Privacy

Privacy Policy

Makru AI-tomation privacy policy covering data use, purposes, retention, security, and your rights.

Privacy Policy

Last updated: 2026-02-01

Makru AI-tomation (“Makru”, “we”) respects your privacy. This policy explains:

  • what personal data we process,
  • why we process it and on which legal basis,
  • who we share it with,
  • how long we retain it,
  • and your rights.

This policy applies to website visitors, leads/prospects, and (potential) customers. For processing we perform on behalf of customers in automation projects (as a “processor”), we agree separate terms (see “Processor & DPA”).

1) Controller

Makru AI-tomation
Website: https://www.makru.eu
Email: info@makru.eu
Chamber of Commerce (KvK): 99664534

2) Data we process

We only process data necessary for communication, service delivery, security, and (after consent) website improvement.

2.1 Contact & intake (submitted by you)

  • Name
  • Email address
  • Phone number (optional)
  • Company name and website (optional)
  • Tools/systems you use (optional)
  • Message/request content
  • Preferences (e.g., day/time)

2.2 Newsletter / updates (only if you request it)

If you request “playbooks/updates”, we process your email (and optionally name/company) to:

  • send updates,
  • and follow up on your request. You can unsubscribe at any time via an unsubscribe link (if enabled) or by emailing info@makru.eu.

2.3 Customer & project data (if you become a customer)

Depending on the engagement we may process:

  • contact details of involved persons (e.g., project owner)
  • scope, agreements, tickets/changes
  • integration settings and configuration IDs
  • workflow status, errors, operational logs (monitoring/support)
  • data that flows through your systems (only as needed; minimized/pseudonymized where possible)

2.4 Technical & security data (website & systems)

  • IP address (limited / anonymized where possible)
  • device/browser data
  • security and error logs (anti-spam, rate limiting, incident response)

2.5 Cookie & consent data

  • cookie preferences and consent status (via Klaro)
  • consent logs (proof of choices)

If you consent, we use analytics to understand which pages, CTAs, and routes perform well. See our cookie policy.

3) Purposes

We use data for:

  1. Contact, intake, and quoting
  2. Contract delivery (providing services)
  3. Support, monitoring, and improving delivered workflows (as agreed)
  4. Security, abuse prevention, fraud detection
  5. Website improvement and statistics (only where consent is required and granted)
  6. Administration and invoicing (where applicable)

We process personal data based on:

  • Contract / pre-contract steps (intake, quote, delivery)
  • Legitimate interests (security, basic operations)
  • Consent (non-essential cookies, analytics/session replay, marketing updates if configured as such)
  • Legal obligation (e.g., tax retention where applicable)

You can withdraw consent at any time; withdrawal does not affect past processing.

5) Cookies and similar technologies

For non-essential storage and analytics we request consent. You can manage preferences via the cookie banner/settings (Klaro) and your browser. See /en/cookies.

6) Sharing with third parties

We only share data with providers necessary for:

  • hosting and website delivery,
  • communication (email),
  • consent management (Klaro),
  • analytics (only after consent),
  • and service delivery tooling where needed.

We do not sell personal data.

Note: sub-processors can differ per project depending on the customer’s stack. Where we use sub-processors, we ensure appropriate agreements.

7) International transfers

Some providers may process data outside the EEA (e.g., US). Where applicable, we use appropriate safeguards (such as SCCs) or other lawful mechanisms depending on the provider and configuration.

8) Retention

We do not keep data longer than necessary:

  • Leads/contact: typically up to 12 months after last interaction (unless you become a customer)
  • Customer/project data: as needed for the engagement and support, plus legal obligations
  • Security logs: as short as possible (typically 30–90 days), unless incident investigations require more
  • Consent logs: as needed to evidence choices/consent

9) Security

We apply appropriate measures such as:

  • HTTPS
  • access control (least privilege)
  • logging/monitoring
  • backups where relevant
  • anti-spam/bot protection

No system is 100% secure; if something goes wrong, we act reasonably and in line with applicable law.

10) Automated decision-making

We do not make decisions with legal or similarly significant effects solely based on automated processing of website visits.

11) Your rights

Where applicable you have rights to:

  • access
  • rectification
  • erasure
  • restriction
  • objection
  • portability
  • withdraw consent

Cookie preferences can be changed via Klaro. For privacy requests: email info@makru.eu.

12) Complaints

You can file a complaint with your local data protection authority. You can also contact us first; we’ll try to resolve it together.

13) Processor & DPA (customer projects)

In automation projects we may process personal data on behalf of a customer. In that case the customer is typically the controller and Makru acts as processor. We agree on:

  • scope and purpose,
  • security,
  • sub-processors,
  • retention,
  • and assistance for incidents/requests. These terms are included in the agreement and/or a data processing addendum.

14) Changes

We may update this policy. The latest version is always available on makru.eu.

15) Contact

Questions or requests: info@makru.eu