Home / Privacy Policy
Privacy Policy
Read our terms and conditions for using Xpendy's services to ensure compliance and understanding.
Home / Privacy Policy
Read our terms and conditions for using Xpendy's services to ensure compliance and understanding.
Providers: The organisation of which the Consumer is a member and of which the Consumer wishes to cancel. Also called Organization;
Services Offered: The various subscription options that the Consumer can cancel through Xpendy. Also called Services or Offerings;
GDPR: As of May 25, 2018, the General Data Protection Regulation (GDPR) applies. This means that the same privacy laws apply throughout the European Union (EU). The GDPR is also known as AVG;
PIPEDA: PIPEDA is Canada’s federal privacy law for private-sector organizations. It governs how businesses collect, use, and disclose personal information in the course of commercial activities.
Payment details: All data necessary to complete a payment, with the exception of the PIN. This can be the name of the account holder as well as the IBAN (account number);
Consumer: The natural person who is not acting for purposes related to his trade, business, craft or profession;
Cookies: Our website uses Cookies. These are text files that are stored on your device to improve the use of a website. Cookies can be used to store data or settings on a website so that they do not have to be re-entered or given up on your next visit;
Direct Marketing: Direct marketing is an English term for advertising products by approaching potential customers directly and personally;
Withdrawal: The possibility for the Consumer to withdraw from the Distance Contract within the cooling-off period;
Agreement: An Agreement between the Provider of the cancellation service and the Consumer within the framework of an organized system for distance selling of products, digital content and/or services, whereby, up to and including the moment the Agreement is concluded, exclusive or joint use is made of one or more techniques for distance communication;
Personal data: All data that is personally tied to the Consumer, such as name, address, date of birth and possibly one customer or membership number with the subscription;
Privacy: The personal sphere that distinguishes and protects us and our actions, properties and information from others;
We value and respect your privacy; therefore we want to be as open and transparent as possible about the processing and protection of your Personal Data. Below, we set out what data we process at what point, for what purpose, and on what legal basis. In doing so, we hope to make it clear to you how the Services we offer work and how the protection of your Personal Data is guaranteed.
As you may know, since May 2018 the General Data Protection Regulation (GDPR) has been in effect across the European Union. This regulation strengthens the protection of your Personal Data and gives you greater control over how your information is collected and used online.
For users in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) applies. This federal privacy law ensures that organizations handle your Personal Data responsibly during commercial activities, with a strong focus on consent, transparency, and data security.
At Xpendy, we promise you the following:
We do not retain your Payment Information;
We will never disclose your Personal Data to third parties without your consent;
We do not store any data that is not necessary for the preparation of the cancellation letter and its processing;
The content of your letter of termination (including your signature) will be deleted automatically after one year;
This privacy policy applies to the use of Xpendy's website and the Offered Services (aka, the Termination Service) accessed thereon.
You can consult, save or print this privacy statement at any time via https://www.xpendy.com/privacy-policy.
If we rely on legitimate interests as a basis for processing your Personal Data, as permitted under Article 6(1)(f) of the GDPR, you have the right to object at any time, in accordance with Article 21 of the GDPR. Upon receiving such an objection, we will cease processing your Personal Data for purposes such as direct marketing or related profiling, unless we can demonstrate compelling legitimate grounds to continue.
For users in Canada, under the Personal Information Protection and Electronic Documents Act (PIPEDA), you also have the right to challenge our handling of your personal information. This includes the right to withdraw consent and to express concerns about how your data is being used for marketing or other non-essential purposes. We are committed to respecting your privacy rights under both European and Canadian law.
Under Article 21(1) of the General Data Protection Regulation (GDPR), you have the right to object to the processing of your Personal Data when it is based on our legitimate interests. In such cases, we will stop processing your data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims. To exercise this right, you must provide reasons that relate to your particular situation.
