Background

Home / Privacy Policy

Privacy Policy

Read our terms and conditions for using Xpendy's services to ensure compliance and understanding.

ARTICLE 1 - DEFINITIONS

Providers: The organisation of which the Consumer is a member and of which the Consumer wishes to cancel. Also called Organization;

Services Offered: The various subscription options that the Consumer can cancel through Xpendy. Also called Services or Offerings;

GDPR: As of May 25, 2018, the General Data Protection Regulation (GDPR) applies. This means that the same privacy laws apply throughout the European Union (EU). The GDPR is also known as AVG;

FTC Act: The FTC Act (Federal Trade Commission Act) is a U.S. law enacted in 1914, designed to protect consumers from unfair or deceptive business practices. The law is enforced by the Federal Trade Commission (FTC).

Payment details: All data necessary to complete a payment, with the exception of the PIN. This can be the name of the account holder as well as the IBAN (account number);

Consumer: The natural person who is not acting for purposes related to his trade, business, craft or profession;

Cookies: Our website uses Cookies. These are text files that are stored on your device to improve the use of a website. Cookies can be used to store data or settings on a website so that they do not have to be re-entered or given up on your next visit;

Direct Marketing: Direct marketing is an English term for advertising products by approaching potential customers directly and personally;

Withdrawal: The possibility for the Consumer to withdraw from the Distance Contract within the cooling-off period;

Agreement: An Agreement between the Provider of the cancellation service and the Consumer within the framework of an organized system for distance selling of products, digital content and/or services, whereby, up to and including the moment the Agreement is concluded, exclusive or joint use is made of one or more techniques for distance communication;

Personal data: All data that is personally tied to the Consumer, such as name, address, date of birth and possibly one customer or membership number with the subscription;

Privacy: The personal sphere that distinguishes and protects us and our actions, properties and information from others;

ARTICLE 2 - INTRODUCTION

We value and respect your privacy; therefore we want to be as open and transparent as possible about the processing and protection of your Personal Data. Below, we set out what data we process at what point, for what purpose, and on what legal basis. In doing so, we hope to make it clear to you how the Services we offer work and how the protection of your Personal Data is guaranteed.

As you may know, since May 2018 there is a new privacy law, the GDPR (General Data Protection Regulation) or GDPR (General Data Protection Regulation). This new law ensures that your Personal Data processed online is even better protected and that you as a user have more control.

Xpendy is committed to complying with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive business practices in the United States. In line with this law, we ensure that all our data collection, use, and disclosure practices are transparent, fair, and honest.

At Xpendy, we promise you the following:

We do not retain your Payment Information;

We will never disclose your Personal Data to third parties without your consent;

We do not store any data that is not necessary for the preparation of the cancellation letter and its processing;

The content of your letter of termination (including your signature) will be deleted automatically after one year;

This privacy policy applies to the use of Xpendy's website and the Offered Services (aka, the Termination Service) accessed thereon.

You can consult, save or print this privacy statement at any time via https://www.xpendy.com/privacy-policy.

In accordance with the Federal Trade Commission Act (FTC Act), Xpendy is committed to fair and transparent data practices. If you believe that your personal data is being used in a misleading or unfair manner, you have the right to raise a concern. We encourage you to contact us directly if you have any questions or objections regarding how your data is handled under this framework.

In accordance with Article 21 of the GDPR, users located in the European Union have the right to object at any time to the processing of their Personal Data, including for purposes of direct marketing or related profiling.

For users in the United States, Xpendy complies with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive data practices. If you believe your personal data is being used in an inappropriate or misleading way, you have the right to contact us and express your concerns. We are committed to ensuring transparency and fairness in all our data handling practices.

Under Article 21(1) of the GDPR, individuals located in the European Union have the right to object to the processing of their Personal Data when such processing is based on legitimate interests. In such cases, we will stop processing your data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims. To exercise this right, you must provide reasons relating to your particular situation.

For users in the United States, Xpendy complies with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive practices, including the misuse of personal information. If you believe your data is being processed in a way that violates your rights or expectations, you may contact us to raise your concerns. We are committed to handling all personal information fairly, transparently, and in compliance with applicable laws.

