We don't want to know who you are!

We just want to know how many people are on our website. You can decline if you want.
Read more about our cookies
Skip to secondary navigation
Skip to content

Privacy Policy

We value the privacy of our visitors of the website


1. Purpose and scope of this Privacy Statement

This Privacy Statement covers activities undertaken by Mind District Holding B.V. and the related entities Minddistrict B.V., Minddistrict Development B.V., and Minddistrict GmbH all of which will hereinafter be referred to as “Minddistrict”. The scope of this Privacy Statement covers data processing related to the Minddistrict marketing websites (hereinafter referred to as the “website(s)”) which can be found at:

This Privacy Statement also covers other data processing activities including recruitment and hiring processes for job applicants.

This Privacy Statement does not cover the data processed when using the Minddistrict Platform. For more information please see the privacy statement in the footer of your Platform user area.

2. How do we process your data at Minddistrict?

At Minddistrict we are committed to being fully transparent in providing you insights in what data we process and why we process these data.

2.1. What legal frameworks apply?

All of the data processing activities undertaken by Minddistrict are undertaken in accordance with the requirements of the following regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter “GDPR”);
  • Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (hereinafter “ePrivacy Directive”);
  • Uitvoeringswet Algemene verordening gegevensbescherming;
  • Bundesdatenschutzgesetz (hereinafter “BDSG”).

2.2. What data processing principles apply?

The following principles apply to our data processing activities:

  • clearly specify the purpose before we process personal data, as outlined in this Privacy Statement;
  • limit collection of personal data to only the personal data needed for lawful purposes;
  • first ask for explicit permission to process personal data in cases where permission is required;
  • take appropriate security measures to protect personal data and require the same from parties who process personal data on our behalf.

2.3. What about my data subject rights?

Data subjects (e.g. you as a visitor) have the following rights with regard to the processing of your personal data:

  • Right to withdraw consent (Article 7, GDPR): You have the right at any time to withdraw your consent to processing of your personal data.
  • Right to be informed (Article 12, 13, 14 GDPR); You have the right to know how and why we process your data.
  • Right of access (Article 15, GDPR); You have the right to ask us about and access any data we have about you.
  • Right to rectification (Article 16, GDPR); You have the right to have the data we have about you corrected.
  • Right to erasure ('right to be forgotten') (Article 17, GDPR); You have the right to ask us to delete all the data we have about you.
  • Right to restriction of processing (Article 18, GDPR); You have the right to request we stop or limit the processing of the data we have about you.
  • Right to lodge a complaint with a supervisory authority (Article 77, GDPR): You must exercise this right directly with your local data protection authority.
  • Right to object to us processing your personal data (Article 21 GDPR): You have the right to object to us processing your personal data.

To exercise your data subject rights (for example to have your data deleted) please contact us at compliance@minddistrict.com.

2.4. So, provide me with the details of data processed by Minddistrict

As a visitor, you can use the website(s) without providing personal data. Our website(s) only collects data that is clearly and voluntarily provided by visitors. This data may include the data as described below in the table.

We do not collect special personal data, such as data relating to race or ethnic origin, religious conviction, criminal record, physical and mental health status or sexual orientation of visitors. If necessary, we will ask for your express consent concerning the collection and use of such data.

Below you will see the relevant type of data that is processed by visiting or using the functionalities of the website(s) as follows:

Data type Purpose of processing Legal base for processing Retention period
IP address Session cookie (grav-site-36e7f58) which is strictly necessary for the website to operate. n/a Expires when the browser is closed.
IP address and location data Cookies for analytics purposes (_ga, _ga_ "container-id", and _gid). Consent Depending on the cookie it can be from 24 hours to 2 years from last consent.
(such as but not limited to name, address, professional history, contacting details, etc.) To process recruitment applications via our recruitment supplier Homerun B.V. or email. Consent Up to 6 months unless otherwise requested.
  • Email address;
  • First name;
  • Last name;
  • Organisation (optional);
  • Job title (optional);
  • Website (optional);
  • Professional interest categories (optional).
 To sign up for Minddistrict newsletters via MailChimp. Consent or legitimate interest (with opt out) Up to 1 year unless otherwise requested.


More information about our cookies is available in our Cookie Statement.

2.5. Are there any sub-processors involved?

Yes, there are. By providing information via our website(s), you agree with the disclosures as set out below.

We have the following sub-processors in place:

2.5.1. Recruitment

Personal data related to applicants applying for jobs at Minddistrict will be processed through our recruitment supplier Homerun (Homerun B.V.) or via internal email systems if that is how the applicant submits their application. Homerun data will be deleted automatically after 6 months time. Applicant data submitted by email will be deleted at the end of the recruitment process. Applicant data submitted through other channels (like LinkedIn) will likewise be deleted from our internal systems after the recruitment process.

2.5.2. Contact form and newsletter

Minddistrict sends out newsletter(s) to inform interested parties of our products and/or services. Your e-mail address will be added to the list of subscribers on request or when you share your contact information with us through other marketing channels. Each newsletter contains an opt-out link with which to unsubscribe from the newsletter.

When a visitor to our website(s) subscribes to Minddistrict newsletters via MailChimp, the data provided is processed in line with MailChimp’s privacy policies. Any international transfers of your personal data via this sub-processor to the United States or other third-countries outside the EEA are made in accordance with appropriate transfer mechanisms.

In order to fully understand how that data will be processed, we recommend you refer to MailChimp’s privacy policies.

2.5.3. Google Analytics

At Minddistrict the marketing analytics activities have been developed with privacy in mind. Our use of cookies as part of our marketing activities is fully transparent for users. We use the aforementioned Google Analytics cookies on our website(s).

When a visitor to our website(s) consents to the placement of analytics cookies, the data collected through placement of those cookies is processed in line with Google’s privacy policies. To learn more about our cookies please see our Cookie Statement.

Any international transfers of your personal data via this sub-processor to the United States or other third-countries outside the EEA are made in accordance with appropriate transfer mechanisms.

In order to fully understand how that data will be processed by Google, we recommend you refer to Google’s privacy policies.

2.6. So, how is my data secured at Minddistrict?

We have technological and operational security measures in place to protect all the information provided by visitors via our website(s) against disclosure to, or inspection, change or destruction by unauthorised parties. Minddistrict is also ISO 27001:2022, C5 (ISAE 3000), and NEN 7510:2017 certified, with a full scope of all controls. For more information please see the Security Statement.

2.7. Third-party websites

This Privacy Statement is not applicable to third-party websites connected to our website(s) through links. We recommend you refer to the privacy policies of these third-party websites for more information on any data processing.

3. Protection of the privacy of minors

We understand the importance of protecting the privacy of minors in the interactive world of the internet. Our website(s) are not designed for, or intentionally aimed at minors of 13 years or younger. It is not our policy to intentionally collect or retain information of persons of 13 years or younger.

4. Changes to this Privacy Statement

We may adjust or change this Privacy Statement from time to time as we see fit. If we make changes, we will amend the revision date stated below and the amended or changed version applies to you and your data from the date of revision. We recommend that you regularly read this Privacy Statement so that you are always aware of the way in which we protect your data.

This Privacy Statement was last updated on 14-1-2025.

4.1. Contact information

For questions about this Privacy Statement please contact the Minddistrict Compliance Department at: compliance@minddistrict.com.

4.2. English version controls

Non-English translations of this statement are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.

4.3. Governing law

The law governing this document shall be that of the Netherlands.