Effective date: February 11, 2026
Last updated: February 11, 2026
EUDI Explained ("we", "us", "our") operates the website eudi-explained.eu. This Privacy Policy explains how we collect, use, and protect information when you visit our website.
1. Who We Are
EUDI Explained is an independent informational website about the European Union Digital Identity Wallet (EUDI). We are not affiliated with the European Commission or any EU member state government. Our goal is to provide clear, accessible information about the EUDI Wallet for citizens across the European Union.
2. What Data We Collect
2.1 Data We Collect Automatically
When you visit our website, the following data may be collected automatically:
- Analytics data (via Google Analytics 4): pages visited, time on page, bounce rate, general geographic region (country/city level), device type, browser type, operating system, and referral source. This data is anonymized and aggregated.
- Server logs: IP address (anonymized), request URL, timestamp, HTTP status code, and user agent string. Server logs are retained for a maximum of 30 days for security purposes.
- Cookies: See Section 5 (Cookie Policy) below.
2.2 Data We Do Not Collect
We do not collect:
- Names, email addresses, or other personally identifiable information
- Financial or payment information
- Login credentials (we have no user accounts)
- Health, biometric, or sensitive personal data
- Data from minors knowingly
3. How We Use Your Data
We use collected data exclusively for:
- Website improvement: Understanding which pages are most useful, identifying broken links, improving navigation and content quality.
- Security: Detecting and preventing abuse, DDoS attacks, and unauthorized access.
- Advertising: Displaying relevant advertisements via Google AdSense to support the free operation of this website. Advertising partners may use cookies to serve ads based on your interests (see Section 5).
4. Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (EU 2016/679), our legal bases for processing are:
- Consent (Art. 6(1)(a) GDPR): For analytics cookies and advertising cookies. You provide consent via our cookie consent banner.
- Legitimate interest (Art. 6(1)(f) GDPR): For essential server logs needed to maintain website security and functionality.
5. Cookie Policy
5.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and understand how visitors interact with the site.
5.2 Cookies We Use
| Cookie | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| cookie_consent | EUDI Explained | Remembers your cookie preferences | 1 year | Essential |
| _ga, _ga_* | Google Analytics | Anonymous visitor statistics | 2 years | Analytics |
| _gid | Google Analytics | Distinguishes visitors | 24 hours | Analytics |
| __gads, __gpi | Google AdSense | Ad personalization and measurement | 13 months | Advertising |
5.3 Managing Cookies
You can manage your cookie preferences at any time through our cookie consent banner. You can also disable cookies through your browser settings:
- Chrome: Settings > Privacy and Security > Cookies
- Firefox: Settings > Privacy & Security > Cookies
- Safari: Preferences > Privacy > Manage Website Data
- Edge: Settings > Cookies and Site Permissions
6. Third-Party Services
6.1 Google Analytics
We use Google Analytics 4 to understand how visitors use our website. Google Analytics collects anonymized data about page views, session duration, and user demographics. Google may process this data on servers in the United States. Google is certified under the EU-US Data Privacy Framework.
You can opt out of Google Analytics by using the Google Analytics Opt-out Browser Add-on.
6.2 Google AdSense
We display advertisements via Google AdSense to support the free operation of this website. Google AdSense may use cookies and web beacons to serve ads based on your prior visits to our website or other websites. You can opt out of personalized advertising by visiting Google Ads Settings or aboutads.info.
7. Data Transfers Outside the EU
Some of our third-party service providers (Google) may process data outside the European Economic Area (EEA). Where such transfers occur, they are protected by:
- EU-US Data Privacy Framework certification
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by the European Commission
8. Data Retention
- Server logs: Deleted after 30 days
- Analytics data: Retained for 14 months (Google Analytics default), then automatically deleted
- Cookie consent preferences: Stored for 1 year, then consent is requested again
9. Your Rights Under GDPR
As a visitor from the European Union, you have the following rights:
- Right of access (Art. 15 GDPR): Request a copy of any personal data we hold about you
- Right to rectification (Art. 16 GDPR): Request correction of inaccurate data
- Right to erasure (Art. 17 GDPR): Request deletion of your personal data
- Right to restrict processing (Art. 18 GDPR): Request limitation of data processing
- Right to data portability (Art. 20 GDPR): Receive your data in a machine-readable format
- Right to object (Art. 21 GDPR): Object to data processing based on legitimate interest
- Right to withdraw consent (Art. 7(3) GDPR): Withdraw cookie consent at any time
To exercise any of these rights, contact us at the address listed in Section 12 below. We will respond within 30 days as required by GDPR.
10. Data Security
We implement appropriate technical and organizational measures to protect your data:
- HTTPS encryption (TLS 1.2+) for all connections
- HTTP Strict Transport Security (HSTS) headers
- Content Security Policy (CSP) headers
- Regular security updates and monitoring
- No storage of sensitive personal data
11. Children's Privacy
Our website is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will promptly delete it.
12. Contact Information
For privacy-related questions, data requests, or complaints, please use our contact form and select the "Privacy / GDPR Request" category. We will respond within 30 days as required by GDPR.
If you are unsatisfied with our response, you have the right to lodge a complaint with your national Data Protection Authority (DPA). A list of EU data protection authorities is available at edpb.europa.eu.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically. Continued use of the website after changes constitutes acceptance of the updated policy.