Skip to main content
EU Whistleblower Directory

Privacy policy

How the EU Whistleblower Directory handles data. No accounts, no forms, no cookies — cookieless analytics and standard server logs only.

Last updated: June 17, 2026

The EU Whistleblower Directory (“the Directory”, “we”, “us”) is an informational website. It has no user accounts, no sign-up, no contact forms, and sets no cookies. This page explains the limited data involved in operating it.

1. Who operates this site

The Directory is operated by Yaroslav Shmarov, registered at ul. Obrzeżna 1A, 02-691 Warsaw, Poland. For any privacy question, contact [email protected].

The Directory is not affiliated with, endorsed by, or connected to the European Union or any EU institution.

2. We do not collect personal data

The Directory does not ask you to register, log in, or submit any information. We do not set cookies, we do not use advertising or cross-site tracking, and we do not build profiles of visitors.

3. Analytics

We use Plausible Analytics to understand aggregate traffic (page views, referrer, browser type, country). Plausible is privacy-friendly by design:

  • It is hosted in the European Union (Germany).
  • It sets no cookies and uses no persistent identifiers.
  • IP addresses are processed transiently to derive a country and are never stored in their original form.
  • The data is aggregated and cannot be used to identify you.

Because nothing is stored on your device, no cookie consent banner is required. See Plausible’s data policy for details. Our legal basis is legitimate interest (GDPR Article 6(1)(f)) in understanding how the Directory is used.

4. Server and CDN logs

The site is delivered through Cloudflare, which processes standard request metadata (such as IP address and user agent) to deliver pages and protect against abuse. These logs are used only for security and reliability, never for advertising or tracking. Cloudflare may process this data outside the EU; see Cloudflare’s privacy policy.

Links from the Directory to vendor websites carry a utm_source=whistleblowertools.eu parameter so vendors can attribute their inbound traffic. This parameter identifies the Directory as the referrer — it does not identify you, and the Directory receives no payment, commission, or affiliate revenue from any vendor listed. Once you follow an outbound link, the destination site’s own privacy policy applies.

6. Your rights

Under the General Data Protection Regulation (GDPR) you have the right to access, rectify, erase, restrict, or object to the processing of your personal data, and to lodge a complaint with your national data protection supervisory authority. Because the Directory stores no identifiable visitor data, there is usually nothing to act on — but you can reach us at [email protected] with any request.

7. Changes to this policy

We may update this policy from time to time. The “Last updated” date above reflects the most recent revision.