Weerstation Griftsemolen - Vaassen (GE)

NL

Privacy Statement

Transparent information about how we handle your privacy

AVG/GDPR Privacy-First March 31, 2026

Table of Contents

Introduction

Welcome to the Weerstation Griftsemolen dashboard. Privacy is important to us. This statement clearly explains what data we collect and how we handle your visit to our website.

💡 Spoiler: We collect almost no personal data and do not use tracking cookies.

Data Collection

Weather Data

Our weather station collects meteorological data such as temperature, humidity, wind speed, precipitation, air pressure and air quality (AQI, PM2.5, PM10, NO2). This data is completely anonymous and does not contain any personal information.

Anonymous
Visitor Statistics & Application Logs

For privacy-friendly website improvements we collect minimal, anonymised statistics:

  • Browser type and version (for compatibility)
  • Operating system (Windows/Mac/Linux/iOS/Android)
  • Device type (Desktop/Mobile/Tablet)
  • Country and city (via geo-IP lookup)
  • Traffic source category (Direct/Search engine/Social/Link, no specific URLs)
  • Visited page (path name only, no query parameters)
  • Time of visit (for usage patterns)
This minimal data is processed locally in aggregated statistics. IP addresses are anonymised immediately upon collection. Bots are automatically filtered out (95%+ accuracy). No cross-site tracking, no external analytics services.
Application Logs
Technical logs are stored in a structured format (Monolog JSON format) at WARNING+ level to limit volume. Contains only operational events (errors, warnings, critical issues), no routine database connections. Automatic rotation after 7 days, storage on Dutch servers.
What we do NOT collect
  • Names, emails, phone numbers
  • Addresses or other personal data
  • Social media integration
  • External tracking
  • Marketing cookies
  • Third-party analytics

Data Usage

Weather Data Display

Public meteorological data - no personal information

Security

Detection of abuse - IP is anonymised immediately upon collection

Visitor Analysis

Internal statistics about website usage for UX improvements (no external analytics)

Cookies & Storage

Technical Cookies

Essential cookies for website functionality

  • Website functionality
  • Retention: Session
  • Not required
Theme Preference

Remembers your dark/light mode choice

  • Dark/light mode preference
  • Retention: 1 year
  • Not required
UI Optimisation

Screen resolution for responsive design improvement

  • Screen resolution detection
  • Retention: Session
  • Not required
Privacy Preference

Respects your choice to disable tracking

  • Opt-out for visitor statistics
  • Retention: 1 year
  • Not required
No Tracking Cookies
Privacy first: We do not use Google Analytics, Facebook Pixel, or other external tracking services. All data remains locally on Dutch servers.

Data Sharing

Minimal external integrations
We keep external integrations to a minimum. All weather data is collected and presented locally. We only use the following trusted services:

For detailed information about all external services, see the External Services section below.

Security & Storage

Hosting & Security
  • Dutch server (EU) - GDPR compliant
  • HTTPS via Nginx Proxy Manager (Let's Encrypt SSL/TLS)
  • End-to-end TLS 1.2+ encryption
  • HTTP/2 & HTTP/3 (QUIC) for performance
  • Secure configuration with environment variables
  • Regular security updates
  • Fail2ban security monitoring active
  • Input validation and sanitization
  • Coordinate validation for geographic data
  • Secure cache key generation
  • Rate limiting protection
  • Automatic code quality checks
Data Retention
  • Visitor statistics: Anonymised immediately (IP)
  • Weather data: Permanent (anonymous)
  • Sessions: Until browser closes
  • Cache data: Temporary (10 seconds - 30 minutes)
  • Application logs: 7 days (anonymised)

Your Rights (GDPR)

Because we do not collect personal data, most GDPR rights do not apply. However, you can:

Access to possible server logs
Deletion of IP from logs
Questions about privacy practices
Object to processing

External Services

Service Purpose Data Exchange Privacy
Open-Meteo Weather forecast, air quality & climate data (KNMI HARMONIE 2km) Location-based API calls (no API key required) 100% Anonymous
KNMI MeteoAlarm Official weather warnings Netherlands Public API calls via hybrid system Anonymous
Buienradar Live rain intensity & precipitation data Public API calls without authentication Anonymous
ip-api.com Geo-IP lookup for country statistics IP address for country detection on first visit IP sent
CumulusMX Real-time local weather station data Local LAN connection (no internet) Fully Local
HTTPS / TLS SSL/TLS Encryptie (TLS 1.2+ via Let's Encrypt) Nginx Proxy Manager SSL termination, auto-renewal Secured
Tabler CSS UI Framework & Styling Locally hosted stylesheet (no CDN) No tracking

Contact

Website

www.weerstation-griftsemolen.nl

Location

Vaassen, Netherlands

E-mail

info@weerstation-griftsemolen.nl

For privacy-related questions you can contact us via the above email address. See also the Contact page.

Changes

We may update this privacy statement to reflect new features or legal requirements. Important changes will be indicated by the "Last updated" date at the top of this page.

Summary
Privacy-first approach: This weather station dashboard collects no personal data, uses no tracking cookies, and shares no information with third parties. We focus purely on displaying local weather data with minimal data footprint.

Privacy updates: Improved data anonymisation, minimal data collection, local storage, air quality monitoring without personal data, and theme preference storage ensure an optimal privacy experience.

API Consolidation (December 2025): Complete migration to Open-Meteo as exclusive weather provider, removal of all legacy APIs (MeteoServer, OpenWeatherMap, Weerlive) for simplified and more privacy-friendly architecture without unnecessary external dependencies.

Security improvements: Extended InputValidator class for type-safe validation, stricter session security with stricter regex, coordinate validation for geographic data, secure cache key generation, rate limiting protection, updated CSP policy, and improved error logging ensure optimal security and system performance.
Back to Dashboard