The privacy and cookie statement

In this section, you can find the privacy and cookie statement of SUE | Behavioural Design and our Academy. Our ultimate goal is to make you extremely excited and happy with our services and academy, so if you’ve any further questions, please don’t hesitate to contact us.

Privacy and Cookie Statement Behavioural Design Academy

Privacy and Cookie Statement

This Privacy and Cookie Statement has been drafted by Behavioural Design Academy B.V. on behalf of the Behavioural Design Academy, hereinafter referred to as BDA.

Privacy and Cookie Statement Behavioural Design Academy

This privacy and cookie statement (“Statement”) describes the collection of personal data of her clients, employees, prospects, students, alumni and other contacts by the Behavioural Design Academy (hereafter BDA). We do this to service the above-mentioned contacts as best as possible and to reach our goals. In this privacy statement, we explain why and in which way we use your personal data. All personal data is processed under the provisions of the new AVG (Algemene Verordening Persoonsgegevens)/GDPR (General Data Protection Regulation). This statement is drafted in English as we have both Dutch as international contacts.

Should you have any questions regarding our privacy statement, you can contact

Who are we?
We are the Behavioural Design Academy: a training institution specialized in behavioural psychology and design. This privacy and cookie statement concerns all personal data we process – including the personal data we collect in partnerships with third parties (for instance when working on larger scale events). If we do have a partnership, you will always find this privacy and cookie statement on the event website.

The Behavioural Design Academy B.V. (“BDA”) is responsible for the processing of your personal data. Our office and principal place of business are registered at ‘s-Gravenhekje 1a, 1011 TG Amsterdam.

Which personal data do we process?
We collect certain personal data to provide you with your requested or purchased services or products. We collect the first- and the last name, address, postal code, city, email address, business name, billing information, phone number, job title, contact history, IP-address, social ID, cookie ID and surfing behaviour, courses/ training of interest and enrolment, profile pictures, areas of interest, allergy or food intolerance information.

Why do we process this personal data?
We do this for a number of reasons:

Legislative obligations
A small part of our data processing is obligated by law. This mainly concerns personal data needed to be able to meet our tax obligations. But we also use personal data to use in case of calamities.

Student/alumni administration and service provision
In our student administration, we keep an overview of prospects, students and alumni to perform or deliver requested services to you. For example, when you decide to request a service, we will use the personal data provided by you for communication purposes. In addition, we collect this personal data for the general purpose of concluding business agreements and to perform our obligations under these agreements. We can use the personal data provided by you to better operate, improve, and maintain our services. For example, we may use them to send our students or alumni information, updates, schedules, practical information and additional training, etc.

We may also use the personal data to prevent fraud, abuse, illegal uses, and violations of our terms & conditions and to comply with court orders, governmental requests, or applicable law.

You can reach us via different channels: by phone, by post, by email, by LinkedIn and Facebook. To make this possible we also process personal data.

Newsletters and mailings
You can subscribe to several newsletters. Sometimes these are personalized; sometimes they aren’t. If you don’t want to receive these emails anymore, there is a possibility to unsubscribe in every email.

Privacy Guarantee
To be able to get audited, we process personal data.

Acquisition (marketing)
BDA does acquisition for new students, sponsors, partners, trainers, speakers and new employees. To keep in touch with everyone we also process contact details and areas of interest.

For BDA campaigns (and BDA related campaigns such as our training and events) we also process personal data. Such as IP-address, cookie ID, social ID and/or surf behaviour. We do this to be able to show the right advertisements in the right places.

Also, we use targeting and differentiation for BDA and BDA related campaigns on social media. At these platform personalized ads could be shown. We don’t transfer any personal data to third parties unless you have permitted us to do so. If we do transfer your personal data to third parties who process personal data on our behalf under your permission, BDA ensures that such third parties provide sufficient guarantees concerning the technical security measures and organizational measures governing the processing of personal data and in case of the report of a breach of security.

If you do not wish to see any personalized advertisements of us on social media, you can contact us on above-mentioned contact details.

You can also unsubscribe yourself on the various social media platforms. How you can do this, you can read on the following pages:


Attention: it could be you’ll still see unpersonalized BDA advertisements if you belong to a generic target group we are campaigning.

Improvement BDA service
To improve our level of service, we also collect personal data. For instance clicking behaviour on our website, so we see which articles interest people the most or open rates of our newsletters and emails to see which emails are preferred.

Special data
We might process two types of special personal data: gender and photos of our trainings. We process data to be able to talk to you in the right way (sir, madam, him, her). We process photos to give our content more visual context. The process of both these types of data are voluntary. More information you can find in our terms and conditions. You can always tell us if you don’t want this type of data to be collected, and if you have any questions concerning this data we’re more then happy to help!

Rights of those involved
Under the AVG/GDPR, everyone has certain rights. We promise to do everything possible to comply with these rights. Do you have tips or remarks please let us know. To exercise your rights, you can always contact or call +31-20- 223 46 26.

