Privacy Policy
Last Updated: June 1, 2026
1. Data Controller
Organization: University of Twente
Contact Email: j.a.g.ruiter@student.utwente.nl
Purpose of This Policy: This privacy policy explains how we collect, process, and protect your personal data when you access this website.
2. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
- Legitimate Interest (Article 6(1)(f) GDPR): We collect access logs to analyze and identify automated bots versus legitimate human users, which serves our legitimate research interest in understanding internet bot behavior patterns.
3. Types of Personal Data Collected
We collect the following data through automatic server logs:
| Data Type | Description | Collection Method |
|---|---|---|
| IP Address | Your Internet Protocol (IP) address | Automatic server logging |
| HTTP Request Details | Request method, URL path, HTTP status code, request timestamp | Automatic server logging |
| User-Agent Header | Information about your browser or automated tool | Automatic server logging |
| Request Headers | Referrer information and other standard HTTP headers | Automatic server logging |
| Response Size | Size of the server response to your request | Automatic server logging |
4. No Cookies or Tracking Technologies
This website does not use cookies, web beacons, pixels, or any other tracking technologies. We do not use:
- Session cookies
- Persistent cookies
- Third-party tracking technologies
- Analytics services that store cookies
- Advertising or marketing tracking
Data collection occurs exclusively through standard server access logs, which are inherent to web server operation and do not require consent.
5. Purpose of Data Collection
We collect access log data exclusively for the following research purpose:
- Bot Analysis Research: To analyze and identify patterns of automated bot traffic versus legitimate human user traffic on the internet
- Behavioral Studies: To understand differences in how automated bots interact with web content compared to human users and AI-generated systems
6. Human Traffic Exclusion During Analysis
During our analysis phase:
- Access logs identified as belonging to legitimate human users will be automatically deleted before analysis begins
- We use heuristics and behavioral patterns to distinguish human traffic from bot traffic
- Human users' data will not be included in our bot behavior research
- Only logs identified as bot-generated traffic will be retained for the analysis period
- Please note that our heuristics are not guaranteed to exclude all human traffic. You can request explicit exclusion of analysis by contacting us. This way, you can be sure you're data will not be used in this research.
7. Data Retention Policy
| Data Category | Retention Period | Reason for Deletion |
|---|---|---|
| Access Logs (All) | 2 months from collection date | Research purpose only; data is removed after sufficient analysis window |
| Identified Human Traffic | Deleted immediately upon identification | Not required for research; privacy protection |
| Bot-Identified Traffic | 2 months maximum | Research analysis period; automatic deletion after expiration |
All personal data will be permanently deleted after the 2-month retention period. No backups containing personal data will be retained longer than this period.
8. AI-Generated Content Disclaimer
About This Website
This website and all its content have been generated using artificial intelligence. The following applies:
- Fictional Content: All content, including text, information, and data presented on this site, is entirely fictional and artificially generated
- No Real Information: This website does not contain genuine information, real services, or accurate data about any organization, person, or entity
- Research Purpose Only: This site exists exclusively for research purposes to study behavioral differences between automated bots and AI-generated content systems
- Not for Reliance: Users should not rely on any information provided here for any decision-making purpose
- Bot Behavior Study: We are investigating how web crawlers, bots, and automated systems interact with AI-generated content, and comparing this with human user behavior patterns
9. Data Subject Rights Under GDPR
You have the following rights under the GDPR:
- Right of Access (Article 15): You may request a copy of the personal data we hold about you
- Right to Rectification (Article 16): You may correct any inaccurate personal data
- Right to Erasure (Article 17): You may request deletion of your data at any time
- Right to Restrict Processing (Article 18): You may request that we limit how we use your data
- Right to Data Portability (Article 20): You may request your data in a structured, portable format
- Right to Object (Article 21): You may object to processing of your personal data for legitimate interest purposes
- Right to Not Be Subject to Automated Decision-Making (Article 22): You have the right not to be subject to decisions based solely on automated processing
10. Data Security
We implement appropriate technical and organizational security measures to protect your personal data, including:
- Secure server infrastructure with access controls
- Encrypted transmission of data in transit (HTTPS)
- Limited access to access logs restricted to authorized research personnel
- Automatic deletion mechanisms to ensure compliance with retention periods
11. Sharing of Data
We do not share your personal data with any third parties. Your access logs are used exclusively by the University of Twente research team for the bot analysis research purposes described in this policy.
12. Contact & Data Protection Rights
If you have questions about this privacy policy, wish to exercise your rights, or have concerns about our data processing practices, please contact:
Email: j.a.g.ruiter@student.utwente.nl
Organization: University of Twente