Privacy Policy

At Thinkagain.nl, we value privacy. We only collect data we truly need, don't retain it longer than necessary, and never share it with third parties for commercial purposes. In this privacy policy, we clearly explain which data we collect through our website and mobile app, why we do so, and what your rights are.

1. Who are we?

Thinkagain.nl is a trade name of Think again. B.V., a Dutch private limited company with its registered office in Rotterdam, registered with the Dutch Chamber of Commerce (KvK) under number 42043713. Think again. B.V. is the data controller within the meaning of the GDPR. We offer inspiration sessions, workshops, training courses and consultancy services in the field of AI and marketing. This privacy policy applies to our website (thinkagain.nl) and our mobile app (Think again. for iOS).

• Website: thinkagain.nl
• Email: info@thinkagain.nl

For questions about privacy, you can always reach us at the email address above.

2. What data do we collect?

We collect personal data in the following situations:

Contact form

When you fill in our contact form, we collect your name, email address, subject and message. We use this data solely to respond to your inquiry.

Newsletter

When you subscribe to our newsletter, we collect your email address. We use this only for sending our newsletter. You can unsubscribe at any time via the link at the bottom of each newsletter.

Workshop and training registrations

When registering for a workshop or training, we ask for your name, email address, phone number, company name, job title and any billing details. We use this data for organizing the training, communicating with participants and invoicing.

Account (dashboard)

When you create an account for our learning platform, we collect your name, email address and profile photo (optional). We use this data to give you access to courses and track your progress.

Mobile app

Our mobile app provides access to our articles and insights. The app does not collect personal data and does not require an account or login credentials.

If you enable push notifications, we store an anonymous device token to send notifications about new articles. This token cannot be traced back to you as a person. We also store the platform (iOS or Android) and the time of last activity. You can disable push notifications at any time through your device settings.

The app stores a limited amount of technical data locally on your device (such as session settings) needed for the app to function properly. This data does not leave your device.

The app contains no tracking, analytics or advertisements.

LinkedIn integration (dashboard)

If you are an admin or editor, you can connect your LinkedIn account from the dashboard so you can publish posts to your own LinkedIn profile via Thinkagain.nl. We use LinkedIn's official OAuth 2.0 flow with the scopes openid, profile, email and w_member_social (posting on your behalf). Optionally you can also grant r_member_social to retrieve post statistics.

When you connect, we store the following data in our database (Supabase, EU): your LinkedIn name, email address, profile picture URL, your LinkedIn member URN and the OAuth tokens (access token and refresh token). The tokens are required to publish content on your behalf and are only accessible to your own account through row-level security.

We use this data exclusively for publishing posts that you create or schedule. We do not read feeds, connections or messages, and we do not share your LinkedIn data with any other third parties.

You can disconnect the integration at any time from the dashboard. On disconnect, we revoke your tokens with LinkedIn and remove the LinkedIn account from our database. Any scheduled but unpublished posts are reverted to draft.

3. Why do we collect this data?

We process personal data based on the following grounds:

• Performance of a contract: for delivering training courses, workshops and consultancy services you have registered for or purchased.
• Consent: for sending our newsletter. You can withdraw this consent at any time.
• Legitimate interest: for responding to contact requests and improving our website and services.

4. How long do we retain data?

We do not retain personal data longer than necessary for the purpose for which it was collected:

• Contact form: messages are deleted once communication is completed, with a maximum of 12 months.
• Newsletter: your email address is retained as long as you are subscribed. After unsubscribing, it is deleted within 30 days.
• Registrations: participant data is retained for up to 2 years after the training. Billing data is retained for 7 years in accordance with legal retention requirements.
• Accounts: account data is retained as long as your account is active. You can have your account deleted at any time.
• Push notification tokens (app): tokens are retained as long as they are active. Inactive tokens are periodically removed.
• LinkedIn integration: tokens and linked profile data (name, email, profile picture, member URN) are retained as long as your LinkedIn account is connected to Thinkagain.nl. Access tokens rotate every 60 days, refresh tokens every 365 days. On disconnect, all data is removed immediately.

5. Third-party services

We use a limited number of external services for the operation of our website. We have concluded data processing agreements with these parties where necessary:

• Supabase (hosting EU): for database, authentication and file storage. Data is stored in the EU.
• Vercel: for hosting our website.
• Resend: for sending transactional emails (such as contact form confirmations).
• Loops: for managing and sending our newsletter.
• ElevenLabs: for generating audio versions of our articles. Only the article text (no personal data) is processed.
• LinkedIn: for publishing posts to your own LinkedIn account, only if you explicitly enable this integration from the dashboard. See LinkedIn's privacy policy for more information on how LinkedIn handles your data.

We never share personal data with third parties for their own commercial purposes.

6. Cookies and local storage

Our website uses functional cookies that are necessary for the proper functioning of the website, such as session cookies for authentication. These cookies do not contain personal data and are not used for tracking or advertising purposes.

Our mobile app uses local storage (AsyncStorage) exclusively for technical purposes, such as remembering connection settings. No cookies or tracking are placed in the app.

We do not place tracking cookies and do not use advertising networks, neither on the website nor in the app. If we add analytical cookies or analytics in the future, we will ask for consent in advance.

7. Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss or theft. This includes encrypted connections (HTTPS), secured databases with row-level security and restricting access to personal data to only those who need it.

8. Your rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access: you may request which data we hold about you.
• Right to rectification: you may have incorrect data corrected.
• Right to erasure: you may ask us to delete your data.
• Right to restriction: you may ask us to restrict the processing of your data.
• Right to data portability: you may request your data in a common format.
• Right to object: you may object to the processing of your data.

You can exercise your rights by sending an email to info@thinkagain.nl. We will respond to your request within 30 days.

9. Complaints

Do you have a complaint about how we handle your data? Please contact us first so we can work together to find a solution. You also always have the right to file a complaint with the Dutch Data Protection Authority.

10. Changes

We may update this privacy policy from time to time. The most current version is always available on this page. For material changes, we will inform you via our website or newsletter.