Last updated: June 29, 2026
This Privacy Policy explains how PIRIDI (piridi.net) collects, uses, and protects personal data in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and Organic Law 3/2018 on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD).
The data controller responsible for processing your personal data is:
Academic data you enter on the platform: inscriptions, artefacts, findspot records, prosopographic entries, bibliographic references, images, and comments. This data forms the core content of PIRIDI and is associated with your account in the activity log.
Aggregated usage statistics collected through Google Analytics via Cloudflare proxy. See Section 5 (Cookies) for details.
We process your data for the following purposes and on the following legal bases under GDPR art. 6:
| Purpose | Legal basis |
|---|---|
| Account management and authentication | Contract performance — art. 6(1)(b) |
| Providing platform services | Contract performance — art. 6(1)(b) |
| Security, spam, and fraud prevention | Legitimate interest — art. 6(1)(f) |
| Attribution of research contributions | Legitimate interest — art. 6(1)(f) |
| Platform analytics and improvement | Consent — art. 6(1)(a) |
| Transactional emails (email verification, notifications) | Contract performance — art. 6(1)(b) |
We share data with the following processors, each bound by GDPR-compliant data processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| DigitalOcean | Server hosting | AMS3, Amsterdam, Netherlands (EU) |
| Amazon Web Services (S3) | File and image storage | eu-west-3, Paris, France (EU) |
| Google Analytics (via Cloudflare) | Usage analytics | Google LLC, USA (SCCs apply — see §6) |
| Cloudflare | CDN, proxy, and security | Global network |
| Amazon SES (Simple Email Service) | Transactional email delivery | Amazon Web Services, Inc., USA (SCCs apply — see §6) |
PIRIDI uses two categories of cookies:
| Cookie | Category | Purpose | Duration |
|---|---|---|---|
| laravel_session | Strictly necessary | Maintains your authenticated session | Session |
| XSRF-TOKEN | Strictly necessary | Protects against Cross-Site Request Forgery (CSRF) attacks | Session |
| _ga, _gid | Analytics | Distinguishes users for Google Analytics | 2 years / 24 h |
| _gcl_au | Analytics | Conversion tracking via Google | 90 days |
Strictly necessary cookies do not require consent and are essential for the platform to function. Analytics cookies require your consent. You can opt out of Google Analytics tracking at any time via your browser settings or using the Google Analytics opt-out browser add-on.
Data processed by Google Analytics and Amazon SES is transferred to the United States — to Google LLC and Amazon Web Services, Inc. respectively. These transfers are protected by Standard Contractual Clauses (SCCs) as approved by the European Commission pursuant to GDPR art. 46(2)(c), ensuring an adequate level of protection for your personal data.
Cloudflare may route traffic through servers outside the EU/EEA as part of its global network. Data is processed in accordance with Cloudflare's GDPR commitments and SCCs. Our server hosting (DigitalOcean AMS3) and file storage (AWS S3 eu-west-3) are located within the EU and do not involve international transfers.
Under GDPR (arts. 15–22) you have the following rights:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
We implement appropriate technical and organisational security measures to protect your personal data, including:
PIRIDI is an academic research platform intended for researchers and students aged 16 or over. We do not knowingly collect personal data from persons under 16. If you believe that a person under 16 has registered, please contact us at [email protected] so we can take appropriate action.
We may update this Privacy Policy from time to time. Registered users will be notified of material changes by email. The date at the top of this page indicates the last revision. We encourage you to review this page periodically.
For all data protection matters, or to exercise your rights, please contact: [email protected].