Home About Us Services Insights Connect

Privacy Policy

Last updated: 1 January 2026

This Privacy Policy describes how Hanyu Peixun B.V. (“Hanyu Peixun”, “we”, “us”) collects, uses and protects personal data when you use our website at hanyupeixun.net or contact us about our courses. We process personal data in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation, GDPR) and applicable Dutch data protection law.

1. Who we are

The data controller responsible for your personal data is:

Hanyu Peixun B.V.
Parklaan 1A
9675 AB Winschoten
The Netherlands
Email: [email protected]
Telephone: +31 597 433 365

2. What data we collect and why

2.1 Contact form and email enquiries

When you complete the contact form on this website or email us directly, we collect your name, email address, telephone number (if provided) and the content of your message. We use this information to respond to your enquiry and, if you enrol in a course, to administer your enrolment.

Legal basis: Article 6(1)(b) GDPR — processing necessary to take steps at your request prior to entering into a contract, and Article 6(1)(f) GDPR — our legitimate interest in responding to enquiries about our services.

2.2 Course administration

If you enrol in one of our courses, we process your name, contact details, payment information and attendance records for the purpose of delivering the course, processing payment, and communicating with you about scheduling. We retain this information for the duration of your enrolment and for seven years thereafter as required by Dutch bookkeeping law (Burgerlijk Wetboek art. 2:10).

Legal basis: Article 6(1)(b) GDPR — performance of a contract; Article 6(1)(c) GDPR — compliance with a legal obligation.

2.3 Website analytics

With your consent, we use analytics cookies to understand how visitors use our website (which pages are visited, how long visits last, and similar aggregate statistics). We do not use analytics tools that collect personally identifiable information without anonymisation. Analytics data is not shared with third parties for advertising purposes.

Legal basis: Article 6(1)(a) GDPR — your consent, which you can withdraw at any time by clicking “Decline” in the cookie banner or adjusting your browser settings.

2.4 Essential cookies

Our website uses strictly necessary cookies to function (for example, to remember your cookie consent choice). These do not require your consent under GDPR recital 30 and Article 5(3) of the ePrivacy Directive.

3. How long we keep your data

Enquiry data that does not result in enrolment: we retain this for twelve months after the last contact, after which it is deleted. Course enrolment records: seven years from the end of the course, in accordance with our legal obligations. Analytics data: aggregated and anonymised on an ongoing basis; identifiable data (such as IP addresses) is not retained beyond your session.

4. Who we share data with

We do not sell your personal data. We may share data with the following categories of processors acting on our behalf:

Email and communication tools used to correspond with you; payment processors (if you pay online) operating under their own GDPR-compliant terms; website hosting providers. All processors are required to process data only on our instructions and in accordance with GDPR.

We do not transfer personal data outside the European Economic Area unless adequate safeguards are in place under Chapter V GDPR.

5. Your rights

Under GDPR you have the right to:

Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate or incomplete data.
Erasure — ask us to delete your data where we no longer have a legal basis to hold it.
Restriction — ask us to limit how we use your data in certain circumstances.
Portability — receive your data in a structured, machine-readable format.
Object — object to processing based on legitimate interests.
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at [email protected]. We will respond within one month as required by Article 12 GDPR. You also have the right to lodge a complaint with the Dutch supervisory authority: Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl.

6. Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss or alteration. Our website is served over HTTPS. Access to course records is restricted to staff who need it to perform their work.

7. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the “Last updated” date at the top of this page. We encourage you to review this page periodically.

8. Contact

Questions about this policy or your personal data: [email protected] or write to us at Parklaan 1A, 9675 AB Winschoten, Netherlands.