DeWandelaar blogging in 2001 from the summit of the Ngauruhoe volcano in the North Island, New Zealand
DeWandelaar blogging in 2001 from the summit of the Ngauruhoe volcano in the North Island, New Zealand

Ngauruhoe 2001 © DeWandelaar

Home > Privacy Policy

Privacy Policy

DeWandelaar.org (“DeWandelaar”, “I”, or “this Website”) is a personal website and blog operated from the Netherlands.

I value privacy in much the same way I value solo long-distance hiking: I like to be left alone, and I do not enjoy the feeling of someone constantly watching where I go. That principle shapes how this Website is built and how little personal data it collects.

This Privacy Policy explains what information is collected, how it is used, and what choices you have as a visitor.

Last updated: 24 January 2026

Name clarification

The name “DerWanderer” is used on the German-language website as the German-language designation for “DeWandelaar”. Both names refer to the same person and the same rights holder.

Relationship between the websites

DeWandelaar.org is the central website of the organisation.

The websites DeWandelaar.nl and DerWanderer.de are operated by the same individual and form part of the same organisation. Each website serves a different language audience and publishes its own content.

Personal data is processed in accordance with this Privacy Policy for this Website. No automatic sharing of personal data takes place between the websites unless explicitly stated.

What information is collected

This Website is designed to function with as little personal data as possible. Data collection is limited to what is necessary for:

  • Responding to messages you explicitly send
  • Protecting the Website against abuse and misuse
  • Understanding general, anonymous usage patterns
  • Providing optional features such as maps

Identifiable vs anonymous data

Identifiable data can be used to identify you personally, such as your name or email address.

Anonymous data cannot identify an individual and is processed only in aggregated form.

Explicit vs implicit data

Explicit data is information you consciously provide, for example by submitting the contact form. This may include your name, email address, and message content.

Implicit data may be processed automatically when you visit the Website. This may include an anonymised IP address, date and time of access, device and browser type, operating system, language preference, referring pages, and pages visited.

Where technically possible, such data is anonymised at the earliest stage of processing and cannot be reasonably traced back to an individual.

How and why personal data is collected

Contact form

When you contact me via the contact form, you provide your name, email address, and message. This information is used solely to respond to your enquiry.

Messages are sent to me by email and stored on my email server. Contact messages and related correspondence are retained only for as long as reasonably necessary to handle the enquiry and any follow-up, after which they are periodically deleted.

Submitting the contact form constitutes your consent for this processing.

Website security and abuse prevention

The contact form is protected by an automated abuse-prevention mechanism (Cloudflare Turnstile). This mechanism distinguishes human visitors from automated traffic and does not use tracking cookies.

Any data processed by this service is governed by its provider’s own privacy policy.

Legal bases for processing

Personal data is processed on one or more of the following legal bases under Article 6 GDPR:

  • Consent – when you submit the contact form or enable optional features such as maps
  • Legitimate interest – to ensure the security, stability, and technical operation of the Website, including anonymised analytics and abuse prevention
  • Legal obligation – where processing is required under applicable law

Processing is limited to what is necessary for each stated purpose.

Cookies and similar technologies

This Website uses very few cookies and does not use cookies for advertising, profiling, or behavioural tracking.

Necessary cookies

leafext
Purpose: records your consent to load map tiles
Duration: 1 year

Maps are blocked by default. Only after you explicitly enable them are OpenStreetMap tiles loaded, and the leafext cookie is set to remember that choice.

No general cookie banner

No general cookie banner is used because only strictly necessary cookies are set by default. Maps are optional and require explicit user action, which constitutes valid consent for that specific functionality.

Analytics

This Website uses Independent Analytics:

  • No cookies
  • No external data sharing
  • IP addresses anonymised
  • Data processed entirely on the Website’s own infrastructure

Analytics data is processed exclusively to understand aggregated usage trends and cannot be used to identify individual visitors or combined with other datasets.

Third-party services

Maps are provided using OpenStreetMap data. Map tiles are loaded only after explicit consent. Processing by OpenStreetMap is governed by the OpenStreetMap Foundation’s privacy policy.

How personal data is stored and protected

Data is stored on secure hosting and email servers. Security measures include encrypted connections (HTTPS), firewalls, traffic filtering, malware scanning, regular updates, and protection against denial-of-service and brute-force attacks.

Reasonable and appropriate technical and organisational measures are applied to protect personal data.

Sharing of personal data

Personal data is not sold or shared, except where required to operate the services described above or where disclosure is legally required. Only the minimum data legally necessary is disclosed.

When a visitor submits a contact form, an email is sent to DeWandelaar. This email and any subsequent correspondence is stored on the DeWandelaar email server. DeWandelaar periodically deletes this information once the contact request is concluded.

Your rights

You have the right to access, correct, or delete your personal data and to withdraw consent at any time, without affecting the lawfulness of prior processing.

You may lodge a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens.

Websites of third parties

This Website may link to third-party websites. I am not responsible for their content or privacy practices.

Applicable law

This Privacy Policy is governed by Dutch law. Dutch courts have non-exclusive jurisdiction.