For individuals in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) allows you to challenge our use of your personal information for purposes beyond those you initially consented to. If you believe your data is being used in a way that is not aligned with your expectations or rights, you have the right to withdraw consent or raise an objection. We are committed to handling your data responsibly and in full compliance with both GDPR and PIPEDA standards.
The Dutch company ROI is King Group B.V. | Xpendy is the controller of the Personal Data you provide to us and is responsible for your Personal Data under applicable data protection law:
ROI is King Group B.V.| Xpendy
Nieuwstraat 2, 4811WV Breda, The Netherlands. No visiting address
For customer service: [email protected]
For advertising & partnerships: [email protected]
Chamber of Commerce number: 52334538
VAT number: NL850399865B02
If you have any questions about the processing of Personal Data and your rights in relation to the protection of Personal Data, please contact [email protected].
Every time you visit our website, we automatically collect data and information from your device. We store these in so-called server log files. This data is information relating to an identified or identifiable natural person (here: website visitor). The data is automatically transmitted by your browser when you visit our website. The following data are recorded:
The time of the visit to our website (connection to the server of the provider)
The URL of the website from where you visited our website
The operating system you use
The type and version of the browser you are using
The IP address of your computer
The purpose of this data processing is to allow you to access and use our website properly on your device, and to ensure that the content is displayed correctly in your browser. Additionally, this information helps us to optimize website performance and maintain the security and stability of our systems.
For users in the European Union, the legal basis for this processing is Article 6(1)(f) of the General Data Protection Regulation (GDPR), which permits data processing based on our legitimate interest. Our interest lies in delivering a technically functional, secure, and user-friendly website experience. Processing your IP address is essential for enabling communication between your device and our server. This data is retained for one year and then automatically deleted.
For users in Canada, we process this data in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA). We have a legitimate business interest in improving our digital services and protecting the integrity of our systems, while ensuring that personal information is handled responsibly and with appropriate safeguards.
You may at any time object to the processing of your data. This may be done by e-mail to [email protected]. The provision of Personal Data is neither legally nor contractually mandatory, nor is it required for the conclusion of an agreement. You are not obliged to provide the Personal Data. However, failure to do so may result in your not being able to use our website fully or at all.
On our website you have the opportunity to create letters of termination for various Services and Providers.
The necessary data are currently available:
First name
Last name
Street and house number
Postal Code
City
Customer or member number, or other information provided to you by a provider to identify the agreement.
You can also add other, non-mandatory information in the text field. Mandatory and voluntary information will be treated equally by us.
The information you provide, including Personal Data, is processed by us for the purpose of drafting, generating, and sending the cancellation letter. This processing is necessary for the performance of the agreement between you and Xpendy. Under the General Data Protection Regulation (GDPR), this is based on Article 6(1)(b), which allows processing for the performance of a contract. Under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), this falls under the principle of using personal information for reasonable purposes connected to providing the requested service.
Your data will be retained only for as long as necessary to process your request and to meet legal retention obligations.
We also store the timestamp of when the cancellation letter was generated, as well as the corresponding IP address. This is done to help prevent or detect misuse or abuse of our services, such as fraudulent activity or unauthorized use.
Under Article 6(1)(f) of the GDPR, this processing is based on our legitimate interest in safeguarding the integrity of our services. Similarly, under PIPEDA, we process this data as part of our responsibility to ensure the secure and appropriate use of personal information in the context of our business operations.
If you use the option where we send your cancellation letter directly to the Provider, the Provider you specify will receive the data provided by you. In addition, the data is sent to our web host.
The provision of Personal Data is neither legally nor contractually binding. However, it is necessary in order to be able to use our cancellation service correctly. You are not obliged to provide the Personal Data. However, failure to do so may result in your cancellation letter not being prepared correctly.
Cookies contain a so-called cookie ID which enables the recognition of the device on which the cookie is stored. We use the following cookies in particular for this purpose:
Cookies containing a randomly generated, concrete identification number, which makes it possible to identify you or your device during your visit to our website. These cookies are automatically deleted at the end of your visit.
