Our Starting Premise: Privacy-First

Symbio6 commits to the notion of privacy first. This goes beyond the legally required privacy rules. For example, we do not display any information about our clients on our website and do not keep personal data for any longer than is strictly necessary. We also avoid using cookies on symbio6.nl, which makes tracking our web users much more difficult.

Updated 24 July 2025 12-minute read

Summary

Don’t use cookies or track you.
We don’t share your personal data.
You can see, change, or delete your data—just ask.
Our website is secure and privacy-first.
For extra privacy, try private browsing or tools like VPN or GPC.

Questions? Contact us any time.

What Is Privacy?

Privacy is the confidence that your data will be viewed only by those who have your permission. Privacy rules such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) set requirements for this. Unfortunately, these lag behind technological developments and, in our judgement, do not go far enough.

The Difference Between Privacy and Security

Privacy and security are inextricably linked. Security is the protection of data, whereas privacy is the control you have over your own data. Privacy refers to what you want or do not want to share with someone and can only be achieved with strong security.

Our Measures

Secure Website Connection

Our website has an SSL certificate, so you can browse the internet safely. The identity of our website is verified by this digital certificate, and an encrypted connection can be made between your web browser and our web server. As a result, people cannot listen in on this communication. The padlock in the address bar and the extra s after http indicate a secure environment in a browser (Figure 1). As an added security measure, we redirect all users from http to https (HSTS policy). Independent test SSL certificate symbio6.nl »

Secure connection in browser — Figure 1. Recognise a secure website connection in the Chrome and Firefox browsers.

No Third-Party Cookies

A cookie is a small text file that a website leaves on your computer when you visit it. The primary role of cookies is to identify a user. Many businesses value so-called third-party cookies because they allow them to personalise advertisements. People can be tracked on the internet using tracking cookies. As a result, many users disable these cookies in their browsers. Because Symbio6 does not employ third-party cookies, you will not find any annoying cookie banners on our site.

Third-Party Cookie Alternatives

Unfortunately, blocking third-party cookies is no longer sufficient because advertisers are now tracking users through alternatives for tracking cookies. These establish a unique profile of you based on your hardware, software, add-ons, and preferences. IP address, device model, screen resolution, time zone, default language, operating system, browser, screen size, and installed fonts are some examples. Users cannot disable these features, unlike cookies. As a result, you have limited control over this. Most browsers make every effort to keep this information as private as possible.

No Website Cookies

These alternatives' providers frequently combine system and browser features with so-called first-party cookies, which come from the relevant website. These are cookies that are used to remember website settings such as authorisation or language preference. Symbio6 does not use website cookies because we value your privacy above anything else. Independent cookie scan symbio6.nl »

Global Privacy Control (GPC)

We respect your browser’s Global Privacy Control (GPC) signal. If enabled, we treat it as a request to restrict sharing of your personal data.

💡 You can activate GPC in your browser settings for extra privacy.

Security Response Headers

HTTP headers are a great way to improve website security. Information leaks and security issues can be avoided with the use of suitable response headers. Despite the fact that they are relatively easy to install, they are little used. On SecurityHeaders.com, only 14% of websites received an A or A+ rating. Our website is one of these (Figure 2) and has a Content Security Policy (CSP), a referrer policy, and a permission policy. Furthermore, we have established strict options for transport security, x-frame, and x-content type. These configurations can be evaluated using SecurityHeaders.com and the CSP evaluator.

Security header scan Symbio6 — Figure 2. Our website's headers satisfy the highest security requirements (A+).

Send Encrypted Messages

You can send us an encrypted message with our public PGP key using WhatsApp or our contact form.

Static Website

Our static website has considerably fewer technological building blocks to function, making it less vulnerable to security issues. Our website consists of static pages that are not linked to a server-side database and do not make use of external extensions or plug-ins. Additionally, following each modification, we generate a completely new website and overwrite the current pages. There are fewer building blocks, and this strategy makes a static website far less vulnerable than popular content management systems like WordPress (Figure 3). Additionally, static websites are faster.

Log results with WordPress assaults — Figure 3. In our logs, we see assaults on major content management systems such as WordPress every day. Because our static website does not employ this software, these assaults have no effect on our website, resulting in logs containing not-found errors (404).

No Automated Decision-Making

Symbio6 does not make decisions based on automated processing on matters that can have major consequences for people. For instance, while hiring new employees.

Include No Client Information

You will not find any information about our clients on our website, symbio6.nl. To demonstrate our expertise, we undertake our own projects and case studies in the public domain, utilising open data.

