Privacy Policy

Last updated: [TODO: set date before publishing]

This is a draft privacy policy for an early, informal version of The Dad Collective. It is written to reflect what the site currently does, but it has not been reviewed by a lawyer. Please review and, ideally, have it checked by someone with GDPR/privacy expertise before the site goes live, and fill in the [TODO] placeholders below.

Who is responsible for your data

The Dad Collective is currently an informal community initiative, not a registered legal entity. The person responsible for the data described below (the "data controller" under the GDPR) is:

[TODO: your name]
[TODO: contact address or city/country]
Email: hello@thedadcollective.nl

What we collect

If you use the "Stay up to date" form on the homepage, we collect the name and email address you enter, and the date/time you submitted the form. We don't collect anything else about you through this site — no tracking pixels, no analytics cookies, no third-party advertising scripts.

Why we collect it, and our legal basis

We use your name and email address solely to send you updates about The Dad Collective meetups (e.g. announcements of new events). Our legal basis for this is your consent (GDPR Art. 6(1)(a)), which you give by ticking the consent checkbox and submitting the form.

We use a "double opt-in" process: after you submit the form, we send a confirmation email with a link you must click before we treat your consent as confirmed. This is both a GDPR best practice (provable consent) and a requirement under Dutch law (Telecommunicatiewet) for sending marketing email.

Who else sees your data

Nobody. Your data is stored only in this site's own database and is not shared with, sold to, or processed by any third-party service or advertiser. [TODO: if you later use a mailing list provider (Mailchimp, Brevo, etc.), a hosting provider outside the EU, or any other third-party processor, list them here together with a link to their privacy policy and, where relevant, your Data Processing Agreement with them.]

How long we keep it

If you don't confirm your subscription, we delete unconfirmed sign-ups after [TODO: e.g. 30 days]. If you confirm, we keep your name and email until you unsubscribe or ask us to delete it — every email we send includes an unsubscribe link, and clicking it permanently deletes your record from our database immediately.

Cookies

This site only uses strictly necessary cookies required for it to function (such as a CSRF-protection cookie when you submit the sign-up form). We do not use analytics, advertising, or tracking cookies, so no cookie consent banner is shown.

Your rights

Under the GDPR, you have the right to:

  • Ask what data we hold about you (right of access)
  • Ask us to correct inaccurate data (right to rectification)
  • Ask us to delete your data (right to erasure) — or just use the unsubscribe link in any email
  • Withdraw your consent at any time, which stops all further processing
  • Lodge a complaint with your national data protection authority — in the Netherlands, the Autoriteit Persoonsgegevens

To exercise any of these rights, email hello@thedadcollective.nl.

Changes to this policy

If this policy changes materially, we'll update the "last updated" date above.