Privacy Policy of Goal 17

1. Introduction 

Welcome to Goal 17. We are committed to protecting the privacy and security of our clients’ personal information. This privacy policy outlines our practices regarding the collection, use, and disclosure of personal data when you use our services and the choices you have associated with that data. 

2. Information Collection 

  • Types of Data Collected: We collect various types of personal information, including but not limited to, name, contact information, professional details, IP address and other relevant data necessary to provide our consulting services. 
  • Methods of Collection: This information is collected through direct interactions with our clients, via our website, email communications, and other professional engagements. Goal 17 does not use automated decision making techniques. 

3. Use of Information 

  • Purpose: The collected data is used to deliver our consulting services, process payments, communicate with clients, and improve our services. 
  • Legal Basis: Privacy legislation, including the General Data Protection Regulation (GDPR), allows us to process personal data if we have a legal ground to do so. In addition, this legislation requires us to tell you what this ground is. We only process your personal data based on one of the following grounds: 
    • Performance of a contract: when we need to process your personal data to fulfil our obligations under a contract;  
    • Performance of a contract: when we need to process your personal data to fulfil our obligations under a contract;  
    • Legal obligation: when we need to process your personal data to comply with a legal obligation, such as keeping records for tax purposes or providing information to a government or law enforcement agency;  
    • Legitimate interest: we process your personal data when it is in our legitimate interest to do so to conduct our business and optimise it, as long as your interests do not outweigh our interests; or 
    • Your consent: In some cases, we will ask you for specific consent to process certain personal data. We will only process your personal data in this way if you consent. You can withdraw your consent at any time by contacting Goal 17 at
    • We are fully committed to complying with the General Data Protection Regulation (GDPR) and, in accordance with its provisions, maintaining comprehensive records of our data processing activities. These records serve as a testament to our dedication to transparency, accountability, and the protection of personal data entrusted to us by our customers, employees, and other stakeholders. We understand the importance of documenting and regularly updating these records to ensure ongoing GDPR compliance and safeguard the privacy rights of individuals.

4. Data Sharing and Disclosure 

  • Third Parties: We will not share your information with others without your consent, unless this is necessary in the context of performing the agreement you, or your organisation, have entered with us, or unless it is a legal obligation. 
  • Reasons for Sharing: This sharing follows legal obligations, to provide our services, or to protect our rights. 
  • We may need to transfer personal data outside the European Economic Area (EEA) to fulfill various business purposes, including but not limited to providing services, conducting research, or collaborating with global partners. We recognize the importance of ensuring the continued protection of personal data when it leaves the EEA and are committed to doing so in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). 

To meet our data protection obligations when transferring data outside the EEA, we employ various mechanisms designed to guarantee an adequate level of protection. These mechanisms include: 

  • Standard Contractual Clauses (SCCs): In situations where we engage with third parties or service providers located in countries without an adequacy decision from the European Commission, we may enter into Standard Contractual Clauses as a legally binding agreement to ensure that personal data is treated with the same level of protection as within the EEA. 
  • Binding Corporate Rules (BCRs): For intra-group data transfers, we have implemented Binding Corporate Rules as an additional safeguard. These rules define our global data protection standards and practices, ensuring consistency and protection across our international operations. 
  • Adequacy Decisions: Where applicable, we will rely on adequacy decisions issued by the European Commission that recognize the data protection standards of certain countries as equivalent to those of the EEA. In such cases, we will transfer data in accordance with these decisions. 
  • Consent: When necessary, we will seek explicit consent from data subjects for cross-border data transfers, ensuring they are informed about the potential risks involved. 

5. Data Security 

  • Security Measures: We implement robust security measures like encryption and access controls to protect your data. 
  • Data Breach Procedures: In the event of a data breach, we have procedures in place to mitigate risks and will notify affected individuals as required by law. 

6. Data Retention 

  • Retention Period: Personal data is retained as long as necessary to provide our services and comply with legal obligations. 
  • Criteria for Retention: The retention period is determined based on the nature of the data and our contractual and legal requirements. 

7. International Data Transfers We comply with laws applicable to international data transfers, ensuring an adequate level of data protection. 

8. Rights of Individuals 

  • Access and Control: You have the right to access, correct, or delete your personal data, and restrict its processing.The right of data portability and right of protest on processing is also guaranteed by us. 
  • Exercise of Rights: Requests regarding your data rights can be directed to our contact details below. 

9.  Autoriteit Persoonsgegevens 
Of course, we are happy to help you if you have complaints about the processing of your personal data. Under privacy legislation, you also have the right to lodge a complaint with the Autoriteit Persoonsgegevens against these processing of personal data. You can contact the Autoriteit Persoonsgegevens for this purpose. You can do so via the following link: contact form. 

10. Policy Updates 

  • Changes to Policy: This policy may be updated periodically. 
  • Notification of Changes: We will notify users of significant changes through our website or direct communication. 

11. Contact Information For any privacy-related inquiries, please contact us at Goal 17 B.V., Rigolettosingel 64, 2152 PR Nieuw-Vennep, 

12. Governing Law and Jurisdiction This policy is governed by the laws of the Netherlands, and any disputes will be subject to the jurisdiction of the courts in this region. 

Effective Date: January 14th, 2024 We reserve the right to make changes to this privacy statement. It is recommended that you consult this privacy statement regularly so that you are aware of these changes. 

Cookies and Tracking Technologies 

1. Introduction 
Our website,, uses cookies to improve your experience while navigating our website. This policy explains what cookies are, how we use them, the types of cookies we use, and how to manage your cookie preferences. 

2. What are Cookies? 
Cookies are small text files that are stored on your device (computer, tablet, smartphone, etc.) when you visit a website. They are widely used to make websites work more efficiently, as well as to provide information to the site owners. 

3. How Do We Use Cookies? 
Our website uses cookies to: 

  • Understand and save user’s preferences for future visits. 
  • Compile aggregate data about site traffic and site interactions to offer better site experiences and tools in the future. 
  • Enhance the performance and functionality of our website. 

4. Types of Cookies We Use 

  • Essential Cookies: These are necessary for the website to function and cannot be switched off in our systems. 
  • Performance Cookies: These cookies allow us to count visits and traffic sources, helping us to measure and improve the performance of our site. 
  • Functionality Cookies: These are used to recognize you when you return to our website, enabling us to personalize our content for you. 
  • Advertising Cookies: These cookies may be set through our site by our advertising partners to make advertising messages more relevant to you. Goal 17 places no advertising cookies. 

5. Managing Cookies You have the right to decide whether to accept or reject cookies. You can set opt-out or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website, though your access to some functionality and areas of our site may be restricted. 

6. Policy Updates 

  • Changes to Policy: This policy may be updated periodically. 
  • Notification of Changes: We will notify users of significant changes through our website or direct communication. 

7. Contact Us If you have any questions about our use of cookies, please contact us at Goal 17, Rigolettosingel 64, 2152 PR Nieuw-Vennep,

Effective Date: January 14th, 2024 We may update this Cookie Policy from time to time in order to reflect changes to the cookies we use or for other operational, legal, or regulatory reasons.