3. Why do we process your data?
Performance of contract: processing your order, providing access to purchased courses, issuing certificates.
Legal obligation: retention of financial records (7 years, in accordance with Dutch tax law).
Legitimate interest: website security, fraud prevention, technical management.
Consent: when you subscribe to our newsletter (separate opt-in required).
4. How long do we retain your data?
- Account data: for as long as your account is active, plus a maximum of 2 years after inactivity.
- Financial records: 7 years (statutory retention obligation).
- Course progress and certificates: for as long as your account is active.
- Technical logs: maximum 90 days.
5. Third parties
We use the following external service providers who may process personal data on behalf of KC-ToThePoint:
- Mollie Payments B.V. — payment processing (GDPR-compliant, based in the Netherlands)
- WP Engine / hosting provider — server hosting and storage
- LearnDash — learning management system (LMS), part of WordPress
- WPML — multilingual website infrastructure
Data processing agreements have been concluded with all processors, or standard contractual clauses apply. We do not sell your data to third parties.
6. Your rights
You have the following rights under the GDPR:
- Right of access to your personal data
- Right to rectification of inaccurate data
- Right to erasure (‘right to be forgotten’)
- Right to restriction of processing
- Right to data portability
- Right to object to processing
You can exercise your rights by sending an email to info@kc-tothepoint.com. We will respond within 30 days.
7. Cookies
Academy.kc-tothepoint.com uses cookies. We place only:
- Functional cookies: necessary for login, shopping cart and course access (no consent required).
- Analytical cookies: anonymised usage statistics (no tracking of individual persons).
We do not place advertising cookies or third-party tracking cookies.
8. Security
Your data is protected by SSL/TLS encryption (HTTPS), encrypted password storage, server-level access security and regular backups. In the event of a data breach that risks your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.
9. Complaints
If you have a complaint about the processing of your personal data, please contact info@kc-tothepoint.com. You also have the right to lodge a complaint with the relevant supervisory authority. In the Netherlands: www.autoriteitpersoonsgegevens.nl
10. Changes
We reserve the right to amend this privacy policy. The most current version is always available at academy.kc-tothepoint.com/privacy-policy. We will notify you by email of any significant changes.