Privacy · Last reviewed 2026-05-16
Privacy statement
This statement describes how Stichting Genderinfo i.o. (the foundation) processes personal data on dutchprotocol.com, in accordance with the General Data Protection Regulation (GDPR).
1. Data controller
Stichting Genderinfo i.o., established in the Netherlands. For contact see /contact/.
2. Which data
- Log files: IP address, user agent, date/time, requested page. Retention period: 30 days. Purpose: security and error diagnosis. Legal basis: legitimate interest (art. 6(1)(f) GDPR).
- Email correspondence: Content of messages sent via the email address on the contact page. Retention period: two years or as much longer as needed for handling. Legal basis: consent and legitimate interest.
- Statistics: If activated, a cookieless metric (such as Plausible) that processes no personal data and uses no cross-site tracking.
3. What is not collected
- No third-party tracking cookies.
- No advertising networks.
- No profiles based on health data.
4. Rights of data subjects
Visitors have the right to access, rectification and deletion of their personal data, as well as restriction of processing and data portability. Requests can be made via /contact/. Complaints can be filed with the Dutch Data Protection Authority.