eualternative.eu privacy policy — score 94/100 (low risk)
Utolsó elemzés
A jelentés tartalma (összefoglaló, megállapítások, idézetek) angolul készült és nincs lokalizálva.
Nineties Engineering OÜ · eualternative.eu
Jelentés részletei
low kockázatNineties Engineering OÜ's website EU Alternative is a model of privacy-by-design, collecting almost no personal data, avoiding all tracking, and keeping everything hosted exclusively in the EU.
Nineties Engineering OÜ's website EU Alternative is a model of privacy-by-design, collecting almost no personal data, avoiding all tracking, and keeping everything hosted exclusively in the EU.
Kategória szerinti értékelés
A szabályzat bontása a fő megfelelőségi területekre. Jó = erős, közepes = vegyes, gyenge = aggasztó.
Collection is strictly limited to voluntary contact form submissions and anonymous aggregated statistics, backed by an explicit no-logs policy and no tracking cookies.
The policy is written in plain language and clearly identifies the controller, purposes, legal bases, and user rights, though it lacks specifics on cookie names and exact retention days.
Only Plausible Analytics is disclosed as a third party for anonymous statistics, with no advertising trackers or data sales, but an explicit Article 28 DPA is not confirmed.
The policy explicitly states exclusive EU hosting and affirms that personal data is not transferred to third countries outside the EU/EEA.
The policy is entirely silent on whether user data is used for AI or model training, leaving users unable to verify this practice despite the otherwise minimal data collection.
All major GDPR rights are clearly listed with specific articles cited, and contact details for both the controller and the Estonian supervisory authority are provided.
Fő megállapítások
Fontos záradékok, problémák vagy jó gyakorlatok (kritikusak először)
Vague retention periods
Retention periods for contact form messages are vague, stating they are kept only 'as long as needed to handle your enquiry and any related follow-up,' without specifying a concrete maximum timeframe or automatic deletion schedule.
Missing DPA confirmation
While Plausible Analytics is described as GDPR-compliant, the policy does not explicitly confirm whether a written Data Processing Agreement under Article 28 GDPR has been concluded with them.
Silent on AI training
The policy is completely silent on whether user data—particularly contact form submissions—is ever used for AI or machine-learning model training.
Unspecified spam cookies
The strictly necessary cookies used for spam protection on the contact form are mentioned but lack specifics on their name, provider, duration, or the exact data they process.
No server logs
The website explicitly states that servers are configured to not log any information, which is an exceptional privacy-by-design measure that eliminates a common source of personal data leakage.
Összefoglaló a felhasználónak
Nineties Engineering OÜ's website EU Alternative is a model of privacy-by-design, collecting almost no personal data, avoiding all tracking, and keeping everything hosted exclusively in the EU.
Megfelelőségi helyzet
strong
EU-s átvitelek
EU-only hosting with no third-country transfers described.
Észlelt jelek
A szövegben azonosított konkrét adatok és gyakorlatok
Bizonyító részletek
Közvetlen idézetek a szabályzatból e megállapítások alátámasztására
Server logs: our servers are configured to not log any information.
Contact form messages are kept for as long as needed to handle your enquiry and any related follow-up, and then deleted.
We use Plausible Analytics, a GDPR- and ePrivacy-compliant tool that does not use cookies and does not collect IP addresses.
This website is hosted exclusively on servers located within the European Union. Personal data processed in connection with this website is not transferred to third countries outside the EU/EEA.
The only cookies that may be set are strictly necessary cookies on the contact form, used solely to help protect the form against spam and abuse.
Hiányzó vagy nem egyértelmű
- No mention of AI or machine-learning model training practices or an opt-out mechanism.
- No specific retention schedule or automatic deletion timeframe for contact form personal data.
- No explicit confirmation of an Article 28 GDPR Data Processing Agreement with Plausible Analytics.
- No details on the spam protection cookie provider, cookie names, or expiration periods.
- No information on data backup practices, locations, or retention.
- No description of personal data breach notification procedures.
Felteendő kérdések
- What is the maximum retention period for contact form submissions, and is deletion performed automatically after a fixed number of days?
- Is a written Data Processing Agreement under Article 28 GDPR in place with Plausible Analytics?
- What specific spam protection cookies are set on the contact form, who provides them, and what is their expiration period?
- Are contact form submissions or any other user data ever used to train AI or machine-learning models?
- Are backups of contact form data created, and if so, where are they stored and for how long?
Elemzés megosztása
Bárki, aki rendelkezik ezzel a linkkel, megtekintheti a fenti eredményt.
A DentroChat készítette
100%-ban európai AI chat mindenkinek
Csevegj AI-val, dolgozz fájlokkal, generálj képeket és keress a weben. Az adatok Európában maradnak.