General everyday eating information only—not medical, dietetic, or weight-loss advice. We do not sell supplements. Consultations are educational; fees are confirmed before booking.

Privacy Policy

Last updated: 20 May 2026

This Privacy Policy describes how Washcleanse.world (“we”, “us”, “our”) processes personal data when you visit washcleanse.world, contact us, or book a consultation about everyday meal variety. We comply with:

  • Regulation (EU) 2016/679 (GDPR);
  • The Dutch GDPR Implementation Act (Uitvoeringswet AVG, UAVG);
  • Other applicable Netherlands and EU rules on privacy and electronic communications (see our Cookie Policy).

We process personal data in a lawful, fair, and transparent manner (GDPR Article 5).

1. Data controller (identity and contact)

Controller: Washcleanse.world
Address: Herengracht 377 A, 1016 BC Amsterdam, Netherlands
KvK (Dutch Chamber of Commerce): 55769721
Email: touch@washcleanse.world
Phone: +31 6 24270973

For questions about this policy or your data, use the contact details above. We do not have a mandatory Data Protection Officer (DPO) under Article 37 GDPR; privacy enquiries are handled by the controller directly.

2. Personal data we process

Depending on how you use the site, we may process:

  • Identity and contact data: name, email address, telephone number (if you call us), and message content from the contact form.
  • Consent records: whether you agreed to GDPR processing on the contact form; optional consent for workshop-related emails; cookie choices (see Cookie Policy).
  • Consultation-related data: information you voluntarily provide (e.g. typical meals, shopping habits, photos of food or cupboard) when you book or attend a session.
  • Technical data: IP address, browser type, operating system, device identifiers, referrer URL, date/time of access, and log data necessary for security.
  • Cookie/local storage data: as described in our Cookie Policy (including consent preferences stored locally, e.g. pvg_cookie_consent).

We do not intentionally process special categories of personal data (GDPR Article 9), such as health data, unless you choose to include such information in a message. Please avoid sharing medical diagnoses unless necessary; we provide general lifestyle information only.

Source of data: directly from you (forms, email, phone, consultations); automatically via your device when you browse the site; from cookie/local storage where applicable.

3. Purposes, legal bases, and retention

PurposeLegal basis (GDPR Art. 6)Retention (indicative)
Answering contact requests and email/phone enquiriesLegitimate interest (Art. 6(1)(f)) and/or steps prior to contract (Art. 6(1)(b))Up to 24 months after last contact
Optional marketing emails (only if you tick the box)Consent (Art. 6(1)(a))Until you unsubscribe or withdraw consent
Providing consultations and workshops you bookPerformance of contract (Art. 6(1)(b))Up to 36 months after last session, unless longer retention is required by law
Website operation, security, fraud preventionLegitimate interest (Art. 6(1)(f))Server logs: typically up to 90 days
Storing cookie consent preferencesLegal obligation / legitimate interest; non-essential cookies: consent (Art. 6(1)(a))As stated in Cookie Policy (e.g. 12 months)
Analytics or marketing (only if you consent)Consent (Art. 6(1)(a))Per provider; until withdrawal of consent
Compliance with legal obligations (e.g. tax/accounting if applicable)Legal obligation (Art. 6(1)(c))As required under Dutch law (often 7 years for financial records)

When we rely on legitimate interest, we balance our interests against your rights; you may object (see Section 8). Providing contact details is not legally required to browse the site, but we cannot reply to your message without an email and name.

4. Recipients and processors

We may share personal data with:

  • Hosting and IT providers (website hosting, email delivery, backups) acting as processors under Article 28 GDPR with written agreements.
  • Professional advisers (e.g. accountant or lawyer) where necessary and subject to confidentiality.
  • Public authorities when required by Netherlands or EU law.

We do not sell personal data. We choose providers in the European Economic Area (EEA) where reasonably possible.

5. Transfers outside the EEA

If a processor or tool is located outside the EEA (e.g. certain US-based analytics if you consent), we ensure appropriate safeguards under GDPR Chapter V, such as:

  • European Commission adequacy decisions; and/or
  • Standard Contractual Clauses (SCCs) with supplementary measures where needed.

You may request more information about transfers and safeguards by contacting us.

6. Embedded content and third parties

Our contact page embeds Google Maps. When you load that page, Google may collect data (e.g. IP address) under its own terms and privacy policy. We use the embed for location information only. Non-essential cookies from Google are blocked until you consent where technically possible.

7. Security

We implement appropriate technical and organisational measures under Article 32 GDPR, including HTTPS, access limitation, and secure handling of enquiries. No online transmission is 100% secure; please use a strong email password on your side.

If we become aware of a personal data breach likely to pose a risk to your rights, we will notify the Autoriteit Persoonsgegevens (AP) where required and inform you when required under Articles 33–34 GDPR.

8. Your rights under the GDPR and UAVG

You have the following rights, subject to conditions in the GDPR:

  • Access (Art. 15) — confirmation whether we process your data and a copy.
  • Rectification (Art. 16) — correction of inaccurate data.
  • Erasure (Art. 17) — deletion in certain circumstances (“right to be forgotten”).
  • Restriction (Art. 18) — limit processing in certain cases.
  • Data portability (Art. 20) — receive data you provided in a structured format where processing is based on consent or contract and carried out by automated means.
  • Objection (Art. 21) — object to processing based on legitimate interests, including direct marketing where applicable.
  • Withdraw consent (Art. 7(3)) — at any time for consent-based processing (e.g. optional cookies), without affecting prior lawful processing.

To exercise your rights, email us with sufficient detail to identify you. We may request reasonable proof of identity to prevent unauthorised access. We respond within one month (Art. 12(3) GDPR), extendable by two further months for complex requests; we will explain any extension.

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands:

Autoriteit Persoonsgegevens (AP)
Bezuidenhoutseweg 30, 2594 AV Den Haag, Netherlands
Website: autoriteitpersoonsgegevens.nl

9. Automated decision-making and profiling

We do not use automated decision-making or profiling that produces legal or similarly significant effects within the meaning of GDPR Article 22.

10. Children

Our website and consultations are aimed at adults. We do not knowingly collect personal data from children under 16 without verifiable parental consent (GDPR Article 8, as implemented in the Netherlands). Contact us if you believe a child has provided data; we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy to reflect legal or operational changes. The “Last updated” date will change. Significant changes will be communicated on this page. We encourage you to review this policy periodically.

12. Related documents

Return to home