Privacy policy.

Wadden Current is a hobby-grade public dashboard. We collect almost nothing about you, and this page is the proof.

1. Data controller

The data controller is the Wadden Current Collective, c/o J. Verburg, Spoorgracht 27-B, 1781 LS Den Helder, the Netherlands (registry of associations: 87 411 902). For all privacy questions: privacy@teso.live.

2. What we collect when you visit

By default, nothing about you is stored beyond a transient HTTP access log (kept on disk for 14 days then rotated and deleted). That log contains: timestamp, requested URL, HTTP status, response size, user-agent string and a truncated IP address (the last octet zeroed). It is used solely to debug the site and to defend against abuse.

3. What we collect when you write to us

When you use the contact form, your name, email address and the message you sent are received in our mailbox and kept there for two years from the date of our last exchange, then deleted.

4. What we collect when you donate

If you tip the project via the "donation jar" link (occasionally posted on the about page), the payment processor receives your name, email and card details. We see only your name, your email, the amount, and an opaque transaction reference. We never see, store or process card numbers.

5. What we don't collect, ever

• No persistent IP addresses.
• No third-party analytics (no Google Analytics, no Matomo, no Plausible, nothing).
• No advertising or behavioural cookies.
• No browser fingerprinting, session replay, or heatmaps.
• No social-media pixels of any kind.

6. Legal basis

For the contact-form mailbox: your explicit consent (you knew what you were sending and to whom). For the access log: legitimate interest in operating and defending a public website. For donations: contract performance and statutory accounting under Dutch law.

7. Where the data lives

All data is held on a single virtual machine located in an EU data centre operated by a Netherlands-based hosting provider, encrypted at rest, and backed up nightly to a second EU region. No data is transferred outside the European Economic Area.

8. Your rights under the GDPR

If you are in the EEA you have the right to access, correct, delete, restrict, port or object to the processing of your personal data, and to withdraw consent at any time. You also have the right to complain to the Dutch Autoriteit Persoonsgegevens — autoriteitpersoonsgegevens.nl.

To exercise any of these rights, write to privacy@teso.live. We respond within one calendar month.

9. Changes

If we change this policy, we will publish a new version with a new effective date. Substantive changes will be highlighted at the top of the page for at least 30 days.