Privacy Policy

Last updated: January 2026

1. Introduction

Eccego ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital identity platform and website.

We are based in the European Union and fully comply with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Data Controller

Woon IoT BV
Achterzeedijk 57 – Unit 40
2992 SB Barendrecht
The Netherlands
KVK: 90265602
Email: [email protected]

3. Information We Collect

3.1 Information you provide

  • Contact information (name, email address, phone number)
  • Organization details (company name, role)
  • Communications you send to us
  • Identity verification data (when using our services)

3.2 Information collected automatically

  • IP address and browser type
  • Device information
  • Usage data and analytics
  • Cookies and similar technologies

4. How We Use Your Information

We use your information to:

  • Provide and maintain our services
  • Process identity verification requests
  • Communicate with you about our services
  • Improve and develop our platform
  • Comply with legal obligations
  • Protect against fraud and abuse

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract: To fulfill our contractual obligations to you
  • Consent: Where you have given explicit consent
  • Legitimate interests: For our business operations, where balanced against your rights
  • Legal obligation: To comply with applicable laws

6. Data Sharing

We do not sell your personal data. We may share data with:

  • Service providers who assist our operations (EU-based only)
  • Government authorities when legally required
  • Identity verification partners (with your consent)

All our service providers are bound by data processing agreements and must comply with GDPR.

7. Data Storage and Security

All data is stored within the European Union. We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection

8. Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing activities
  • Withdraw consent: At any time, where processing is based on consent

To exercise these rights, contact us at [email protected].

9. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy, or as required by law. When data is no longer needed, it is securely deleted or anonymized.

10. Cookies

We use essential cookies to ensure our website functions properly. We do not use tracking or advertising cookies without your consent. For more information, see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact & Complaints

For questions about this Privacy Policy or to exercise your rights, contact us at:

Email: [email protected]

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).