PRIVACY NOTICE

Last updated November 14th, 2025

This privacy notice for A.E.T. Europe B.V.  (“Company,” “we,” “us,” or “our”), with registered office at IJsselburcht 3, 6825 BS Arnhem, The Netherlands and Chamber of Commerce (KvK) number 09114089, describes how and why we might collect, store, use, and/or share (“process”) your information when you use our services (“Services”), such as when you:

  • Visit our website at https://www.sendandsecure.com
  • Engage with us in other related ways, including sales, marketing, or events.

Questions or concerns? This notice outlines your privacy rights and choices under applicable laws. If you do not agree with our policies and practices, please do not use our Services. For inquiries, contact our privacy contact email.  

support@aeteurope.com

Summary of Key Points

This summary highlights essential elements of our privacy notice; refer to the full sections below for details.

  • What personal information do we process?. We process contact details and basic metadata solely for user communication, invoicing, and service administration. The transferred files remain encrypted client-side and are never accessible to us.
  • Do we process any sensitive personal information? File contents are never processed by us due to client-side encryption and therefore do not process any sensitive personal data contained within those files. We do process contact details (names, email addresses, phone numbers), which may in rare cases reveal sensitive characteristics indirectly. These are processed only for delivering the secure download mechanism and access notifications.
  • How do we process your information? To deliver Services, maintain security, and meet legal obligations, on a strictly necessary basis.
  • In what situations and with whom do we share personal information?  We only share limited business-administrative information with essential infrastructure and invoicing providers. The encrypted files and access codes are transmitted directly between sender and recipient, which means that  no personal information is shared by us as part of that exchange.
  • How do we keep your information safe? When you select your file that you want to have encrypted, it never leaves your PC. Making use of the AES-GCM algorithm, the file is encrypted on your PC utilizing only your PC’s hardware. Communication for your account or payment is handled via HTTPS, protecting your data and ensuring that only you retain access to your file.
  • What are your rights? Under GDPR, rights include access, rectification, erasure, and objection.
  • How do I exercise my rights? Email support@aeteurope.com.

1. What information do we collect?

  • Personal information you disclose to us

In Short: We collect personal information that you provide voluntarily.

We collect personal information you provide when registering, expressing interest in our Services, or using file transfer features, including:

  • Contact details: Email addresses and phone numbers (for delivering encrypted files or QR codes).
  • Account information (for enterprise and subscription users): Names, billing details, and organizational information.
  • Metadata: Device types, IP addresses, and access timestamps for security logging.

We do not access or process the content of transferred files, as all encryption and decryption occur client-side on your device.

  • Information automatically collected

In Short: Limited device and usage data is collected automatically for operational purposes.

This includes browser type, operating system, pages visited, and time spent, primarily to enhance security and performance.

  • Sensitive Information

Due to our zero-knowledge architecture, we do not process sensitive personal data from file contents. If contact details involve sensitive categories (e.g., in health or financial contexts), we process them only as minimally required and under lawful bases.

2. How do we process your information?

In Short: Processing supports Service delivery, security, and compliance.

Specific purposes include:

  • Security monitoring (e.g., abuse detection).
  • Legal compliance (e.g., maintaining audit logs).
  • Responding to support requests.

3. What legal bases do we rely on to process your personal information?

In Short: We rely on GDPR-approved bases tailored to each processing activity.

  • Performance of a contract: To fulfill Service requests.
  • Legitimate interests: For security, fraud prevention, and Service enhancements (assessed to not override your rights).
  • Legal obligations: For regulatory audits or reporting.


4. When and with whom do we share your personal information?

In Short: Sharing is limited to necessary parties with safeguards.

  • Business transfers: In the event of mergers or acquisitions.
  • Legal requirements: To comply with laws or protect legal rights.

We do not sell personal information or share it for cross-context advertising.

5. Do we use cookies and other tracking technologies?

In Short: We use only essential cookies; no non-essential tracking without consent.

Our website uses a small number of cookies required to ensure that the service functions correctly and securely. Most of these cookies are placed by WordPress and support core functions such as authentication, maintaining sessions, saving interface preferences, and checking browser compatibility. One additional cookie is used to verify one-time transfer purchases. No non-essential cookies are used.

The strictly necessary cookies used on our website include:

  • Authentication and session cookies
    (wordpress_[hash], wordpress_logged_in_[hash])
  • User interface preference cookies
    (wp-settings-{time}-[UID])
  • Technical compatibility cookie
    (wordpress_test_cookie)
  • Localization cookie
    (wp_lang)
  • Subscription verification cookie
    (b4u_sas-subscription-unique-id — used to confirm one-time transfer payments)

These cookies are essential to provide the secure file-transfer service you request and are used on the basis of Article 6(1)(b) GDPR and the applicable ePrivacy rules permitting strictly necessary cookies without prior consent.

We do not use analytics cookies, advertising cookies, profiling technologies, tracking cookies, or any other non-essential cookies. For this reason, no cookie banner is displayed, as none is required by law.

You may configure your browser to block or delete cookies; however, doing so may impair essential website functionality. For more information about the cookies used on our website, please refer to our Cookie Statement.

6. Is your information transferred internationally?

In Short: Your data is not transferred outside of the EEA.

All personal data we process remains within the European Economic Area (EEA). We do not transfer your data to countries outside the EEA, and no sub processors located outside the EEA are engaged for these service.

7. How long do we keep your information?

In Short: Retention is limited to what’s necessary.

  • Transfer-related metadata: Retained up to 48 hours after link expiration.
  • Security logs: 30–90 days for compliance and auditing.
  • Account data: Until account closure or a deletion request is processed.

8. How do we keep your information safe?

In Short: We implement comprehensive security measures.

These include zero-knowledge encryption, access controls, regular penetration testing, and incident response protocols. While no system offers absolute security, our design effectively minimizes risks associated with data breaches.

9. Do we collect information from minors?

We do not knowingly collect data from individuals under 16 years of age (the consent threshold under Dutch law). If we become aware of such collection, we will promptly delete it. For users in other EU jurisdictions, local age thresholds (ranging from 13–16) may apply; parents/guardians should contact us for any concerns.

10. What are your privacy rights?

Under GDPR and similar laws, you may:

  • Access, rectify, erase, or obtain a portable copy of your data.
  • Object to processing based on legitimate interests.
  • Withdraw consent where applicable.
  • Lodge a complaint with a supervisory authority (e.g., the Dutch Data Protection Authority at www.autoriteitpersoonsgegevens.nl).

To exercise rights, contact support@aeteurope.com.

11. Do we make updates to this notice?

We may update this notice periodically. Changes will be posted here with the revised date. Continued use of Services after updates constitutes acceptance.

12. How can you contact us about this notice?

For questions, contact our privacy contact person: Email: support@aeteurope.com Postal: A.E.T. Europe B.V., IJsselburcht 3, 6825 BS, Arnhem, The Netherlands.

We have not appointed a formal Data Protection Officer under GDPR Article 37 at this time, but our privacy contact handles all related matters.

13. How can you review, update, or delete the data we collect from you?

To exercise your rights, you can contact us directly at support@aeteurope.com. Please include enough information to verify your identity and specify your request. We aim to respond within one month, extendable where complex.