ARTICLE 3 - THE CONTROLLER OF YOUR PERSONAL DATA

The Dutch company ROI is King Group B.V. | Xpendy is the controller of the Personal Data you provide to us and is responsible for your Personal Data under applicable data protection law:

ROI is King Group B.V. | Xpendy

Nieuwstraat 2, 4811WV Breda, the Netherlands. No visiting address;

For customer service: [email protected]

For advertising & partnerships: [email protected]

Chamber of Commerce number: 52334538

VAT number: NL850399865B02

If you have any questions about the processing of Personal Data and your rights in relation to the protection of Personal Data, please contact [email protected].

ARTICLE 4 - WHERE DO WE STORE YOUR DATA?

Every time you visit our website, we automatically collect data and information from your device. We store these in so-called server log files. This data is information relating to an identified or identifiable natural person (here: website visitor). The data is automatically transmitted by your browser when you visit our website. The following data are recorded:

The time of the visit to our website (connection to the server of the provider)

The URL of the website from where you visited our website

The operating system you use

The type and version of the browser you are using

The IP address of your computer

The purpose of this processing is to be able to visit our website with a device and to enable a correct display of our website on your device or in your browser. In addition, the data is important for us to optimize our website and to ensure the security of our systems.

The processing of your Personal Data is based on our legitimate interest under Article 6(1)(f) of the General Data Protection Regulation (GDPR), which allows for processing when it is necessary for the purposes of our legitimate interests—such as ensuring the proper display of our website on your device and facilitating secure communication between your browser and our servers. Processing your IP address is essential for this purpose.

In addition, for users in the United States, Xpendy adheres to the principles of the Federal Trade Commission Act (FTC Act), which requires transparency and fairness in the handling of personal data. We process this information solely to optimize your browsing experience and enhance website functionality, without engaging in deceptive or misleading practices.

This data is retained for a period of one year, after which it is automatically deleted in accordance with our data retention policy.

You may at any time object to the processing of your data. This may be done by e-mail to [email protected]. The provision of Personal Data is neither legally nor contractually mandatory, nor is it required for the conclusion of an agreement. You are not obliged to provide the Personal Data. However, failure to do so may result in your not being able to use our website fully or at all.

ARTICLE 5 - CANCELLATION SERVICES ON XPENDY

On our website you have the opportunity to create letters of termination for various Services and Providers.

The necessary data are currently available:

First name

Last name

Street and house number

Postcode

City

E-mail

Customer or member number, or other information provided to you by a provider to identify the agreement.

You can also add other, non-mandatory information in the text field. Mandatory and voluntary information will be treated equally by us.

The information you provide, including Personal Data, is processed by us for the purpose of drafting, generating, and sending the cancellation letter. This processing is necessary for the performance of the agreement between you and Xpendy. The legal basis for this under the General Data Protection Regulation (GDPR) is Article 6(1)(b). Your data will only be stored for as long as necessary to fulfill your request and to comply with applicable statutory retention periods.

Additionally, we record the time the cancellation letter is created and the associated IP address. This is done to help prevent or detect potential misuse of our services. The legal basis for this under the GDPR is Article 6(1)(f), based on our legitimate interest in protecting our platform and users against fraudulent or unauthorized activity.

For users in the United States, Xpendy also complies with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive practices. Our data handling practices are designed to ensure transparency, honesty, and the fair use of personal information in accordance with both European and U.S. standards.

If you use the option where we send your cancellation letter directly to the Provider, the Provider you specify will receive the data provided by you. In addition, the data is sent to our web host.

The provision of Personal Data is neither legally nor contractually binding. However, it is necessary in order to be able to use our cancellation service correctly. You are not obliged to provide the Personal Data. However, failure to do so may result in your cancellation letter not being prepared correctly.

ARTICLE 6 - COOKIES

Cookies contain a so-called cookie ID which enables the recognition of the device on which the cookie is stored. We use the following cookies in particular for this purpose:

Cookies containing a randomly generated, concrete identification number, which makes it possible to identify you or your device during your visit to our website. These cookies are automatically deleted at the end of your visit.

Cookies containing a randomly generated, concrete identification number, which makes it possible to identify you or your device on our website. These Cookies save your selected language and protect against fraudulent or improper access to the website. These Cookies are automatically deleted after one year.

The purpose of this processing is to make the use of the website as pleasant as possible for you, and to be able to save settings.

