Privacy & Cookie Policy
Last updated: 14 June 2026
This policy explains what personal data MeteoFeed processes, the cookies it uses, and your rights under the EU General Data Protection Regulation (GDPR) and the ePrivacy Directive. The weather data the API returns is aggregated from authoritative public sources and is not personal data.
1. Who we are
MeteoFeed is operated by AW ICT (the “data controller”), Meppel, the Netherlands. For any privacy question or to exercise your rights, contact us at info@awict.nl.
2. What we collect
- Account data — your name and email address when you request access or register, and your chosen plan.
- API usage — for each request: the API key used, endpoint, status, response time, timestamp and the originating IP address (for quota enforcement, abuse prevention and aggregate statistics).
- Website logs — server-side page-view records (IP address, page, referrer, user-agent) used as our own private, aggregate analytics; no third-party analytics or advertising cookies are used.
- Support & billing — the content of support tickets and the invoices we issue for paid plans.
3. Cookies we set
The website uses a small number of cookies. The first four are strictly necessary or functional and are set without consent; Google Maps cookies are only set after you accept them.
| Cookie | Purpose | Type | Retention |
|---|---|---|---|
meteofeed_session | Keeps you signed in and secures forms (session). | Essential | Session / ~2 h |
XSRF-TOKEN | Cross-site request forgery (CSRF) protection. | Essential | Session / ~2 h |
mf_consent | Remembers your cookie choice on this banner. | Essential | 6 months |
mf_lang / locale | Remembers the interface language you selected. | Functional | 1 year |
Google Maps (NID etc.) | Set by Google only if you accept, when the contact-section map loads. Third-party. | Consent | Per Google’s policy |
You can change or withdraw your choice at any time via “Cookie settings” in the website footer. We use no analytics, advertising or social-media tracking cookies. Our web fonts are served by Bunny Fonts, which is cookieless and GDPR-compliant.
4. Third parties & processors
- Google Maps — only loaded on the contact section after you consent; this transfers data to Google (United States). You can use the address text instead and never load it.
- Email — transactional email (verification, invoices, alerts) is sent via our SMTP relay.
- OpenStreetMap / Nominatim — used server-side for geocoding place names; no cookies are set on your device.
- Our application and databases run on our own servers in the EU; we do not sell personal data.
5. Legal bases (GDPR Art. 6)
- Contract — to provide the API and your account.
- Legitimate interest — security, abuse prevention and aggregate, non-identifying analytics.
- Consent — loading Google Maps and any future non-essential cookies.
- Legal obligation — keeping invoices for tax and accounting.
6. Retention
Account data is kept while your account is active and for as long as needed to meet legal obligations (e.g. invoices). Usage and website logs are retained only as long as necessary for security and statistics and are then deleted or aggregated. You can request deletion of your account at any time.
7. Your rights
Under the GDPR you have the right to access, rectify, erase, restrict or port your data, to object to processing, and to withdraw consent at any time. To exercise any of these, email info@awict.nl. You also have the right to lodge a complaint with your supervisory authority — in the Netherlands, the Autoriteit Persoonsgegevens.
8. Changes
We may update this policy; the “last updated” date above will change accordingly. Material changes will be reflected on this page.