Personal Data That We Process

Purpose and Basis

Personal data is information that may be linked to a specific person. Symbio6 processes your personal data because you use our services and/or you provide this information to us yourself. This pertains to contact information such as name, e-mail address, and phone number. Our purposes and basis for processing this personal data are:

to be able to contact you if this is required for your question or comment;
to further improve our services;
we are legally obliged to do so, such as with information that we need for our tax return.

We do not gather data on our website; instead, we follow the notion that content is king. We do not share or sell our (possible) clients personal information to other parties. Furthermore, we will only provide this if it is required to meet a legal obligation.

Keep No Longer Than Strictly Necessary

During the use phase, we do not keep your personal data for any longer than is strictly necessary to achieve the purposes for which it was gathered. We only store data during the archiving phase if this is needed by law or otherwise minimally and anonymously. We shred personal data so that it could not be recovered. As a result, our retention policy is stricter than what the privacy regulations require.

Inspect, Correct, or Delete Personal Data

You have the right to inspect, correct, or delete your personally identifiable information. Furthermore, you have the right to cancel any data processing permission or to object to Symbio6's processing of your personal data. You have the right to data portability as well. This means you can ask us to send you the personal information we have on file for you in a computer file. You can use our contact form to submit a request for personal data assessment, correction, deletion, or transfer of data, as well as a request to withdraw your permission or object to the processing of your personal data. To ensure that the request was made by you, we ask that you provide us with the contact details known to us. We will also communicate solely through these channels and will answer your request as soon as feasible, but no later than four weeks.

Security of Personal Data

We take data security seriously and put in place appropriate precautions to prevent abuse, loss, unauthorised access, unwanted disclosure, and unauthorised modification. Please inform us if you believe your data is not securely safeguarded or if there are signs of abuse. It is also possible to send this information to us encrypted with our public PGP key.

Responsibility

Embedded Third-Party Content

Some pages on this website may contain embedded content from third parties, such as YouTube videos. By default, this content is not loaded automatically. It will only be activated if you explicitly click a button on the page. At that time, data such as your IP address and possibly cookies may be shared with the third party (for example, YouTube/Google). For further details on their data processing, please see the YouTube privacy.

To improve privacy, we embed videos using the youtube-nocookie.com domain. This means that no tracking cookies are set when the page loads. However, once you click to play a video, YouTube may still store information in your browser (such as a unique identifier using local storage) and begin tracking your interaction. While this approach delays tracking until you actively engage with the video, it does not fully eliminate it.

We use this method to help protect your privacy and ensure that no information is sent to external platforms without your explicit consent.

💡 For even more control over your privacy, you can use a browser extension like uBlock Origin (figure 4), which blocks unwanted content and tracking from third-party services such as YouTube.

youtube.com vs. youtube-nocookie.com — Figure 4. The uBlock Origin browser extension allows you to block embedded YouTube videos before any data is shared. This figure shows the difference in data sharing between youtube.com and youtube-nocookie.com, and how uBlock Origin helps prevent unwanted tracking.

Symbio6

Our webmaster is in charge of adopting measures and processing personal data in compliance with our privacy policies.

💡 Protecting Your Privacy Online

Fingerprinting is a new kind of web tracking that’s replacing cookies. Rather than saving files on your device, websites collect details about your computer—like screen size, browser, and settings—to create a unique "digital fingerprint" that identifies you online. This method is harder to stop than cookies and is being used more because people can easily block or delete cookies.

Simple Ways to Safeguard Your Privacy

Set your browser to the highest privacy settings and browse in private browsing mode when possible.
Avoid social logins (like Google, Facebook, or LinkedIn), which link your identity to your browsing.
Use privacy-friendly search engines like DuckDuckGo instead of Google.
Limit use of Google services (e.g., Gmail, Google Calendar), as they collect a great deal of information about you.
For extra privacy, use a VPN to mask your real IP address or browse with Tor for more anonymity.

Easy Steps to Minimise Fingerprinting

Choose browsers like Brave or Firefox, which have built-in fingerprinting protection.
Install privacy extensions like ad and tracking blockers, but keep the number of add-ons low to avoid a unique setup.
Limit browser features exposed (like camera or microphone access) in your browser’s settings.

By following these recommendations, you make it much harder for websites and companies to track or build a profile about you as you browse the internet.

Privacy and Symbio6

Symbio6 is based on privacy by design. This means that we never compromise on privacy and always aim for the highest level possible in all our processes. This transcends the bounds of existing rules and laws. For example, regardless of whether the data is personal or not, we always enter into a processing agreement when we process data from a client. Everyone is on the same page. Full control over your privacy is a myth, by the way. But you can reduce the unwanted leakage of information.

Our security policy: security-first »