The legal basis for this data processing is Article 6(1)(f) of the General Data Protection Regulation (GDPR). We have a legitimate interest in providing you with a user-friendly website that remembers your personal settings and ensures a smooth browsing experience. Under the GDPR, you have the right to object to this processing at any time if you believe it affects your rights and freedoms.

In addition, for users in the United States, Xpendy complies with the Federal Trade Commission Act (FTC Act), which requires transparency and fairness in how personal data is collected and used. Our data practices are designed to respect user preferences while maintaining compliance with both European and U.S. privacy standards.

In your browser settings you can limit or completely block the placing of cookies. You can adjust the settings so that the cookies are automatically deleted when you close the browser window.

The provision of Personal Data is neither required by law nor by contract nor is it required for the conclusion of an Agreement. You are not obliged to provide the Personal Data. However, failure to do so may result in your not being able to use our website fully or at all.

Cookies are also used by other Services used by us. We inform you specifically about the use of cookies in the individual services.

ARTICLE 7-SECURE PAYMENT WITH STRIPE

When making payment for our Services, we use the payment methods:

Paypal

Mastercard

Visa

Amex

Apple Pay

If you make a payment on our website using one of the aforementioned payment methods via Stripe, Stripe will process the following data:

Your Payment Details (e.g. bank account number or credit card number)

Your IP Address

Your internet browser and device

In some cases your first and last name

In some cases your address details

In some cases information about the product or service you purchased through us

Other Personal Data that you make available, for example through correspondence or on the phone

The purpose of processing the data as part of the payment process is to evaluate your application, prepare and execute the Agreement and process your payment.

The legal basis for the processing is Article 6 para. 1 of the GDPR. The data will only be stored by us for the time required to execute and process your order and to comply with the statutory retention periods.

The provision of Personal Data is required for the conclusion of an Agreement. Failure to make the data available shall mean that the Agreement cannot be concluded.

ARTICLE 8 - DATA SECURITY

We secure our website and other systems by means of technical and organizational measures against loss, disruption, access, modification or distribution of your Personal Data by unauthorized persons. However, despite regular checks it is not possible to achieve complete protection against all dangers.

ARTICLE 9 - AMENDMENT OF THE PRIVACY DECLARATION

Changes in the law or in our internal processes may require us to amend the privacy statement.

You should note (insofar as you do not exercise your right of revocation) that the current version of the privacy statement always applies.

ARTICLE 10 - REVOCATION

You have the right to revoke any granted permission at any time with effect for the future. You can do this by sending an e-mail to [email protected].

ARTICLE 11 - RIGHT OF DATA SUBJECTS

Right of access:

You have the right to request information about the Personal Data we hold about you at any time. You can request this information by email at [email protected]. We will try to respond to your request as soon as possible.

Right to portability:

Where Xpendy processes your Personal Data by automated means on the basis of your consent or pursuant to an Agreement, you have the right to receive a copy of your data in a structured, commonly used and machine-readable format, transferred to you or another party. This relates only to the Personal Data you have provided to us. You can request this information by email at [email protected].We will try to respond to your request as soon as possible.

Right of correction:

You have the right to request correction of your Personal Data if it is incorrect, including the right to have incomplete Personal Data completed. You can request this correction by email at [email protected]. We will try to respond to your request as soon as possible.

Right to erasure:

You have the right to request at any time that personal data processed by Xpendy be deleted. This can be requested by e-mail at [email protected].We will try to respond to your request as soon as possible.

How can you exercise your rights?

We take data protection very seriously. Therefore, you can send us an e-mail at any time and we will deal with it as soon as possible. You can reach our staff at [email protected].

Cooperation in tax and criminal investigations

In some cases, we may be required by law to share your data in connection with governmental tax and criminal investigations. In such a case we are forced to share your data, but we will oppose this within the possibilities of the law.

The right to lodge a complaint with a supervisory authority:

If you believe that Xpendy is not properly processing your Personal Data, please contact us at [email protected]. You also have the right to file a complaint with a supervisory authority.

Updates to our privacy statement:

It may happen that our privacy statement needs to be updated. The latest version of the privacy statement is always available on our website. We will post any material changes to the privacy statement, for example, regarding the purpose of using your personal data or your rights.