Privacy Policy

Effective date: 24 December 2025
This Privacy Policy explains how Moonray (“Moonray”, “we”, “us”, “our”) collects, uses, discloses, and protects information in connection with moonray.co and any related pages, forms, and communications that reference this Policy (collectively, the “Site”).

Moonray operates internationally. Where applicable, we comply with the EU General Data Protection Regulation(“GDPR”) and relevant Dutch privacy laws.

1. Scope

This Policy applies to information we process when you:

  • visit or use the Site,

  • submit information through our contact or inquiry form,

  • communicate with us in connection with your use of the Site.

This Policy does not apply to third-party websites, platforms, or services that may be linked from our Site or used by you independently.

2. Who is responsible for your information

For the purposes of the GDPR, Moonray is the data controller of personal data processed under this Policy.

Contact
For privacy requests, questions, or concerns, contact:
privacy@moonray.co

3. Information we collect

We collect information in two primary ways: (A) information you provide, and (B) information collected automatically through your use of the Site.

A. Information you provide via the form

When you submit our form, we may collect:

  • name,

  • company name,

  • business email address,

  • role/title,

  • message content and any information you choose to provide,

  • any other fields presented in the form at the time of submission.

You are responsible for ensuring that any information you submit is accurate and does not include sensitive personal data unless strictly necessary. We do not request sensitive data (such as health data, biometric data, or government identifiers) via the Site.

B. Information collected automatically

Depending on configuration and hosting, the Site may automatically log limited technical information, which can include:

  • IP address,

  • device and browser type,

  • referring/exit pages,

  • timestamps and interactions necessary to operate and secure the Site.

We do not intentionally use the Site to collect special categories of personal data.

4. How we use information

We use information to:

  • respond to inquiries and communicate with you,

  • evaluate potential partnerships or business discussions,

  • operate, maintain, and secure the Site,

  • prevent fraud, abuse, and security incidents,

  • comply with legal obligations and enforce our rights.

We do not sell your personal data.

5. Legal bases for processing (GDPR)

Where the GDPR applies, we rely on the following legal bases:

  • Legitimate interests: operating our Site, responding to business inquiries, and maintaining security (Article 6(1)(f)).

  • Contract or pre-contract steps: if your inquiry relates to entering into an agreement with Moonray (Article 6(1)(b)).

  • Legal obligation: where we must retain or disclose information to comply with applicable law or lawful requests (Article 6(1)(c)).

  • Consent: only where explicitly requested and obtained (Article 6(1)(a)), which you may withdraw at any time.

6. How we share information

We may share information:

  • with service providers acting as processors (e.g., hosting, email delivery, form tooling, security providers) to operate the Site and communications,

  • with professional advisors (e.g., legal, accounting) where necessary for business operations or compliance,

  • with authorities or third parties where required by law, lawful request, or to protect rights, safety, and security,

  • in connection with a corporate transaction (e.g., financing, merger, acquisition, or asset transfer), subject to appropriate confidentiality and lawful processing requirements.

We limit sharing to what is necessary and proportionate for the stated purposes.

7. International transfers

Moonray is an international business. Your information may be processed in countries other than your country of residence, including jurisdictions that may not provide the same level of data protection.

Where the GDPR applies and personal data is transferred outside the European Economic Area, we implement appropriate safeguards, such as:

  • the European Commission’s Standard Contractual Clauses (as applicable),

  • transfers to jurisdictions recognized as providing an adequate level of protection,

  • supplementary measures where required.

8. Data retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including:

  • to respond to your inquiry and maintain business records,

  • to meet legal, accounting, and compliance obligations,

  • to resolve disputes and enforce agreements.

Retention periods vary based on the nature of the data and purpose. If you want more detail on retention for a specific category of data, contact us at privacy@moonray.co.

9. Security

We implement reasonable administrative, technical, and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. However, no method of transmission or storage is completely secure, and we do not guarantee absolute security.

10. Your rights (GDPR)

Where the GDPR applies, you may have the right to:

  • access your personal data,

  • correct inaccurate or incomplete data,

  • delete your personal data,

  • restrict processing,

  • object to processing based on legitimate interests,

  • receive a copy of your data (data portability) where applicable,

  • withdraw consent where processing is based on consent.

To exercise these rights, contact privacy@moonray.co. We may request information to verify your identity and process your request. Certain rights may be limited by law (for example, where retention is required for compliance or legal claims).

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens.

11. Cookies and similar technologies

The Site may use cookies or similar technologies that are necessary to operate and secure the Site, or that are used by our hosting/security providers.

If we use non-essential cookies (e.g., analytics or marketing cookies), we will present an appropriate notice and obtain consent where required by law.

12. Children

The Site is not directed to children, and we do not knowingly collect personal data from individuals under 16. If you believe a child has provided personal data to us, contact privacy@moonray.co, and we will take appropriate steps consistent with applicable law.

13. Third-party links

The Site may contain links to third-party sites or services. We are not responsible for the privacy practices of those third parties. Your use of third-party sites is at your own risk and subject to their policies.

14. Disclaimers and limitation of liability (Privacy)

This Policy is provided for transparency regarding our data practices. To the maximum extent permitted by applicable law:

  • the Site and all information related to privacy practices are provided “as is” and “as available”,

  • Moonray disclaims all warranties, express or implied, including fitness for a particular purpose and non-infringement,

  • Moonray is not responsible for actions of third parties outside our reasonable control.

Limitation of liability. To the fullest extent permitted by applicable law, Moonray’s total liability arising out of or relating to the Site and this Policy (including any privacy-related claims) shall not exceed EUR 0 for use of the Site.
Where a limitation to EUR 0 is not enforceable as a matter of law, Moonray’s total liability shall be limited to the lowestamount permitted by law.

Nothing in this Policy limits liability that cannot be excluded under applicable law (including, where applicable, liability for intent or gross negligence to the extent such limitation is not permitted).

15. Governing law and jurisdiction

This Policy and any dispute arising out of or relating to it, the Site, or Moonray’s processing of personal data shall be governed by the laws of the Netherlands.

To the extent permitted by applicable law, the competent courts of Amsterdam, the Netherlands shall have exclusive jurisdiction.

16. Changes to this Policy

We may update this Policy from time to time. Changes become effective upon posting on the Site with an updated “Effective date.” Your continued use of the Site after changes are posted constitutes acceptance of the updated Policy.

17. Contact

For privacy-related inquiries:
privacy@moonray.co

© 2025 Moonray. All rights reserved. All materials are protected by law.

© 2025 Moonray. All rights reserved. All materials are protected by law.

© 2025 Moonray. All rights reserved. All materials are protected by law.