Privacy Policy
Last Updated: february 2026
Spektre B.V. ("Spektre," "we," "us," or "our") respects your privacy and is committed to protecting the personal data of our clients and website visitors. This Privacy Policy explains how we collect, use, and safeguard information when you visit our website or use our AdTech analytics platform (the "Services").
Controller Details:
Company Name: Spektre B.V.
Address: Keizersgracht 520H, 1017 EK Amsterdam
Contact Email: privacy@spektre.ai
1. THE DATA WE COLLECT
We collect data in two distinct categories: (A) Client & Website Data and (B) Campaign Analysis Data.
A. Client & Website Data
This is information about you as our customer or website visitor.
Contact Information: Name, email address, job title, phone number, and company name when you sign up for a demo or contract.
Billing Information: Invoicing details, VAT numbers, and banking details required for payment processing.
Usage Data: Information on how you interact with our dashboard (e.g., login timestamps, pages viewed) and technical logs (IP address, browser type).
B. Campaign Analysis Data (The "AdTech" Part)
This is the data we analyze to provide our Services.
Nature of Data: We analyze aggregated campaign-level data and media spend metrics retrieved from Demand Side Platforms (DSPs).
No Personal Profiling: We do not use this data to build profiles on individual consumers (end-users). We do not retarget, track, or serve ads to individuals.
Aggregation: Our proprietary scoring models focus on statistical patterns in media buying (e.g., "Site X has high waste," "Bid Strategy Y is inefficient"), not on individual user behavior.
Data Minimization: We utilize Data Minimization principles. Our API integrations are configured to fetch only the dimensions required for media efficiency analysis (e.g., spend, impressions, site ID). We explicitly filter out or do not request granular User IDs, Device IDs, or precise geolocation data from upstream providers.
2. PURPOSES & LEGAL BASIS
We process your data based on the following legal grounds under the GDPR:
Purpose | Data Category | Legal Basis |
Service Delivery: Providing access to the dashboard, running audits, and generating reports. | Client Data | Contractual Necessity (Performance of the MSA/SOW) |
Billing & Administration: Managing invoices and accounting. | Client Data | Legal Obligation (Tax laws) |
Platform Security: Monitoring for fraud or unauthorized access. | Client Data | Legitimate Interest (Network security) |
Communication: Sending updates, support responses, or newsletters (if opted in). | Client Data | Consent or Legitimate Interest |
Campaign Analysis: Improving our scoring models and delivering efficiency insights. | Campaign Data | Legitimate Interest (Business optimization) |
3. DATA SHARING
We are strictly a B2B analytics provider. We do not sell data to third parties. We may share data only with:
Service Providers (Processors): Trusted third-party vendors who assist us in operating our Services (e.g., cloud hosting providers like AWS/Google Cloud, CRM tools, or accounting software). These parties are bound by Data Processing Agreements (DPAs).
Legal Authorities: If required by Dutch law or a valid court order.
4. INTERNATIONAL TRANSFERS
Spektre is based in the Netherlands (EEA). If we transfer data to service providers outside the European Economic Area (e.g., to servers in the US), we ensure appropriate safeguards are in place, such as the EU Standard Contractual Clauses (SCCs) or equivalent adequacy decisions.
5. DATA RETENTION
Client Data: We retain account and billing information for as long as we have an active relationship with you, plus the statutory retention period required by Dutch tax law (typically 7 years).
Campaign Data: Raw campaign data is processed to generate insights. Once aggregated into our reports/dashboard, the raw logs are either archived securely or deleted in accordance with our data lifecycle policy.
6. SECURITY
We take security seriously. Our infrastructure is hosted on Google Cloud within the EU-West regions, ensuring data residency within the EEA. We employ the Architecture where Client Data and Campaign Data are logically isolated to prevent cross-contamination. We implement enterprise-grade technical and organizational measures to protect your data, including:
Encryption of data in transit (TLS/SSL) and at rest.
We follow the Principle of Least Privilege (PoLP).
Strict access controls (Role-Based Access Control).
Regular security audits of our infrastructure.
7. YOUR RIGHTS (GDPR)
As a data subject, you have the following rights regarding your personal data:
Right of Access: Request a copy of the personal data we hold about you.
Right to Rectification: Correct inaccurate or incomplete data.
Right to Erasure: Request deletion of your data ("Right to be Forgotten"), subject to legal retention duties.
Right to Restriction: Request that we limit the processing of your data.
Right to Object: Object to processing based on legitimate interest.
To exercise these rights, please contact us at privacy@spektre.ai. We will respond within 30 days.
8. COOKIES
Our website uses cookies to function correctly and analyze traffic.
Functional Cookies: Necessary for the website to work (e.g., keeping you logged in).
Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics).
You can manage your cookie preferences via your browser settings.
9. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. The latest version will always be available on this page.
Spektre B.V.
Keizersgracht 520H
1017 EK Amsterdam
Netherlands