Skip to content
InfoDPP Logo
InfoDPP
ESPR knowledge hub

Privacy Policy

Last updated: 6 March 2026

InfoDPP.eu ("we", "us", "our") is an educational website about Digital Product Passports and EU ESPR regulations, operated as part of the OriginPass project. This Privacy Policy explains how we handle information when you visit our website.

1. Data Controller

The data controller responsible for this website is the operator of the OriginPass project. For any privacy-related inquiries, please contact us at: contact@infodpp.eu.

2. Data We Collect

This website is primarily informational. We may collect the following data:

  • Technical data: IP address, browser type, operating system, referring URL, pages visited, and time of access — collected automatically via server logs
  • Privacy-friendly usage data collected via Umami analytics, such as page views, referring websites, browser and device type, and approximate location at a non-identifying level.

3. Purpose of Data Processing

We process data for the following purposes:

  • To ensure the website functions correctly and securely
  • To maintain the website, diagnose technical issues, and protect it against abuse
  • To comply with legal obligations

4. Legal Basis (GDPR)

We process personal data based on: (a) our legitimate interest in operating, securing, and maintaining the website (Art. 6(1)(f) GDPR), and (b) compliance with legal obligations where applicable (Art. 6(1)(c) GDPR).

5. Cookies

InfoDPP.eu uses Umami, a privacy-friendly analytics tool, to understand aggregated use of the site and improve our content and user experience. We do not use analytics for advertising purposes and do not intentionally use advertising cookies on the site.

6. Third-Party Services

We may use the following third-party services:

  • Hosting provider — for serving the website
  • CDN — for fast and reliable content delivery
  • Umami Analytics — for privacy-friendly, aggregated website analytics

7. Data Retention

Server logs are retained for a maximum of 90 days. Aggregated analytics data collected via Umami is retained only for as long as needed for reporting, trend analysis, and service improvement.

8. Your Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Object to or restrict data processing
  • Data portability
  • Lodge a complaint with a supervisory authority

To exercise your rights, contact us at: contact@infodpp.eu.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date.