Privacy Policy

Last updated: March 2026

1. Data Controller

PVI (Praktijk voor Injectables), based in Nijmegen, the Netherlands, is the data controller for personal data collected through Prioris.me. For billing-related data, Paddle.com Market Ltd acts as an independent data controller.

2. Data We Collect

We collect the following categories of personal data:

  • Account data: email address, display name, professional role
  • Usage data: pages visited, features used, domain preferences, search queries, content interactions
  • Device data: browser type, operating system, IP address (anonymized)
  • Billing data: processed by Paddle.com — we do not store payment card details

3. How We Use Your Data

  • To provide and personalize the Service (content ranking, digest curation)
  • To communicate with you (digest emails, alerts, account notifications)
  • To improve the Service (analytics, product development)
  • To process payments (via Paddle.com)
  • To comply with legal obligations

4. Legal Basis (GDPR)

We process your data based on:

  • Contract performance: providing the Service you subscribed to
  • Legitimate interest: improving our Service, product analytics
  • Consent: marketing communications, optional cookies
  • Legal obligation: tax and accounting requirements

5. Data Processors

We use the following third-party services:

  • Supabase (EU region) — authentication and database hosting
  • Vercel — website hosting and content delivery
  • Paddle.com — payment processing and billing
  • PostHog (EU hosted) — product analytics
  • Resend — transactional email delivery

6. Data Retention

Account data is retained for the duration of your account plus 30 days after deletion. Usage data is anonymized after 26 months. Billing records are retained for 7 years as required by Dutch tax law.

7. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the Autoriteit Persoonsgegevens (Dutch DPA)

To exercise these rights, contact us at privacy@prioris.me.

8. Cookies

We use essential cookies for authentication and session management. Analytics cookies (PostHog) are only set with your consent. You can manage your cookie preferences at any time through the cookie banner or your browser settings.

9. International Transfers

Your data is primarily processed within the EU/EEA. Where data is transferred outside the EEA (e.g., to US-based sub-processors), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions.

10. Contact

For privacy-related questions or data requests, contact us at privacy@prioris.me.