You and the persons who you grant access. No-one else.
Your data is stored in the Netherlands, and hence protected by strictest data protection and privacy laws in the world, the GDPR.
GDPR
GDPR sets a high standard for data protection and privacy rights across the European Union (EU). It requires organizations to obtain explicit consent from individuals before collecting their data, mandates transparency in data processing, and grants individuals the right to access, rectify, and delete their data. The regulation applies to all organizations processing the personal data of EU residents, regardless of where the organization is based, making it a globally influential framework.
USA Patriot Act
In contrast, data and privacy laws in the United States are more fragmented and sector-specific, with no comprehensive federal law equivalent to the GDPR. However, certain legislation, like the USA PATRIOT Act, has raised concerns regarding privacy. Enacted in response to the September 11 attacks, the Patriot Act expanded the surveillance capabilities of U.S. law enforcement and intelligence agencies, allowing for the collection of vast amounts of data for national security purposes. It provides the government with the authority to access personal data without the individual's knowledge, under certain circumstances.