  • Information and right to access your data: Upon request, you can always get information on which data we process of you. We can always tell you why we process these data for you.
  • Rectification: Do you think we have incorrect data of you? Or do you want your data updated? Let us know, and we will update the data right away.
  • Removal: You can always request removal of your personal data.
  • Limitation: Do you feel we process your personal data wrongly or illegally, you can always limit the processing of your data.
  • Objection: You can always object to the processing of your personal data. Is your objection against marketing, we’ll make sure to stop your data usage asap.
  • Transmission of data: This is a new right under the AVG/GDPR to have your personal data transmitted. If you want to exercise this right, please contact us.

Next, to this you can also always:

  • Withdrawal of agreement: for instance for subscribing to emails. If you want to limit any other form of consent, please contact us.
  • File a complaint at the AP: If you think we do not act according to the new privacy regulation, we’d love to hear it so we can improve. After May 25th you can also file a complaint at the Dutch AP (Autoriteit Persoonsgegevens). At this moment you can only do this using this form.

Retention of your personal data
We will not retain your personal data longer than is necessary or for any other purposes than those for which they are initially collected.

Foundation of the collection of personal data
As elaborated upon above, we collect some data for legislative reasons, some for being able to perform our business, some to perform our contractual agreements with our students, but most to be able to act upon our mission to help people unlock the power of behavioural psychology to make better choices in life, work and play and provide you with the best products and services to do so. If you have any further questions, please don’t hesitate to contact us.

Third parties
To provide our services, we sometimes use service providers ourselves. We for instance work with a digital marketing company and for instance use Google Analytics. They do not receive your data but use your data. Our third parties all act by the new AVG/GDPR law.

Sometimes we are obligated by law to give personal data to third parties like the Dutch Tax Authorities. Next, to this, we will only supply your data to third parties if we have your explicit permission to do so.

On the websites of the BDA you can find links to websites of other organisations. BDA is not responsible for the way they process personal data. To inform yourself about this, you can read the privacy statements of these specific organizations.

Cookie statement
We use cookies on the websites of BDA. WE do this to improve our service, to make sure our websites perform optimally, to efficiently conduct campaigns and other goals such as described in this privacy statement.

A cookie is a small text file that is stored by your web browser on your computer.

BDA uses two types of cookies:

  • Functional cookies: Cookies used to enhance the user-friendliness of the website. For example: to recognize your preferences.
  • Third party analytics cookies (Google Analytics): Cookies used for a web analytics-service offered by Google, Inc. This tool is used to analyze how visitors use our website. BDA does not share website statistics with Google that are traceable to a specific person.

Analytic cookies (Google Analytics)
Specified by cookie type, goal, retention period

  • _gat: Is used to measure the speed of the request, 1 minute
  • _gid: Is used to differentiate users, 24 hours
  • _ga: Is used to measure website visits and to anonymously differentiate users, two years

BDA uses Analytics cookies to analyze the usage of the BDA website. To do so a permanent cookie is places on your deskto[p computer or mobile device. We get insight into how often and how our website is used, and we can optimize our website according to these insights. To make sure our website is optimized for its users.

BDA processes anonymous statistics about its website visits; this is performed by a web analyzer system. Cookies track the following data in the web analyzer system:

  • IP address
  • Technical specifics such browser type (Chrome, Safari, Internet Explorer or Firefox)
  • The screen resolution of the screen you used visited our website.
  • Which page you visited before visiting our website
  • How long you stayed on our website
  • Whether you used functionalities on our website (or maybe the app in the future)
  • Which pages you visit on our website/app.

Social media
Our website contains buttons to share, like, or promote website content through social media. The code for these buttons is supplied by the social media themselves, and will instantly direct you to their website. Please read the privacy policies of Facebook, Google, and Twitter if you would like to learn more about the processing of your personal data by these companies.

Social cookies
Specified by cookie type, goal, retention period

  • Twitter; Guest_id: These cookies enable us when you visit Twitter after having visited the BDA website(s) to show you advertisements of the BDA that fit your interest (interest based targeting), max. 90 days
  • Facebook; Act, c_user, csm, fr, lu, s, presence, p, xs: These cookies give insight in which by Facebook used media are effective and enable us when you visit Twitter after having visited the BDA website(s) to show you advertisements of the BDA that fit your interest (interest based targeting), max. one year
  • LinkedIn: we use Insight Tag of LinkedIn to measure the effect of our LinkedIn-ads. You can find more information on There are several kinds of cookies; please read the privacy statement of LinkedIn for more information.

Advertising cookies
Specified by cookie type, goal, retention period

  • Google Adwords, NID, HSID, SSID, APISID, SAPISID, cookies that give insight into the effectiveness of the used Google Adwords. By this, we are charged for the Google Adwords, max. 1 year.
  • Google Doubleclick (DBM), These cookies enable us when you visit Twitter after having visited the BDA website(s) to show you advertisements of the BDA that fit your interest (interest based targeting), max. 18 months. They also give insight into the effectiveness of the used DBM. By this, we are charged for the DBM.

Cookie removal
The easiest way to remove cookies is via your browser. We have made a list of the most used browsers and a link explaining how to remove the cookies:

Google Chrome
Mozilla Firefox
Internet Explorer 7 en 8
Internet Explorer 9


Should you have any questions, tips, remarks or request please do not hesitate to contact us on

Amsterdam, 2 May 2018.