— villa · spa · zeewolde
Aurelia
Be one of the first 5 to book — save 20%! (FIRST5)Book now

— privacy

Privacy policy

We value your privacy. This policy explains what personal data we process, why, for how long, and what rights you have under GDPR.

Data controller

Villa Aurelia, Bosruiterweg 25, 3897 LV Zeewolde. Privacy questions: info@aurelia-zeewolde.nl.

What data we process

Name, email, phone, address, language preference, booking details (dates, villa, price), payment status, marketing preferences, audit log of your own actions (login, changes, export requests).

Legal basis

Bookings are processed on the basis of contract performance (Art. 6(1)(b) GDPR). Marketing emails only with your explicit consent (Art. 6(1)(a)). Retention periods for financial records based on legal obligation (Art. 6(1)(c), Dutch Tax Act).

Retention periods

Booking and invoice data: 7 years (Dutch Tax). Account after deletion: personal data anonymized within 30 days. Audit log: 12 months. Marketing consent: until withdrawn.

Your rights

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), objection (Art. 21) and data portability (Art. 20). Exercise these via your account or by emailing info@aurelia-zeewolde.nl.

Processors

We share only the minimum necessary with trusted processors within the EU.

  • Mollie B.V.Betalingsverwerking (NL)
  • SMTP-providerVerzending van transactionele e-mails (EU)
  • HostingServers & database (EU)

Cookies

We use only an essential session cookie (NextAuth) to keep you logged in. No tracking or marketing cookies. See also /cookies.

Complaints

You have the right to file a complaint with the Dutch Data Protection Authority (autoriteitpersoonsgegevens.nl).

Version: privacy-2026-04-28