Privacy policy

Last updated: 2026-05-05

This policy describes how IKnowICT (M.C. van Olst, t/a IKnowICT) handles personal data within the IKnowICT mobile app and the customer portal at panel.iknowict.com. We are the data controller as defined by the GDPR.

Contact

IKnowICT — Hoogeveenseweg 20, 7943 BA Meppel, the Netherlands
Email: info@iknowict.com

Data we collect

• Account & contact details: name, email, phone, mobile, postal address and company name. Maintained centrally by an admin in the directory (FreeIPA) and in the customer record.
• Authentication: username, hashed password (stored in FreeIPA), and session tokens kept only on your device.
• Biometrics: fingerprint or face data is processed locally on your device by iOS/Android. We never receive or store it.
• Profile picture: optional, picked from your gallery and stored on our server.
• Business content: invoices, quotes, projects, tasks, messages and hosting status tied to your customer relationship with IKnowICT.
• Server logs: IP address, timestamp and endpoint for security and troubleshooting.

The app contains no analytics, advertising or third-party trackers.

Why we process this data

• To grant access to the customer portal and verify your identity (contract performance).
• To show invoices, quotes, projects, hosting and mailbox status (contract performance).
• For in-app messaging with IKnowICT (contract performance).
• To enable email-based password reset (legitimate interest and contract performance).
• To secure our systems (legitimate interest).
• To comply with statutory record-keeping obligations (legal obligation).

Sharing

We do not share your data with third parties for commercial purposes. We use an SMTP mail server to deliver email (such as password-reset links). Everything else runs on infrastructure that IKnowICT operates itself.

Retention

• Account & contact details: for the duration of the customer relationship.
• Invoice & payment records: 7 years (Dutch tax retention).
• Profile picture: until you remove it or close your account.
• Session tokens: until expiry (8 hours) or sign-out.
• Server logs: up to 90 days.

Your rights

Under the GDPR you have the right to access, correct, delete, restrict processing of, port, or object to the processing of your data. Email info@iknowict.com to exercise these rights — we respond within one month. You may also lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Security

Passwords are hashed and stored in FreeIPA only. App-to-server traffic is encrypted with HTTPS. Session tokens are kept in your device's secure storage (Keychain / Keystore).

Changes

We may update this policy. The most recent version is always on this page; the last-updated date above tells you when it changed.