← Back

Legal

Privacy Notice

What AgriNAT stores, what it does not, and who sees your data.

Last updated: 2026-04-15

Short version

AgriNAT has no analytics, no advertising, no tracking, and no third-party marketing scripts. We do not build a profile of you. The only personal data involved is your IP address, which is briefly seen by our hosting provider and by the map tile servers when their tiles load in your browser.

Who runs this site

AgriNAT is an independent research and education project by Tugberk Samur, Sustainable Business Lecturer at Hotel Management School Maastricht (Zuyd University of Applied Sciences). For privacy questions, email [email protected].

What we store

  • Server access logs. Our hosting (VPS + Cloudflare in front) logs standard request metadata (IP address, timestamp, URL, user agent) for security and abuse-prevention purposes. Logs are retained for a short period and are not linked to any identity.
  • One functional cookie: NEXT_LOCALE. Set only when you change the site language. It stores the chosen language code so the site loads in that language next time. No tracking, no identifier.

What we do not do

  • No Google Analytics, Plausible, Matomo, or any other analytics.
  • No advertising networks, no ad pixels, no retargeting.
  • No Facebook Pixel, no LinkedIn Insight, no social trackers.
  • No error-tracking SDKs (Sentry, etc.) on the client.
  • No user accounts, no login, no profile building.
  • No selling or sharing of data for marketing.

Third parties

When you load the map, your browser fetches tile images directly from these providers, which means those providers see your IP address:

  • Carto (basemaps.cartocdn.com) — light basemap. Carto privacy policy.
  • Esri / ArcGIS (server.arcgisonline.com, wayback.maptiles.arcgis.com) — satellite imagery and historical satellite. Esri privacy policy.
  • Website Carbon (unpkg.com) — a lightweight badge on the landing page footer that estimates and displays the page's carbon emissions. Makes one API call per day, caches the result locally. No cookies, no tracking.
  • Cloudflare — CDN and DDoS protection in front of our server. Cloudflare privacy policy.

These providers do not set tracking cookies on tile requests, but they do receive your IP address as a technical necessity of serving the content to your browser.

Legal basis (GDPR)

The minimal processing described above (server logs, functional locale cookie, map tile delivery) is based on our legitimate interest in operating a functional, secure website (Art. 6(1)(f) GDPR). Because there are no non-essential cookies or tracking, no consent banner is required.

Your rights

Under GDPR you have the right to access, rectify, or request erasure of any personal data we hold about you, and to lodge a complaint with a supervisory authority. In practice, because we do not build profiles or store identifiers, there is very little we could retrieve beyond short-lived access logs. To make a request, email [email protected].

Changes

If this notice changes materially (for example, if analytics are ever added), the change will be listed here with a new date.