Privacy policy

Effective date: 18 January 2024

Your data is nobody's business.

At Intermesh we strive for the highest privacy standards. Your data is nobody's business. We need some information to support you and send an invoice. But that's all we need!

What do we collect?

Intermesh BV may collect the following personal data when using our website or signup for the Group-Office service:

  • Your first and last name
  • Your company billing address
  • Phone number
  • E-mail address
  • IP Address

Why do we collect this data?

Intermesh BV may use the personal information collected from the website to:

  • Provide you with the service.
  • Process your payments.
  • Send you information about the service.
  • Respond to customer support requests
  • Administer your account

Where do we store your data?

All our services are located in the Netherlands. Your service is immediately delivered in one of our two availability zones in Amsterdam (AMS0) or Delft (RTM0). An availability zone is a separate data centre that has its own power supply (2N) and its own network. Availability zones can operate completely independent of each other. Our two zones (AMS0 and RTM0) are connected by means of an encrypted 200Gb/s backbone connection.


Your privacy is of utmost importance to us. Intermesh BV will never share personal information with third parties unless required by applicable law. We only need to transfer some personal information to our payment provider when handling online payments.

How long do we keep your data?

Intermesh BV retains Personal Data we process for as long as an account is active or as needed to provide the service(s). If you wish to terminate your account or request that we no longer use your data, please contact us at We will retain your data as necessary to comply with our legal obligations, maintain accurate financial and other records, resolve disputes, and enforce our agreements. We delete all your data on the expiry of 14 days after the termination of your account, except as otherwise prohibited by applicable law.

Correction or Removal of Personal Information

If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at

Intermesh BV acknowledges that you have the right to access your personal information. Intermesh BV collects information on behalf of our customers, and has no direct relationship with the individuals with whom our customers may interact using the service(s). If you are a customer of one of our customers (“End-Customer”) and would no longer like to be contacted by that customer, please contact the customer that you interact with directly. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Intermesh BV’s customer (the data controller). If requested to remove data, we will respond within a reasonable timeframe.

Automated individual decision-making, including profiling Intermesh BV does not make decisions based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

Data Transfer

Intermesh BV stores and processes data, which might include personal information, in the Netherlands. When you access or use our Websites or the Service(s), or otherwise provide information to us, you are consenting, on behalf of you and your authorized agents or End-Customers, (and representing that you have the authority to provide such consent) to the processing and transfer of information in and to the Netherlands which may have different privacy laws from your or their country of origin. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

Data Controller and Data Processor

Intermesh BV does not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Intermesh BV is unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.

Because Intermesh BV does not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, Intermesh BV is not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”) and does not have the associated responsibilities under the GDPR. Intermesh BV should be considered only as a processor on behalf of its Clients and Users as to any Client Data containing Personal Data that is subject to the requirements of the GDPR. Except as provided in this Privacy Policy, Intermesh BV does not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties.

The Client or the User is the data controller under the Regulation for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.

Intermesh BV is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client or User nor is Intermesh BV responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.

Log files

Intermesh BV gathers certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, referring/exit pages, operating system, and/or time stamp. We keep log files up to 4 weeks.


We make daily backups of our data to an offsite location in the Netherlands. We keep backups for 14 days. This has to be taken into account when we process data removal requests.


Intermesh BV uses Matomo for analytics. Matomo Analytics was designed with privacy in mind. It follows even the strictest of privacy laws – like GDPR, HIPAA, CCPA and PECR.

Links to Third Party Sites

Our website contain links to other websites that are not owned or controlled by Intermesh BV. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our website and to read the privacy policies of each and every website that collects personal information.

Public Forums

Our website offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at

Security and protection of Information

At Intermesh, ensuring the security and privacy of our customers' data is our utmost priority. To that end, we have implemented several robust security measures for Group-Office, our collaborative software solution. These measures include:

  1. SSL (Secure Sockets Layer): We utilize SSL encryption to establish a secure, encrypted connection between our server and the user's device. This industry-standard protocol ensures that all data transmitted between the two ends remains encrypted and protected against unauthorized access.
  2. One-Time-Password 2 Factor Authentication: We offer an additional layer of security through two-factor authentication (2FA) using one-time passwords (OTP). This requires users to provide a time-sensitive verification code, typically sent to their mobile devices, along with their regular login credentials. This process significantly diminishes the risk of unauthorized access, even if the user's password is compromised.
  3. fail2ban: We employ the fail2ban system to identify and mitigate potential brute force attacks or any other suspicious activities. By dynamically monitoring login attempts, fail2ban automatically blocks IP addresses from which multiple failed login attempts originate, effectively restricting malicious access attempts.
  4. IP Address Access Control: Group-Office incorporates IP address access control, allowing administrators to restrict access to the software based on specific IP addresses or ranges of addresses. This feature grants administrators greater control over who can access the system, further fortifying the overall security of the application.
  5. Software Security Tests: We regularly conduct comprehensive software security tests to identify and rectify any vulnerabilities or weaknesses in Group-Office. By performing rigorous penetration testing and code reviews, we proactively ensure that our software meets and exceeds the highest security standards, safeguarding the system from potential threats.

These security measures combine to provide Group-Office users with a secure environment in which to collaborate and store their data. We are committed to continuously improving our security practices to guarantee that your sensitive information is always protected.

Core Infrastructure Initiative report:

CII Best Practices

Corrections and Updates

Upon request Intermesh BV will provide you with information about whether we hold, any of your personal information. To request this information please contact us at We allow users of the service(s) or website to access, update or modify their information by clicking on the Account link in the navigation menu or by contacting us at We seek to respond to requests for access or modification as soon as possible and within reasonable timeframe.

Contacting Intermesh BV

If you have any questions about this privacy policy or your dealings with the Intermesh BV, you can contact us by e-mail at

Twitter LinkedIn GitHub Mastodon