thizme, part of Quilmes B.V., attaches great importance to protecting personal data. This privacy statement describes how we process data, our technical architecture, and your rights.
thizme processes personal data in accordance with the General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and all other applicable European and Dutch data protection legislation.
The data controller within the meaning of the GDPR is Quilmes B.V., trading under the name thizme. Contact for privacy queries: privacy@thizme.com
thizme exclusively uses modern, cloud-based infrastructure from recognised and certified providers. No personal data is stored locally on thizme's or its employees' equipment. All storage takes place on secured, external cloud servers.
The platform is built in accordance with Privacy by Design and Privacy by Default (Article 25 GDPR): only the data strictly necessary for each purpose is processed by default.
All personal data is encrypted in transit using TLS 1.2 or higher. Data at rest is encrypted at the cloud providers. Encryption is a default, not an option.
thizme does not store personal data in local files, local databases or on employee devices. The user's browser stores only technical preferences (language, theme) via localStorage — these are not personal data.
When creating an account we process: name, email address, language preference, package type, date/time of creation. Legal basis: performance of the agreement (Article 6(1)(b) GDPR).
The content of conversations with Izme, and texts, photos and audio recordings you upload. Legal basis: performance of the agreement. Where you submit data about third parties, thizme acts as a technical conduit only. Responsibility for such data rests with you as the user.
Payments are handled by external, certified payment service providers (such as Stripe). thizme does not have access to full payment card details and processes only a payment confirmation.
Google Analytics with IP anonymisation, without cross-site tracking. Legal basis: legitimate interest.
thizme accepts a best efforts obligation, not a guarantee of result, with respect to data security. We commit to implementing all reasonably practicable technical and organisational measures in accordance with Article 32 GDPR.
thizme is not liable for damage resulting from a security incident where we have complied with our best efforts obligation, including damage caused by:
To the maximum extent permitted by law, thizme's liability is limited to the amount paid by you for the relevant package.
thizme uses the following categories of sub-processors, with each of whom a data processing agreement has been concluded:
Sub-processors outside the EEA are only engaged on the basis of Standard Contractual Clauses (SCCs) or an equivalent mechanism.
Submit requests to privacy@thizme.com. thizme responds within 30 days.
thizme uses functional cookies (necessary for the platform to work) and analytical cookies (Google Analytics, anonymised). thizme does not use tracking or profiling cookies for commercial purposes.
On your first visit we request consent for analytical cookies. You may also choose functional cookies only. Your preference is stored in your browser.
thizme reserves the right to amend this privacy statement. Amendments are published at thizme.com/privacy and take effect 30 days after publication. For material changes, we will notify you actively via the platform or by email.
You have the right to lodge a complaint with the Dutch Data Protection Authority (www.autoriteitpersoonsgegevens.nl). We encourage you to contact privacy@thizme.com in the first instance.
This privacy statement is exclusively governed by Dutch law. Disputes will be submitted to the competent court in the district where Quilmes B.V. has its registered office.
For questions about this document:
thizme — part of Quilmes B.V.
Email: privacy@thizme.com
Website: thizme.com