Expo Lead Capture – Privacy Notice

Who we are

Geris Food Group BV ("we", "our") is the controller of personal data collected through our expo lead capture system.

What data we collect

Lead Information:

Company name and contact person details
Email addresses and telephone numbers
Country and business location information
Product interests and order information
Lead type classification (A, B, C, D)
Sales reference numbers and notes
Exhibition and trader assignment data

Images and Documents:

Photos of business cards (for OCR processing)
Photos of handwritten lead forms
Notes and additional documentation

System Data:

User authentication data (trader names and encrypted passwords)
System access logs and audit trails
OCR processing results and confidence scores

How we collect data

Direct Collection: Information you provide during exhibitions, including business cards and completed lead forms.

Automated Processing: We use advanced OCR (Optical Character Recognition) technology to extract information from images:

Cloud Vision API: For high-accuracy text extraction from images
Tesseract.js: As a fallback for client-side processing
Images are processed securely and not stored permanently

Why we collect it

We use this information to:

Follow up on business discussions initiated at exhibitions
Provide quotations and answer product inquiries
Manage customer relationships and sales processes
Improve our lead capture and processing systems
Generate business analytics and reporting
Ensure system security and prevent unauthorized access

Legal basis

Legitimate Interests: Continuing business discussions initiated at exhibitions and managing customer relationships.

Contract Performance: Processing orders and providing requested services.

Consent: For any marketing communications beyond business follow-up.

How long we keep it

Image Data:

Business card and form images: deleted after OCR processing or within 90 days (whichever comes first)
OCR processing results: retained for lead management purposes

Lead Information:

Active leads: up to 24 months unless a customer relationship is established
Customer data: retained for the duration of the business relationship plus applicable legal requirements
Deleted leads: soft-deleted for audit purposes, permanently removed after 7 years

System Data:

User accounts: retained while active, deleted 30 days after deactivation
Audit logs: retained for 7 years for security and compliance purposes

Opt-out Requests: If you opt out, we retain minimal data (name/email) on a suppression list to honor your request.

Who sees your data

Internal Access:

Authorized traders and sales staff for lead management
System administrators for technical support and security
Management for business analytics and reporting

Third-Party Services:

Cloud Vision API: For OCR processing (images are processed and immediately discarded)
Cloud Storage Providers: Cloud blob storage or Vercel Blob for secure file storage
Database Hosting: Cloud PostgreSQL or local SQLite for data storage
Web Hosting: Cloud container apps or Vercel for application hosting

All third-party services operate under strict data processing agreements and act only on our instructions. We do not sell or share your data with third parties for their marketing purposes.

Data security

We implement comprehensive security measures to protect your data:

Encrypted data transmission (HTTPS/TLS)
Secure authentication with hashed passwords
Role-based access controls
Regular security audits and updates
Secure cloud storage with access controls
Automated backup and disaster recovery

Your rights

Under GDPR and applicable data protection laws, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your personal data
Restriction: Limit how we process your data
Portability: Receive your data in a structured format
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at: info@geris.nl

You may also lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) or your local supervisory authority.

International transfers

Your data may be processed by third-party services located outside the European Economic Area (EEA). We ensure adequate protection through:

Standard Contractual Clauses (SCCs) with service providers
Adequacy decisions by the European Commission
Certification schemes and codes of conduct

Contact

Data Protection Questions: info@geris.nl

General Inquiries: info@geris.nl

Data Protection Officer: If you have concerns about how we handle your data, please contact our Data Protection Officer at the same email address.

Last updated: January 21, 2026

This privacy notice may be updated periodically. We will notify you of any material changes.

Expo Lead Capture – Privacy Notice

Who we are

Geris Food Group BV ("we", "our") is the controller of personal data collected through our expo lead capture system.

What data we collect

Lead Information:

Company name and contact person details
Email addresses and telephone numbers
Country and business location information
Product interests and order information
Lead type classification (A, B, C, D)
Sales reference numbers and notes
Exhibition and trader assignment data

Images and Documents:

Photos of business cards (for OCR processing)
Photos of handwritten lead forms
Notes and additional documentation

System Data:

User authentication data (trader names and encrypted passwords)
System access logs and audit trails
OCR processing results and confidence scores

How we collect data

Direct Collection: Information you provide during exhibitions, including business cards and completed lead forms.

Automated Processing: We use advanced OCR (Optical Character Recognition) technology to extract information from images:

Cloud Vision API: For high-accuracy text extraction from images
Tesseract.js: As a fallback for client-side processing
Images are processed securely and not stored permanently

Why we collect it

We use this information to:

Follow up on business discussions initiated at exhibitions
Provide quotations and answer product inquiries
Manage customer relationships and sales processes
Improve our lead capture and processing systems
Generate business analytics and reporting
Ensure system security and prevent unauthorized access

Legal basis

Legitimate Interests: Continuing business discussions initiated at exhibitions and managing customer relationships.

Contract Performance: Processing orders and providing requested services.

Consent: For any marketing communications beyond business follow-up.

How long we keep it

Image Data:

Business card and form images: deleted after OCR processing or within 90 days (whichever comes first)
OCR processing results: retained for lead management purposes

Lead Information:

Active leads: up to 24 months unless a customer relationship is established
Customer data: retained for the duration of the business relationship plus applicable legal requirements
Deleted leads: soft-deleted for audit purposes, permanently removed after 7 years

System Data:

User accounts: retained while active, deleted 30 days after deactivation
Audit logs: retained for 7 years for security and compliance purposes

Opt-out Requests: If you opt out, we retain minimal data (name/email) on a suppression list to honor your request.

Who sees your data

Internal Access:

Authorized traders and sales staff for lead management
System administrators for technical support and security
Management for business analytics and reporting

Third-Party Services:

Cloud Vision API: For OCR processing (images are processed and immediately discarded)
Cloud Storage Providers: Cloud blob storage or Vercel Blob for secure file storage
Database Hosting: Cloud PostgreSQL or local SQLite for data storage
Web Hosting: Cloud container apps or Vercel for application hosting

All third-party services operate under strict data processing agreements and act only on our instructions. We do not sell or share your data with third parties for their marketing purposes.

Data security

We implement comprehensive security measures to protect your data:

Encrypted data transmission (HTTPS/TLS)
Secure authentication with hashed passwords
Role-based access controls
Regular security audits and updates
Secure cloud storage with access controls
Automated backup and disaster recovery

Your rights

Under GDPR and applicable data protection laws, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your personal data
Restriction: Limit how we process your data
Portability: Receive your data in a structured format
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at: info@geris.nl

You may also lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) or your local supervisory authority.

International transfers

Your data may be processed by third-party services located outside the European Economic Area (EEA). We ensure adequate protection through:

Standard Contractual Clauses (SCCs) with service providers
Adequacy decisions by the European Commission
Certification schemes and codes of conduct

Contact

Data Protection Questions: info@geris.nl

General Inquiries: info@geris.nl

Data Protection Officer: If you have concerns about how we handle your data, please contact our Data Protection Officer at the same email address.

Last updated: January 21, 2026

This privacy notice may be updated periodically. We will notify you of any material changes.