W-ICT

Privacy & analytics

Privacy statement

W-ICT processes as little data as possible, stores no IP addresses and uses no external trackers. Below is exactly what does happen, and on what legal basis.

Last updated: 22 June 2026

Data controller

W-ICT, based in the Netherlands. Questions about privacy? Email wesley@w-ict.nl. Chamber of Commerce: 81921330.

The contact form

If you use the contact form, we process your name, email address, any organisation and your message. Purpose: to answer your question and, if an engagement comes out of it, to prepare for it.

  • Legal basis: performance of, or steps prior to, a contract at your request; otherwise a legitimate interest in responding to your message.
  • Recipients: no one. Messages arrive in a private admin environment and are not shared with third parties or used for marketing.
  • Retention: as long as needed to handle your question or the engagement; deleted afterwards.

Visitor statistics (first-party, cookieless)

To see how the site is used, we keep simple statistics on our own server, not via Google Analytics or any other external service. What we measure:

  • which pages are visited;
  • the referring website and any campaign parameters;
  • the country of origin;
  • a few interactions on the site (for example a click on a contact button).

What does not happen here

  • No cookies and no storage on your device.
  • Your IP address is not stored.
  • No external trackers; fonts are self-hosted.
  • No profiling and no tracking of your behaviour across other websites.

Honest about what it is

To count visits roughly without tracking you, we create an encrypted daily token: a hash of your IP address and browser, with a key that changes every day. We use your IP address briefly to determine the country and then discard it; it is not retained anywhere.

This daily token is pseudonymous, not fully anonymous: within a single day it's a stable identifier, and under a strict reading of the GDPR that, like the brief processing of the IP address into a country, can count as processing of personal data. That's why we're transparent about it rather than calling it “anonymous”.

  • Legal basis: legitimate interest (Article 6(1)(f) GDPR): insight into the use of our own site, in a privacy-friendly way. The balancing test is documented.
  • Retention: individual events are deleted automatically after 90 days; after that only aggregated figures remain.

Cookies

No cookies are placed for the statistics and nothing is stored on or read from your device. That's why the public site needs no cookie banner. This is the cookie question (ePrivacy), which is separate from the GDPR basis above. The only cookie that occurs is a strictly necessary login cookie in the private admin area; it does not affect visitors.

Security

Traffic is encrypted over HTTPS. Access to data is limited to one administrator and protected with strong authentication. Secrets are stored encrypted.

Your rights

You have the right to access, rectify and erase your data, and you can object to processing based on legitimate interest. Send a message to wesley@w-ict.nl. You can also lodge a complaint with the Dutch Data Protection Authority.

Changes

This statement may be updated as the site or the way of working changes. The date at the top indicates the last change.