Cookies containing a randomly generated, concrete identification number, which makes it possible to identify you or your device on our website. These Cookies save your selected language and protect against fraudulent or improper access to the website. These Cookies are automatically deleted after one year.
The purpose of this processing is to make the use of the website as pleasant as possible for you, and to be able to save settings.
The legal basis for the processing is Article 6(1) of the GDPR. We have a legitimate interest in offering you a website that stores your personal settings and makes visiting our website as easy as possible. You have the right to object.
In your browser settings you can limit or completely block the placing of cookies. You can adjust the settings so that the cookies are automatically deleted when you close the browser window.
The provision of Personal Data is neither required by law nor by contract nor is it required for the conclusion of an Agreement. You are not obliged to provide the Personal Data. However, failure to do so may result in your not being able to use our website fully or at all.
Cookies are also used by other Services used by us. We inform you specifically about the use of cookies in the individual services.
When making payment for our Services, we use the payment methods:
Paypal
Mastercard
Visa
Amex
Apple Pay
If you make a payment on our website using one of the aforementioned payment methods via Stripe, Stripe will process the following data:
Your Payment Details (e.g. bank account number or credit card number)
Your IP Address
Your internet browser and device
In some cases your first and last name
In some cases your address details
In some cases information about the product or service you purchased through us
Other Personal Data that you make available, for example through correspondence or on the phone
The purpose of processing the data as part of the payment process is to evaluate your application, prepare and execute the Agreement and process your payment.
The legal basis for the processing is Article 6 para. 1 of the GDPR. The data will only be stored by us for the time required to execute and process your order and to comply with the statutory retention periods.
The provision of Personal Data is required for the conclusion of an Agreement. Failure to make the data available shall mean that the Agreement cannot be concluded.
We secure our website and other systems by means of technical and organizational measures against loss, disruption, access, modification or distribution of your Personal Data by unauthorized persons. However, despite regular checks it is not possible to achieve complete protection against all dangers.
Changes in the law or in our internal processes may require us to amend the privacy statement.
You should note (insofar as you do not exercise your right of revocation) that the current version of the privacy statement always applies.
You have the right to revoke any granted permission at any time with effect for the future. You can do this by sending an e-mail to [email protected].
Right of access:
You have the right to request information about the Personal Data we hold about you at any time. You can request this information by email at [email protected]. We will try to respond to your request as soon as possible.
Right to portability:
Where Xpendy processes your Personal Data by automated means on the basis of your consent or pursuant to an Agreement, you have the right to receive a copy of your data in a structured, commonly used and machine-readable format, transferred to you or another party. This relates only to the Personal Data you have provided to us. You can request this information by email at [email protected].We will try to respond to your request as soon as possible.
Right of correction:
You have the right to request correction of your Personal Data if it is incorrect, including the right to have incomplete Personal Data completed. You can request this correction by email at [email protected]. We will try to respond to your request as soon as possible.
Right to erasure:
You have the right to request at any time that personal data processed by Xpendy be deleted. This can be requested by e-mail at [email protected].We will try to respond to your request as soon as possible.
How can you exercise your rights?
We take data protection very seriously. Therefore, you can send us an e-mail at any time and we will deal with it as soon as possible. You can reach our staff at [email protected].
Cooperation in tax and criminal investigations
In some cases, we may be required by law to share your data in connection with governmental tax and criminal investigations. In such a case we are forced to share your data, but we will oppose this within the possibilities of the law.
The right to lodge a complaint with a supervisory authority:
If you believe that Xpendy is not properly processing your Personal Data, please contact us at [email protected]. You also have the right to file a complaint with a supervisory authority.
Updates to our privacy statement:
It may happen that our privacy statement needs to be updated. The latest version of the privacy statement is always available on our website. We will post any material changes to the privacy statement, for example, regarding the purpose of using your personal data or your rights.
